samtander-individuals.com
Open in
urlscan Pro
95.214.26.221
Malicious Activity!
Public Scan
Effective URL: https://samtander-individuals.com/app/
Submission: On November 26 via manual from ES — Scanned from NL
Summary
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.
This is the only time samtander-individuals.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 16 | 95.214.26.221 95.214.26.221 | 216419 (AS-MATRIX...) (AS-MATRIXTELECOM) | |
1 | 2.16.213.57 2.16.213.57 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 45.223.164.57 45.223.164.57 | 19551 (INCAPSULA) (INCAPSULA) | |
16 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a2-16-213-57.deploy.static.akamaitechnologies.com
rolb.santanderbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
samtander-individuals.com
3 redirects
samtander-individuals.com |
263 KB |
2 |
santander.com
global.sanbot.sandigital.santander.com — Cisco Umbrella Rank: 367070 |
93 KB |
1 |
santanderbank.com
rolb.santanderbank.com — Cisco Umbrella Rank: 223138 |
|
16 | 3 |
Domain | Requested by | |
---|---|---|
16 | samtander-individuals.com |
3 redirects
samtander-individuals.com
|
2 | global.sanbot.sandigital.santander.com |
samtander-individuals.com
|
1 | rolb.santanderbank.com |
samtander-individuals.com
|
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
rolb.santanderbank.com |
www.santanderbank.com |
customerservice.santanderbank.com |
www.santander.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
samtander-individuals.com R3 |
2023-11-26 - 2024-02-24 |
3 months | crt.sh |
www.santanderbank.com Entrust Certification Authority - L1M |
2023-06-09 - 2024-07-07 |
a year | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q2 |
2023-06-28 - 2023-12-25 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://samtander-individuals.com/app/
Frame ID: 13FCFEEF1CEE70F3CE0C31B764E8F8FB
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Santander Online Banking LoginPage URL History Show full URLs
-
http://samtander-individuals.com/
HTTP 301
https://samtander-individuals.com/ HTTP 302
https://samtander-individuals.com/app HTTP 301
https://samtander-individuals.com/app/ Page URL
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Go to main content
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Corporate
Search URL Search Domain Scan URL
Title: Link Your User ID Forgot Your User ID?
Search URL Search Domain Scan URL
Title: Link Forgot Your Password Forgot Your Password?
Search URL Search Domain Scan URL
Title: Link to Enroll Now Enroll Now
Search URL Search Domain Scan URL
Title: Link Digital Banking Agreement Digital Banking Agreement
Search URL Search Domain Scan URL
Title: (Open in a new tab) search our FAQs. go to FAQs
Search URL Search Domain Scan URL
Title: Online Banking feedback go to Feedback
Search URL Search Domain Scan URL
Title: (Open in new tab)Find an ATM/Branch
Search URL Search Domain Scan URL
Title: (Open in new tab)Customer Service
Search URL Search Domain Scan URL
Title: (Open in new tab)Site Map
Search URL Search Domain Scan URL
Title: (Open in new tab)Accessibility
Search URL Search Domain Scan URL
Title: (Open in new tab)Privacy and Security
Search URL Search Domain Scan URL
Title: (Open in new tab)Investor Relations
Search URL Search Domain Scan URL
Title: (Open in new tab)Media Center
Search URL Search Domain Scan URL
Title: (Open in new tab)Careers
Search URL Search Domain Scan URL
Title: (Open in new tab)About Santander
Search URL Search Domain Scan URL
Title: (Open in new tab)Privacy Policy
Search URL Search Domain Scan URL
Title: (Open in new tab)Terms of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://samtander-individuals.com/
HTTP 301
https://samtander-individuals.com/ HTTP 302
https://samtander-individuals.com/app HTTP 301
https://samtander-individuals.com/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
samtander-individuals.com/app/ Redirect Chain
|
228 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.2b4ba21e3013d4d0cc68.css
samtander-individuals.com/libraries/ |
292 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AAFF_SANDI_SYMBOL_CMYK.SVG
samtander-individuals.com/libraries/ |
790 B 963 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infoIcon.svg
samtander-individuals.com/libraries/ |
660 B 833 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minimizeIcon.svg
samtander-individuals.com/libraries/ |
871 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
closeIcon.svg
samtander-individuals.com/libraries/ |
43 KB 44 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
rolb.santanderbank.com/OnlineBanking/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FA_SANTANDER_PVR_POS_RGB.6b6950e7c85225731399.svg
samtander-individuals.com/libraries/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-login-faqs.444e81bc2593c635b5a8.svg
samtander-individuals.com/libraries/ |
947 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-login-feedback.3b28365c5184221bebf9.svg
samtander-individuals.com/libraries/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
equal-housing-lender.8917480a90573d942deb.svg
samtander-individuals.com/libraries/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderTextW05-Regular.1072cb3109609b6f65eb.woff2
samtander-individuals.com/libraries/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderHeadlineW05-Rg.86809b022ec12f4a9332.woff2
samtander-individuals.com/libraries/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderTextW05-Bold.a48c0132fe41abde8dbf.woff2
samtander-individuals.com/libraries/ |
48 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderHeadlineW05-Rg.woff2
global.sanbot.sandigital.santander.com/content/assets/fonts/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderTextW05-Regular.woff2
global.sanbot.sandigital.santander.com/content/assets/fonts/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
samtander-individuals.com/ | Name: PHPSESSID Value: nguaap8chuhvf1emn1t3p2ac51 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
global.sanbot.sandigital.santander.com
rolb.santanderbank.com
samtander-individuals.com
2.16.213.57
45.223.164.57
95.214.26.221
139d3dbccd39273e5a54ce739881c97defec84da46686636045e6d320ab8b13d
243493557f9376768c43bb06174937c435a3f332c9c6a006306263ec6ac25743
2d495a010c8c1f13b69bdab834640b1896ac0de7dcb8d125b19af50d91071f27
45245d728ae416657a19434010ab049cb89534a946d272b100287c9f95b2dc8e
535c47209ecf005f74929ba3bd50b107a702bead1f165b856e002165a1a56ba8
63d4e44221cbadea57451110791ca86c7ba695f8de73dd0084251916bce838ed
64105e43a16700f1acef6a731ab0967fcd29210674a967b0ddaa57c8291c6fd8
7985c151ce7d5f67907c31678a8f3b71a94fbd71223732c022bc28ef65248078
a1ca8c9c2dc1d88ee09adccbadbf48b3c031787871be7948c694ef0644d697d4
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ee57215c2569dee84dfa4ec97b152f897f9940403049db71c79a29b951e84d
ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29
fa1cb3c1018fd2a175c77b01fceb6bbb6151aca9cb7cc26ec86b0d55c43abe9e