account.uat-thesun.co.uk Open in urlscan Pro
2606:4700::6813:9813 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://login.uat-thesun.co.uk/
Effective URL:
https://account.uat-thesun.co.uk/login?state=hKFo2SBnVG9ucjNQeElaYzVaMUdWV2R3WUxsOUpjN2tYSGNPM6FupWxvZ2luo3RpZNkgVXhkcGtuVnpyM1dt...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 09 via api (November 9th 2023, 7:48:10 pm UTC) from FR — Scanned from FR

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 19 domains to perform 57 HTTP transactions. The main IP is 2606:4700::6813:9813, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.uat-thesun.co.uk.
TLS certificate: Issued by E1 on September 12th 2023. Valid for: 3 months.

This is the only time account.uat-thesun.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:264... 2600:9000:2646:800:4:5ac3:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:9000:264... 2600:9000:2646:600:4:5ac3:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700::68... 2606:4700::6813:9813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:236... 2600:9000:236e:6000:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2600:9000:223... 2600:9000:223e:2400:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.66.122.45 18.66.122.45	16509 (AMAZON-02) (AMAZON-02)
3	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 4	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.12 99.86.4.12	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
57	24

1 2600:9000:2646:800:4:5ac3:46c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

login.uat-thesun.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2646:600:4:5ac3:46c0:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

login.uat-thesun.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9813 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

account.uat-thesun.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.eu.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:6000:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223e:2400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net

www.thesun.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxercz0zul.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.23 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

pac.newsdata.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googlesync.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1253	51 KB
8	uat-thesun.co.uk 4 redirects login.uat-thesun.co.uk account.uat-thesun.co.uk	97 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
5	px-cloud.net client.px-cloud.net — Cisco Umbrella Rank: 6931 collector-pxercz0zul.px-cloud.net	77 KB
4	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2904 api.permutive.com — Cisco Umbrella Rank: 2165 googlesync.permutive.com — Cisco Umbrella Rank: 8909	315 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	2 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1361	37 KB
4	thesun.co.uk www.thesun.co.uk — Cisco Umbrella Rank: 28079	119 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	1018 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 7121 cdn.eu.auth0.com — Cisco Umbrella Rank: 132212	247 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	173 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2638	790 B
1	google.fr www.google.fr — Cisco Umbrella Rank: 17843	409 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040	46 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	582 B
1	prmutv.co 88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co — Cisco Umbrella Rank: 48972	233 B
1	newsdata.uk pac.newsdata.uk	1011 B
1	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 5234	1 KB
57	19

	Domain	Requested by
8	tags.tiqcdn.com	account.uat-thesun.co.uk tags.tiqcdn.com
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	sb.scorecardresearch.com	2 redirects
4	www.recaptcha.net	cdn.auth0.com www.gstatic.com www.recaptcha.net
4	www.thesun.co.uk	account.uat-thesun.co.uk
4	account.uat-thesun.co.uk	1 redirects cdn.auth0.com
4	login.uat-thesun.co.uk	3 redirects account.uat-thesun.co.uk
3	collector-pxercz0zul.px-cloud.net	client.px-cloud.net
2	cm.g.doubleclick.net	2 redirects
2	cdn.permutive.com	tags.tiqcdn.com cdn.permutive.com
2	www.googletagmanager.com	tags.tiqcdn.com www.google-analytics.com
2	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com
2	client.px-cloud.net	account.uat-thesun.co.uk client.px-cloud.net
2	cdn.polyfill.io	account.uat-thesun.co.uk
2	cdn.auth0.com	account.uat-thesun.co.uk cdn.auth0.com
1	fonts.gstatic.com	www.recaptcha.net
1	googlesync.permutive.com
1	www.google.fr
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api.permutive.com	cdn.permutive.com
1	ib.adnxs.com	cdn.permutive.com
1	88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co	cdn.permutive.com
1	pac.newsdata.uk
1	uk-script.dotmetrics.net	tags.tiqcdn.com
1	cdn.eu.auth0.com	cdn.auth0.com
57	27

This site contains no links.

Subject Issuer	Validity	Valid
account.uat-thesun.co.uk E1	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-10-23` - `2023-11-22`	a month	crt.sh
client.botchk.net R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.dev.nukcdn.com Amazon RSA 2048 M02	`2023-02-13` - `2024-03-13`	a year	crt.sh
eu.auth0.com E1	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.nukcdn.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-15` - `2024-09-13`	a year	crt.sh
misc.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.dotmetrics.net Amazon RSA 2048 M02	`2023-08-23` - `2024-09-20`	a year	crt.sh
pac.newsdata.uk GTS CA 1D4	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.prmutv.co R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.uat-thesun.co.uk/login?state=hKFo2SBnVG9ucjNQeElaYzVaMUdWV2R3WUxsOUpjN2tYSGNPM6FupWxvZ2luo3RpZNkgVXhkcGtuVnpyM1dteXJqZW1ZczhGRWVIdEQ0RDF5T3mjY2lk2SBqWFlvR2d5b1BSSUJ4XzB5QlYwX1FUdFhXbE1NUkM5VQ&client=jXYoGgyoPRIBx_0yBV0_QTtXWlMMRC9U&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3ctZGV2LnVhdC10aGVzdW4uY28udWsvIiwicHJvZHVjdEdyb3VwIjoiU3VuX1dlYiJ9&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQaG9uZSIsIlBvc3QiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.uat-thesun.co.uk%2Foidc%2Frp%2Fcallback
Frame ID: AE963C2694A50C7F930BD10115D597AF
Requests: 52 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lfwle8bAAAAAPWX_63bSUehn3zFQdqpwA23udJv&co=aHR0cHM6Ly9hY2NvdW50LnVhdC10aGVzdW4uY28udWs6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=akhjw3n4y4xw
Frame ID: F1E145DFDC583F28DDFD6FEC7AD77740
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lfwle8bAAAAAPWX_63bSUehn3zFQdqpwA23udJv
Frame ID: CCCA370175D45EC8A2CEEDDE529FE33A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to The Sun

Page URL History Show full URLs

http://login.uat-thesun.co.uk/ HTTP 301
https://login.uat-thesun.co.uk/ HTTP 302
https://login.uat-thesun.co.uk/oidc/rp/login/thesunuk?gotoUrl=https%3A%2F%2Fwww-dev.uat-thesun.co.uk%2F HTTP 302
https://account.uat-thesun.co.uk/authorize?client_id=jXYoGgyoPRIBx_0yBV0_QTtXWlMMRC9U&scope=openid%20profile%... HTTP 302
https://account.uat-thesun.co.uk/login?state=hKFo2SBnVG9ucjNQeElaYzVaMUdWV2R3WUxsOUpjN2tYSGNPM6FupWxvZ2luo3Rp... Page URL