santander-online-com.preview-domain.com Open in urlscan Pro
2606:4700::6812:1878  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://petrofarayand.com/wp-includes/css/online/ Page URL
2. https://santander-online-com.preview-domain.com/ Page URL
3. https://santander-online-com.preview-domain.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response petrofarayand.com/wp-includes/css/online/	126 B 359 B	185ms 85ms	Document text/html	38.110.76.205 RAVAND
General Check archive.org Show headers Download Go to Full URL https://petrofarayand.com/wp-includes/css/online/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.110.76.205 Markham, Canada, ASN12212 (RAVAND, CA), Reverse DNS lw5.securewebportal.com Software Apache / PHP/7.2.21 Resource Hash 54afb7bb8e776d3e47825b2f0d1eefc897c2ff8394994036733eacfda32707c9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 13 Jul 2022 18:17:52 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.2.21
GET H2	503	/ Show response santander-online-com.preview-domain.com/	10 KB 11 KB	62ms 20ms	Document text/html	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f728c0441990857bcfc1cc079fbcc6a4539d25470afc7e5383002294d39410fe Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://petrofarayand.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 72a404950c7eece2-YUL content-type text/html; charset=UTF-8 date Wed, 13 Jul 2022 18:17:52 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	34 KB 12 KB	42ms 41ms	Script application/javascript	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=72a404950c7eece2 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a3f017d5bf2275ca7bc1c54b3f6161e966e9cbbe8fbda11910320e27e315747 Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=Jbzyu9oG58JKqQeMm1ANDo0DO8U2bqYpkHA9wCxozgw-1657736272-0-gaNycGzNCJE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:52 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 72a404954cb9ece2-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	transparent.gif santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/js/	42 B 101 B	40ms 39ms	Image image/gif	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=72a404950c7eece2 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=Jbzyu9oG58JKqQeMm1ANDo0DO8U2bqYpkHA9wCxozgw-1657736272-0-gaNycGzNCJE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=Jbzyu9oG58JKqQeMm1ANDo0DO8U2bqYpkHA9wCxozgw-1657736272-0-gaNycGzNCJE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:52 GMT x-content-type-options nosniff last-modified Fri, 08 Jul 2022 19:28:56 GMT server cloudflare etag "62c88578-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 72a404954cbaece2-YUL vary Accept-Encoding content-length 42 expires Wed, 13 Jul 2022 20:17:52 GMT
GET H2	200	transparent.gif santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/	42 B 220 B	13ms 12ms	Image image/gif	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=72a404950c7eece2 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=Jbzyu9oG58JKqQeMm1ANDo0DO8U2bqYpkHA9wCxozgw-1657736272-0-gaNycGzNCJE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=Jbzyu9oG58JKqQeMm1ANDo0DO8U2bqYpkHA9wCxozgw-1657736272-0-gaNycGzNCJE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:52 GMT x-content-type-options nosniff last-modified Fri, 08 Jul 2022 19:28:56 GMT server cloudflare etag "62c88578-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 72a404954cbbece2-YUL vary Accept-Encoding content-length 42 expires Wed, 13 Jul 2022 20:17:52 GMT
POST H3	200	a20b2347b9155f4 Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8162534179322058:1657732117:8TeV9_--GTlPEBxfhfJKOB46xe6D1SKZzI9pjykp1yk/72a404950c7eece2/	94 KB 57 KB	54ms 53ms	XHR text/plain	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8162534179322058:1657732117:8TeV9_--GTlPEBxfhfJKOB46xe6D1SKZzI9pjykp1yk/72a404950c7eece2/a20b2347b9155f4 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=72a404950c7eece2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cc40464435a6b23b132a9384fb50a61b215d3881bc16606afea9368de610073 Request headers Referer https://santander-online-com.preview-domain.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 CF-Challenge a20b2347b9155f4 Content-type application/x-www-form-urlencoded Response headers date Wed, 13 Jul 2022 18:17:52 GMT content-encoding gzip cf_chl_gen thJyu10ECyYBfUCk+Brs32IDZfgWOD7qwTqpxqOygmbMdwnAK23z56RhVk+xNogojvbIMPiP6ZNUD7Le+BFwV/aYUYUkzdoE4u4CcqNom58xxLXN+nEmrXFlMLRRamdTQoIlbT7z+PNKBsFBGqNJQEtghdVijl0CJKeBVDogXuO3J5GC2b1epu0Nf3j9qCBnztIVvEsfYyN03QO2qV96jRAUlySXKUSyx5eWl9oiAWm5U/ablq6MtSYfAJ7FMjq3xD4VEpev6P1T32xKpzF5NlFMHdBePJTUjx2FzD7NR/9hsqfIhxz6Mqa1S8gDUPjeqcQdfwYtw0Q6tdL+W0Wkc3qjqQ4H8Q0wzagmQFyUC3g=$wIaSWd7dXfpqAbU76ptzag== server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=UTF-8 cf-ray 72a404964f024bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	401	sapM6LrxukdsCO0 Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/pat/72a404950c7eece2/1657736272378/8d55d4d9bc30508862b46e51203fd96fd7f6c5402357b647dd026551566e244b/	1 B 729 B	29ms 29ms	Fetch text/plain	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/pat/72a404950c7eece2/1657736272378/8d55d4d9bc30508862b46e51203fd96fd7f6c5402357b647dd026551566e244b/sapM6LrxukdsCO0 Requested by Host: petrofarayand.com URL: https://petrofarayand.com/wp-includes/css/online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:52 GMT www-authenticate PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjVXU2bwwUIhitG5RID_Zb9f2xUAjV7ZH3QJlUVZuJEsAJ3NhbnRhbmRlci1vbmxpbmUtY29tLnByZXZpZXctZG9tYWluLmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAzK3FLCrfgVXQ6aqvcE6lzyGPZhSYhWRR3oouo1LO2XArAzh_XcuhNrpKuWqTLrBBZtbFfMQzDhBV6oTfRN2oGZO5PGV60rnJx6Xndni3iFwQwYOg2vD8wraaPhMtZmobFbFxyeSsZ-wljyKpOEd49SDVeXSoYMzPE0nBaGPjw42JfPfvEZ3ezX-DHLrylszs-y4-Fnahf_XYwTexHuisoMKGgnsLpYQM73bs5tpX7Us7eha_b65dLI1PUwSY8cvJAms2PIuOEVx63g_N_zvhEsOiH9yFPi3dnycyf3i8M2wYfqWuScolSpvKVnNtMQVIYAegvh9UT-L_fOFF4qc0XwIDAQAB, max-age=15 server cloudflare cf-ray 72a40497ea4f4bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=UTF-8
GET H3	200	mERFI0cEZ6KFlBc santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/img/72a404950c7eece2/1657736272378/	61 B 232 B	30ms 30ms	Image image/png	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/img/72a404950c7eece2/1657736272378/mERFI0cEZ6KFlBc Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c30442e76a1be53fd49550f6d63b163e5f516d2473de1c3ce23f21078284878a Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:52 GMT server cloudflare cf-ray 72a404981ac44bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png
GET BLOB	200 OK	9f53c325-7197-4cb7-a25a-f400415f2276 https://santander-online-com.preview-domain.com/	172 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://santander-online-com.preview-domain.com/9f53c325-7197-4cb7-a25a-f400415f2276 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ed3ba3bf2cbfc82fdae58f74571364f3722d12d9faf37fcedd89fc5b04412a0e Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Length 172 Content-Type application/javascript
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
POST H3	200	a20b2347b9155f4 Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8162534179322058:1657732117:8TeV9_--GTlPEBxfhfJKOB46xe6D1SKZzI9pjykp1yk/72a404950c7eece2/	1 KB 2 KB	53ms 53ms	XHR text/html	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.8162534179322058:1657732117:8TeV9_--GTlPEBxfhfJKOB46xe6D1SKZzI9pjykp1yk/72a404950c7eece2/a20b2347b9155f4 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=72a404950c7eece2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85f28dce8f6a2d2445822c9c0e0de4fd1f30ba08e3becf2b067934fe8fd6fb3f Request headers Referer https://santander-online-com.preview-domain.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 CF-Challenge a20b2347b9155f4 Content-type application/x-www-form-urlencoded Response headers date Wed, 13 Jul 2022 18:17:54 GMT content-encoding gzip server cloudflare cf_chl_out 0fjT+bJMqjHloMAzP8ax5EE3qHstVaybNcdgpfF3oo15j5cYadYJp38UIbz1TyOFiRLh6Q4gM1AU2H45JPTo5w==$1GirGwaDw2+102o5drlISg== expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/html; charset=UTF-8 cf_chl_out_s 874aY2xVaWup0RBTnAsP8jcsfy487S8wSatzeJ2zPjNHxq8+5Fv3tkFPllVKmTE5pfgZb7GaRCmCVUgL63xr0XkT9UVLOM8BlKPzPYsutuNqHA8R2C2dd/AvB1vRJidlkR/6cTjioSaxtDcc3Y+atGKRbC22gOu3+lDwOLq1mX9dKEFYiwkc9h8lxaArsIfXAcfEPVRJnI8EHvrjzS7QA5XJ//3rDGOxiVDZsw9WxpE0uXcyP6mycolZsdCgBdjSvGrUyCXIxn17vhiG+ZKX+dYnneCvziomVl64lgrLd6s0fFrbq+48c0Q0jCKg+AYgJXpDknVQQeBCnZY5DQS6LstjBUW0CqLRZ1dVidjYE/pTTmlTqmRLZSexgO2Qz6k9l4gikjpAyD+mkWl+vd6kaA==$uw+KiyyEWCq3d+MJK0rHLg== cf-ray 72a404a1790d4bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	503	Primary Request / Show response santander-online-com.preview-domain.com/	10 KB 10 KB	18ms 17ms	Document text/html	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/ Requested by Host: petrofarayand.com URL: https://petrofarayand.com/wp-includes/css/online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 493d86e03e80081370d8e9e947c5c2baddb5915f5fb2c639ef502aa80307d52b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://santander-online-com.preview-domain.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 72a404ae5b574bb9-YUL content-type text/html; charset=UTF-8 date Wed, 13 Jul 2022 18:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	v1 Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/	34 KB 13 KB	22ms 22ms	Script application/javascript	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=72a404ae5b574bb9 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38f712ca71da7daea0393af2a17374c58e968e9e50a0ab022628a0ef00e5a685 Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=zc6e6fwUicYOoKTIdwlJDnGOU7nQL2bEoAZDfperios-1657736276-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:56 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 72a404ae8b854bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	transparent.gif santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/js/	42 B 222 B	13ms 13ms	Image image/gif	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=72a404ae5b574bb9 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=zc6e6fwUicYOoKTIdwlJDnGOU7nQL2bEoAZDfperios-1657736276-0-gaNycGzNBmU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=zc6e6fwUicYOoKTIdwlJDnGOU7nQL2bEoAZDfperios-1657736276-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:56 GMT x-content-type-options nosniff last-modified Fri, 08 Jul 2022 19:28:56 GMT server cloudflare etag "62c88578-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 72a404ae8b864bb9-YUL vary Accept-Encoding content-length 42 expires Wed, 13 Jul 2022 20:17:56 GMT
GET H3	200	transparent.gif santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/	42 B 222 B	13ms 13ms	Image image/gif	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=72a404ae5b574bb9 Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=zc6e6fwUicYOoKTIdwlJDnGOU7nQL2bEoAZDfperios-1657736276-0-gaNycGzNBmU Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/?__cf_chl_rt_tk=zc6e6fwUicYOoKTIdwlJDnGOU7nQL2bEoAZDfperios-1657736276-0-gaNycGzNBmU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:56 GMT x-content-type-options nosniff last-modified Fri, 08 Jul 2022 19:28:56 GMT server cloudflare etag "62c88578-2a" x-frame-options DENY content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 72a404ae8b884bb9-YUL vary Accept-Encoding content-length 42 expires Wed, 13 Jul 2022 20:17:56 GMT
POST H3	200	5fd7a6b46127c0c Show response santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5983569825518953:1657735619:vwf7zcPbwI_mzKlLrQz9_qZFkv-hD9RLmk9XfIb4260/72a404ae5b574bb9/	109 KB 63 KB	75ms 74ms	XHR text/plain	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5983569825518953:1657735619:vwf7zcPbwI_mzKlLrQz9_qZFkv-hD9RLmk9XfIb4260/72a404ae5b574bb9/5fd7a6b46127c0c Requested by Host: santander-online-com.preview-domain.com URL: https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=72a404ae5b574bb9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94986363a47c4125c419384d168a7522843bd6d36150c6ed5bbd281f4cd286f9 Request headers Referer https://santander-online-com.preview-domain.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 CF-Challenge 5fd7a6b46127c0c Content-type application/x-www-form-urlencoded Response headers date Wed, 13 Jul 2022 18:17:56 GMT content-encoding gzip cf_chl_gen D9I0aWCRJvwKWiPQO9APNvyVaZd6Mf92zt0NToqbBz+2EFnJEW4gvmqFp7tdfFb7kwoBPZ1CF8RII1gsKpC+YEHVRXxXMmyZpZW9Xp0ZTi1o3Lv6mrPfu+zGHJQxDQSLexYI3KoN5J6OOA9NJaQJZP/GjTRt3iQRu9wGo8Mceq0IJvJvXFS0uGL+1kUoHzTK/rt+ty0nKn//KwpIzrdVKXuuFh0EIMnYYvH0v49FehJ0w8ZxrZDQzM57RtL2tjg3REyElavPHnQyF9gzKVgmfw5xhgx1BkxywBhhXxLcJSTaxlCmDmXOM8Yxz58RPesIt93J6CpVKlHOxeeq/CQR7kaWvGS68sbziwY2+XZ2dnI=$urqKbxi/5/o2vR4ICHoCQw== server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=UTF-8 cf-ray 72a404af6c9a4bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	xP3vLsOCsJhWRwl santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/img/72a404ae5b574bb9/1657736276417/	61 B 232 B	21ms 21ms	Image image/png	2606:4700::6812:1878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/img/72a404ae5b574bb9/1657736276417/xP3vLsOCsJhWRwl Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://santander-online-com.preview-domain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Wed, 13 Jul 2022 18:17:56 GMT server cloudflare cf-ray 72a404b03dc84bb9-YUL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/png

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cf_chl_opt function| _cf_chl_enter function| SHA256 function| sendRequest boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx object| _

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			santander-online-com.preview-domain.com/	1970-01-20 04:28:59	Name: cf_chl_prog Value: F13
			santander-online-com.preview-domain.com/	1970-01-20 04:28:59	Name: cf_chl_rc_ni Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://santander-online-com.preview-domain.com/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/pat/72a404950c7eece2/1657736272378/8d55d4d9bc30508862b46e51203fd96fd7f6c5402357b647dd026551566e244b/sapM6LrxukdsCO0 Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://santander-online-com.preview-domain.com/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://santander-online-com.preview-domain.com/cdn-cgi/challenge-platform/h/g/pat/72a404ae5b574bb9/1657736276418/547f691321df8e31ea353dede7b764b3cc354203ebc1dba602f304c7e2c6d6d6/zUJzpC_3sTCKlel Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

petrofarayand.com
santander-online-com.preview-domain.com
2606:4700::6812:1878
38.110.76.205
38f712ca71da7daea0393af2a17374c58e968e9e50a0ab022628a0ef00e5a685
3a3f017d5bf2275ca7bc1c54b3f6161e966e9cbbe8fbda11910320e27e315747
493d86e03e80081370d8e9e947c5c2baddb5915f5fb2c639ef502aa80307d52b
54afb7bb8e776d3e47825b2f0d1eefc897c2ff8394994036733eacfda32707c9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7cc40464435a6b23b132a9384fb50a61b215d3881bc16606afea9368de610073
85f28dce8f6a2d2445822c9c0e0de4fd1f30ba08e3becf2b067934fe8fd6fb3f
94986363a47c4125c419384d168a7522843bd6d36150c6ed5bbd281f4cd286f9
c30442e76a1be53fd49550f6d63b163e5f516d2473de1c3ce23f21078284878a
ed3ba3bf2cbfc82fdae58f74571364f3722d12d9faf37fcedd89fc5b04412a0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f728c0441990857bcfc1cc079fbcc6a4539d25470afc7e5383002294d39410fe