santander.co.uk-authorize-activity.review Open in urlscan Pro
66.29.137.15  Malicious Activity! Public Scan

Submitted URL: https://santander.co.uk-authorize-activity.review/
Effective URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/
Submission: On June 15 via automatic, source certstream-urgent

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 66.29.137.15, located in United States and belongs to NAMECHEAP-NET, US. The main domain is santander.co.uk-authorize-activity.review.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 15th 2021. Valid for: a year.
This is the only time santander.co.uk-authorize-activity.review was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
2 26 66.29.137.15 22612 (NAMECHEAP...)
24 1
Apex Domain
Subdomains
Transfer
26 uk-authorize-activity.review
santander.co.uk-authorize-activity.review
449 KB
24 1
Domain Requested by
26 santander.co.uk-authorize-activity.review 2 redirects santander.co.uk-authorize-activity.review
24 1

This site contains no links.

Subject Issuer Validity Valid
santander.co.uk-authorize-activity.review
Sectigo RSA Domain Validation Secure Server CA
2021-06-15 -
2022-06-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/
Frame ID: 1D1D546B85FE0ED56BD46BEB04C99605
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://santander.co.uk-authorize-activity.review/ Page URL
  2. https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e HTTP 301
    https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/ HTTP 302
    https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

448 kB
Transfer

1029 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://santander.co.uk-authorize-activity.review/ Page URL
  2. https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e HTTP 301
    https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/ HTTP 302
    https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
santander.co.uk-authorize-activity.review/
728 B
789 B
Document
General
Full URL
https://santander.co.uk-authorize-activity.review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
38c9f6dece5638fe41c6eee61b0b1c4b12b48dfc02b31048fddb1b87d0223ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
santander.co.uk-authorize-activity.review
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:54 GMT
server
Apache
x-powered-by
PHP/7.2.34
set-cookie
real=OK
vary
Accept-Encoding
content-encoding
gzip
content-length
451
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
Primary Request /
santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/
Redirect Chain
  • https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e?
  • https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/?
  • https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
17 KB
4 KB
Document
General
Full URL
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
9a6c188ac7c5058d7997e68edbbaa83774d8e36c140a61e6f0b5d938ed2334a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
santander.co.uk-authorize-activity.review
:scheme
https
:path
/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://santander.co.uk-authorize-activity.review/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://santander.co.uk-authorize-activity.review/

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
server
Apache
x-powered-by
PHP/7.2.34
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
vary
Accept-Encoding
content-encoding
gzip
content-length
3411
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

date
Tue, 15 Jun 2021 15:15:56 GMT
server
Apache
x-powered-by
PHP/7.2.34
set-cookie
bid=94db7d3e854a71e0a963dcdc2a2cf49e; expires=Thu, 15-Jul-2021 15:15:56 GMT; Max-Age=2592000; path=/
location
login/?
content-length
0
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
jquery.min.js
santander.co.uk-authorize-activity.review/bower_components/jquery/dist/
85 KB
30 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/bower_components/jquery/dist/jquery.min.js
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bower_components/jquery/dist/jquery.min.js
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Jun 2017 07:55:06 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
30138
x-content-type-options
nosniff
ua-parser.min.js
santander.co.uk-authorize-activity.review/bower_components/ua-parser-js/dist/
17 KB
6 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bower_components/ua-parser-js/dist/ua-parser.min.js
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 12:16:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
6063
x-content-type-options
nosniff
font-awesome.min.css
santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bower_components/font-awesome/css/font-awesome.min.css
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 09 Apr 2017 08:29:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
7053
x-content-type-options
nosniff
core_form.js
santander.co.uk-authorize-activity.review/core/form/
18 KB
5 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/core/form/core_form.js
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
ec13a1049e6f905a5ab753a9690b2058a5b045efa4f12f816d75690ad580b282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/core/form/core_form.js
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Aug 2020 09:37:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
4382
x-content-type-options
nosniff
core_token.js
santander.co.uk-authorize-activity.review/core/token/
14 KB
2 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/core/token/core_token.js
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
98ed5c079b6b9b5bc5eb6ce20923838d97037c7279b2cef93e703d33ff387667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/core/token/core_token.js
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Aug 2020 14:09:50 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1618
x-content-type-options
nosniff
core_form.css
santander.co.uk-authorize-activity.review/core/form/
5 KB
1 KB
Stylesheet
General
Full URL
https://santander.co.uk-authorize-activity.review/core/form/core_form.css
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
f0f4d797fd21919c207d40e7b25ae2ccc0c7d5740f80ae18f45d858f6ae1f3f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/core/form/core_form.css
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jun 2020 09:18:56 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
962
x-content-type-options
nosniff
angular.min.js
santander.co.uk-authorize-activity.review/bower_components/angular/
165 KB
58 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/bower_components/angular/angular.min.js
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/bower_components/angular/angular.min.js
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Aug 2017 18:37:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
css.css
santander.co.uk-authorize-activity.review/login/form/
2 KB
693 B
Stylesheet
General
Full URL
https://santander.co.uk-authorize-activity.review/login/form/css.css
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
6e8cc47c5408210c598b2b864fe449a4852074587509b27482bbd806652e47e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/form/css.css
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 May 2020 14:28:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
367
x-content-type-options
nosniff
styles.9bd92f791a36a38fcaea.css
santander.co.uk-authorize-activity.review/login/
231 KB
31 KB
Stylesheet
General
Full URL
https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
3bd3454f236ea3d17723a511abd4e912803f8023405513f25f0831dd316b2a8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/styles.9bd92f791a36a38fcaea.css
pragma
no-cache
cookie
real=OK; bid=94db7d3e854a71e0a963dcdc2a2cf49e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:56 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jun 2020 19:44:36 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
31561
x-content-type-options
nosniff
asset-3-3-x@2x.png
santander.co.uk-authorize-activity.review/login/
77 KB
77 KB
Image
General
Full URL
https://santander.co.uk-authorize-activity.review/login/asset-3-3-x@2x.png
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
08f86c6496d80636195dd2e2037f5c141f65ed6b969514531e61512ea239c5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/asset-3-3-x@2x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
78770
x-content-type-options
nosniff
header-logo.png
santander.co.uk-authorize-activity.review/login/
3 KB
3 KB
Image
General
Full URL
https://santander.co.uk-authorize-activity.review/login/header-logo.png
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
f700c3638638b62b07e614c8cae5665cf4bfa956452ab4e6fea5a15965fc40f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/header-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
2795
x-content-type-options
nosniff
alert.svg
santander.co.uk-authorize-activity.review/login/
773 B
722 B
Image
General
Full URL
https://santander.co.uk-authorize-activity.review/login/alert.svg
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
b83d953dffa76bd792e8eb0282d474d089431ead1aaa6d833faf2321ed1d52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/alert.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
391
x-content-type-options
nosniff
asset-2.png
santander.co.uk-authorize-activity.review/login/
3 KB
4 KB
Image
General
Full URL
https://santander.co.uk-authorize-activity.review/login/asset-2.png
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
1bca034dc76dab33232d41f7f9705fced08c4b48c90e23bd737e4b610d1b6df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/asset-2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
3569
x-content-type-options
nosniff
form.js
santander.co.uk-authorize-activity.review/login/form/
3 KB
1 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/login/form/form.js?v=60c8c42cc1013
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
b88603292866f4f76b0c828d21a5bf55b3647242348ac6b30cbec4b8082b90fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/form/form.js?v=60c8c42cc1013
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 May 2020 20:40:54 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
744
x-content-type-options
nosniff
ng.js
santander.co.uk-authorize-activity.review/login/ng/
5 KB
2 KB
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/login/ng/ng.js?v=60c8c42cc1017
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
b19d7a999c607b78f2fedfb8d3c3c52547c01e82bf6a1e46364577421a38f1bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/ng/ng.js?v=60c8c42cc1017
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 May 2020 14:42:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1444
x-content-type-options
nosniff
token.js
santander.co.uk-authorize-activity.review/login/token/
1 KB
869 B
Script
General
Full URL
https://santander.co.uk-authorize-activity.review/login/token/token.js?v=60c8c42cc1019
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
3c670ab8d8164ebcfcb361cc6d4fcf78526d20e82ff9d1704e4b29324efe6def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/login/token/token.js?v=60c8c42cc1019
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:57 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Jun 2020 11:50:14 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
529
x-content-type-options
nosniff
SantanderTextW05-Regular.77501c6e88280139f847.ttf
santander.co.uk-authorize-activity.review/login/
138 KB
69 KB
Font
General
Full URL
https://santander.co.uk-authorize-activity.review/login/SantanderTextW05-Regular.77501c6e88280139f847.ttf
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
3c34b516dc489a5ff3cb121a73b6cfc25ec0920394b2d3b742d30201e71e6e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://santander.co.uk-authorize-activity.review
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lng=en
:path
/login/SantanderTextW05-Regular.77501c6e88280139f847.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://santander.co.uk-authorize-activity.review
Referer
https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
SantanderHeadlineW05-Rg.838addf7f1e08ecb31f9.ttf
santander.co.uk-authorize-activity.review/login/
138 KB
69 KB
Font
General
Full URL
https://santander.co.uk-authorize-activity.review/login/SantanderHeadlineW05-Rg.838addf7f1e08ecb31f9.ttf
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
cf2166ed0037c6f2797c0774063ecc0275cd08473aeff74cf79dc510bb60398b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://santander.co.uk-authorize-activity.review
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lng=en
:path
/login/SantanderHeadlineW05-Rg.838addf7f1e08ecb31f9.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://santander.co.uk-authorize-activity.review
Referer
https://santander.co.uk-authorize-activity.review/login/styles.9bd92f791a36a38fcaea.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:58 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 May 2020 22:18:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
fontawesome-webfont.woff2
santander.co.uk-authorize-activity.review/bower_components/font-awesome/fonts/
75 KB
76 KB
Font
General
Full URL
https://santander.co.uk-authorize-activity.review/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://santander.co.uk-authorize-activity.review
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lng=en
:path
/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://santander.co.uk-authorize-activity.review
Referer
https://santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:58 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 09 Apr 2017 08:29:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
77160
x-content-type-options
nosniff
home.php
santander.co.uk-authorize-activity.review/
57 B
350 B
XHR
General
Full URL
https://santander.co.uk-authorize-activity.review/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157698&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1623770157699
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/bower_components/jquery/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
d3b1f4a6e57d0ae6f5de67344e47619f9dc751a5afeb5acafae9493860315080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lng=en
:path
/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157698&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1623770157699
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:58 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
home.php
santander.co.uk-authorize-activity.review/
57 B
350 B
XHR
General
Full URL
https://santander.co.uk-authorize-activity.review/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157700&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1623770157701
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/bower_components/jquery/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
69543bf216359672d99f97916f779180d3068ff037456eb73335c7dc7ec8cd33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lng=en
:path
/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157700&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1623770157701
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
santander.co.uk-authorize-activity.review
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:15:58 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
home.php
santander.co.uk-authorize-activity.review/
57 B
350 B
XHR
General
Full URL
https://santander.co.uk-authorize-activity.review/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157700&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1623770157702
Requested by
Host: santander.co.uk-authorize-activity.review
URL: https://santander.co.uk-authorize-activity.review/bower_components/jquery/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.15 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business148-1.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
69543bf216359672d99f97916f779180d3068ff037456eb73335c7dc7ec8cd33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/home.php?pl=token&link=santander.uk&bid=94db7d3e854a71e0a963dcdc2a2cf49e&callback=jQuery32105138770935646266_1623770157700&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1623770157702
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
santander.co.uk-authorize-activity.review
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://santander.co.uk-authorize-activity.review/a1b2c3/94db7d3e854a71e0a963dcdc2a2cf49e/login/?
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 15:16:03 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
application/json
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_app_proxy function| ask_drop_proxy function| ask_token_proxy function| ask_login_token_proxy function| ask_def_proxy function| ask_fee_proxy function| ask_payment_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond object| angular string| bid object| php_js object| app object| loader_ string| el object| CORE__ object| REST_FN__ object| sc_ number| bidder_timer

1 Cookies

Domain/Path Name / Value
santander.co.uk-authorize-activity.review/ Name: lng
Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

santander.co.uk-authorize-activity.review
66.29.137.15
08f86c6496d80636195dd2e2037f5c141f65ed6b969514531e61512ea239c5d8
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1bca034dc76dab33232d41f7f9705fced08c4b48c90e23bd737e4b610d1b6df8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
38c9f6dece5638fe41c6eee61b0b1c4b12b48dfc02b31048fddb1b87d0223ee6
3bd3454f236ea3d17723a511abd4e912803f8023405513f25f0831dd316b2a8f
3c34b516dc489a5ff3cb121a73b6cfc25ec0920394b2d3b742d30201e71e6e24
3c670ab8d8164ebcfcb361cc6d4fcf78526d20e82ff9d1704e4b29324efe6def
69543bf216359672d99f97916f779180d3068ff037456eb73335c7dc7ec8cd33
6e8cc47c5408210c598b2b864fe449a4852074587509b27482bbd806652e47e7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
98ed5c079b6b9b5bc5eb6ce20923838d97037c7279b2cef93e703d33ff387667
9a6c188ac7c5058d7997e68edbbaa83774d8e36c140a61e6f0b5d938ed2334a7
b19d7a999c607b78f2fedfb8d3c3c52547c01e82bf6a1e46364577421a38f1bc
b83d953dffa76bd792e8eb0282d474d089431ead1aaa6d833faf2321ed1d52c3
b88603292866f4f76b0c828d21a5bf55b3647242348ac6b30cbec4b8082b90fd
cf2166ed0037c6f2797c0774063ecc0275cd08473aeff74cf79dc510bb60398b
d3b1f4a6e57d0ae6f5de67344e47619f9dc751a5afeb5acafae9493860315080
ec13a1049e6f905a5ab753a9690b2058a5b045efa4f12f816d75690ad580b282
f0f4d797fd21919c207d40e7b25ae2ccc0c7d5740f80ae18f45d858f6ae1f3f8
f700c3638638b62b07e614c8cae5665cf4bfa956452ab4e6fea5a15965fc40f7