santander-mio-uat.dbhosting.co.uk Open in urlscan Pro
2a00:1a48:7807:102:be76:4eff:fe08:c71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://santander-mentoring-uat.dbhosting.co.uk/
Effective URL:
https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
Submission: On October 04 via automatic, source certstream-suspicious (October 4th 2019, 8:17:47 am UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2a00:1a48:7807:102:be76:4eff:fe08:c71, located in United Kingdom and belongs to RACKSPACE-LON, GB. The main domain is santander-mio-uat.dbhosting.co.uk.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 13th 2019. Valid for: 3 months.

This is the only time santander-mio-uat.dbhosting.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	134.213.49.129 134.213.49.129	15395 (RACKSPACE...) (RACKSPACE-LON)
1 8	2a00:1a48:780... 2a00:1a48:7807:102:be76:4eff:fe08:c71	15395 (RACKSPACE...) (RACKSPACE-LON)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
10	3

1 134.213.49.129 (Farnham, United Kingdom) 1 redirects

ASN15395 (RACKSPACE-LON, GB)

santander-mentoring-uat.dbhosting.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1a48:7807:102:be76:4eff:fe08:c71 (United Kingdom) 1 redirects

ASN15395 (RACKSPACE-LON, GB)

santander-mio-uat.dbhosting.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dbhosting.co.uk 2 redirects santander-mentoring-uat.dbhosting.co.uk santander-mio-uat.dbhosting.co.uk	480 KB
2	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com	799 B
10	3

	Domain	Requested by
8	santander-mio-uat.dbhosting.co.uk	1 redirects santander-mio-uat.dbhosting.co.uk
2	fonts.gstatic.com	santander-mio-uat.dbhosting.co.uk
1	fonts.googleapis.com	santander-mio-uat.dbhosting.co.uk
1	santander-mentoring-uat.dbhosting.co.uk	1 redirects
10	4

This site contains no links.

Subject Issuer	Validity	Valid
santander-mio-uat.dbhosting.co.uk Let's Encrypt Authority X3	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
Frame ID: A56C01826044FF3A840616495DFAB812
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://santander-mentoring-uat.dbhosting.co.uk/ HTTP 302
http://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/ HTTP 301
https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

10
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

497 kB
Transfer

2619 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://santander-mentoring-uat.dbhosting.co.uk/ HTTP 302
http://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/ HTTP 301
https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set login Show response
santander-mio-uat.dbhosting.co.uk/
Redirect Chain

https://santander-mentoring-uat.dbhosting.co.uk/
http://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

4 KB
3 KB

322ms
234ms

Document
text/html

2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

2230fb51b65299f1b9aa185a09239701015c9b85875a6ac10cbdf71bf6915249

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://santander-mio-uat.dbhosting.co.uk:; connect-src 'self' ws://santander-mio-uat.dbhosting.co.uk: http://santander-mio-uat.dbhosting.co.uk:; img-src data:; style-src 'self' 'unsafe-inline' https://stackpath.bootstrapcdn.com http://fonts.googleapis.com; font-src 'self' https://stackpath.bootstrapcdn.com https://fonts.gstatic.com data:; frame-src 'self' https://player.vimeo.com; manifest-src 'self';
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Host: santander-mio-uat.dbhosting.co.uk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Fri, 04 Oct 2019 08:17:30 GMT
Server: Hidden
Cache-Control: must-revalidate, no-cache, no-store, private
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://santander-mio-uat.dbhosting.co.uk:*; connect-src 'self' ws://santander-mio-uat.dbhosting.co.uk:* http://santander-mio-uat.dbhosting.co.uk:*; img-src * data:; style-src 'self' 'unsafe-inline' https://stackpath.bootstrapcdn.com http://fonts.googleapis.com; font-src 'self' https://stackpath.bootstrapcdn.com https://fonts.gstatic.com data:; frame-src 'self' https://player.vimeo.com; manifest-src 'self';
Set-Cookie: XSRF-TOKEN=eyJpdiI6InBlZFdQOVFwaE1ycG1JeVVQbWZLb3c9PSIsInZhbHVlIjoiNnVna1Z0VExrR0lKOTRhZlh2R3VwK0xWMXFWcnlCdmErZFVJOGFkQituNVgxSnMzVjZBREpsXC96RjFLaTNDYVciLCJtYWMiOiI3YjE5OTc1ZDgzYTY1YTkyYzZlMzkxY2RkYmEzMTM4Y2EzOWVlYWE1NzRhMzM1OTYzNWNkNDAwOWNkYTM2Mzg1In0%3D; expires=Fri, 04-Oct-2019 08:32:31 GMT; Max-Age=900; path=/; secure mio_session=eyJpdiI6Ilk2S1QyZmhYWVFleEM0ZWNXWWtTMUE9PSIsInZhbHVlIjoid3JlSTVBNDJoNmdaUXpFTnFuNlwvMmNUY0JIM0E4RzNwSjEzRCtUOWxuSlpDeGJ1MW5BRHRBU2ZLeDFqYTNCeXgiLCJtYWMiOiJjMzgwYTAzMGRhMTYxMWEzZjNmNWJiOWZmZGI3NTM5NDc0ODM1NjE3MDk3MTJjOTQ0MmEyYzMzZGVjYmZhODJlIn0%3D; path=/; secure; httponly
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: Deny
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Length: 1334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 04 Oct 2019 08:17:30 GMT
Server: Hidden
Location: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
Content-Length: 313
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
799 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,700,800

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e270fc6a6d64ec8cce6d98bde3e6ab3c0c1d8b118f4f6644e255dd34c88286b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 04 Oct 2019 08:17:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 04 Oct 2019 08:17:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 04 Oct 2019 08:17:31 GMT

GET
H/1.1 200
OK vendor.css
santander-mio-uat.dbhosting.co.uk/build/css/ 89 KB
15 KB 37ms
33ms Stylesheet
text/css 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/build/css/vendor.css?id=28bef7ef637ed5a4e5f6

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

2277f452111885b4f158f0f95c60fa8e4833d745529ebf89cd1e296918af5d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 14555
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
X-Frame-Options: Deny
ETag: "1621a-59410b143714d-gzip"
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 03 Nov 2019 08:17:31 GMT

GET
H/1.1 200
OK rojo.css
santander-mio-uat.dbhosting.co.uk/build/css/ 2 MB
338 KB 101ms
45ms Stylesheet
text/css 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/build/css/rojo.css?id=aea62af772ee85ce1892

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

add4a77a5c5bc7bd903d1f1ad6aaf5da5c6f11c05874649055c5531251766bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
X-Frame-Options: Deny
ETag: "1d3601-59410b142b9b5-gzip"
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 03 Nov 2019 08:17:31 GMT

GET
H/1.1 200
OK theme-hub.css
santander-mio-uat.dbhosting.co.uk/build/css/ 88 KB
19 KB 86ms
31ms Stylesheet
text/css 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/build/css/theme-hub.css?id=f9ec8598aa2ed8aca074

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

3eabda9d783cc7f74d4d0bc44585c951fef34c5035524ac2f34976d9a29aa211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 18946
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
X-Frame-Options: Deny
ETag: "15efe-59410b142b9b5-gzip"
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 03 Nov 2019 08:17:31 GMT

GET
H/1.1 200
OK mio-rebrand.css
santander-mio-uat.dbhosting.co.uk/build/css/ 522 KB
90 KB 94ms
39ms Stylesheet
text/css 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/build/css/mio-rebrand.css?id=d7a55895d26f9d48a3e9

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

94ab1c221ea1301f65adc65244da5b1d01cc89adb8c52bf7eb401f5ad7d73885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
X-Frame-Options: Deny
ETag: "8263b-59410b142bd9d-gzip"
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 03 Nov 2019 08:17:31 GMT

GET
H/1.1 200
OK notifications.css
santander-mio-uat.dbhosting.co.uk/build/css/ 10 KB
3 KB 88ms
29ms Stylesheet
text/css 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/build/css/notifications.css?id=bec305c79906a543bea7

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

a3fbabf7e2f777596518abd4be94a8f14767c76652ba8be79f39969bb01f2466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 2025
X-XSS-Protection: 1;mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
X-Frame-Options: Deny
ETag: "2835-59410b1446b4e-gzip"
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 03 Nov 2019 08:17:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,700,800
Origin: https://santander-mio-uat.dbhosting.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 23:48:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 289726
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9016
x-xss-protection: 0
expires: Tue, 29 Sep 2020 23:48:45 GMT

GET
H/1.1 200
OK santander-mio.woff
santander-mio-uat.dbhosting.co.uk/fonts/ 11 KB
11 KB 28ms
27ms Font
application/font-woff 2a00:1a48:7807:102:be76:4eff:fe08:c71
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://santander-mio-uat.dbhosting.co.uk/fonts/santander-mio.woff

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1a48:7807:102:be76:4eff:fe08:c71 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Hidden /

Resource Hash

e1a7ba652bce34de319f09eec2eaaf0c2f1b75aacb2d5bda4e12cd3cbd029271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://santander-mio-uat.dbhosting.co.uk/build/css/theme-hub.css?id=f9ec8598aa2ed8aca074
Origin: https://santander-mio-uat.dbhosting.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 04 Oct 2019 08:17:31 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 04 Oct 2019 07:31:37 GMT
Server: Hidden
ETag: "2bf8-59410b143dac6"
X-Frame-Options: Deny
Content-Type: application/font-woff
X-XSS-Protection: 1;mode=block
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 11256
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: santander-mio-uat.dbhosting.co.uk
URL: https://santander-mio-uat.dbhosting.co.uk/login?redirect=https://santander-mentoring-uat.dbhosting.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,700,800
Origin: https://santander-mio-uat.dbhosting.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2630167
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:41:24 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Santander object| App

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			santander-mio-uat.dbhosting.co.uk/	1969-12-31 23:59:59	Name: mio_session Value: eyJpdiI6Ilk2S1QyZmhYWVFleEM0ZWNXWWtTMUE9PSIsInZhbHVlIjoid3JlSTVBNDJoNmdaUXpFTnFuNlwvMmNUY0JIM0E4RzNwSjEzRCtUOWxuSlpDeGJ1MW5BRHRBU2ZLeDFqYTNCeXgiLCJtYWMiOiJjMzgwYTAzMGRhMTYxMWEzZjNmNWJiOWZmZGI3NTM5NDc0ODM1NjE3MDk3MTJjOTQ0MmEyYzMzZGVjYmZhODJlIn0%3D
			santander-mio-uat.dbhosting.co.uk/	1970-01-19 04:09:37	Name: XSRF-TOKEN Value: eyJpdiI6InBlZFdQOVFwaE1ycG1JeVVQbWZLb3c9PSIsInZhbHVlIjoiNnVna1Z0VExrR0lKOTRhZlh2R3VwK0xWMXFWcnlCdmErZFVJOGFkQituNVgxSnMzVjZBREpsXC96RjFLaTNDYVciLCJtYWMiOiI3YjE5OTc1ZDgzYTY1YTkyYzZlMzkxY2RkYmEzMTM4Y2EzOWVlYWE1NzRhMzM1OTYzNWNkNDAwOWNkYTM2Mzg1In0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://santander-mio-uat.dbhosting.co.uk:; connect-src 'self' ws://santander-mio-uat.dbhosting.co.uk: http://santander-mio-uat.dbhosting.co.uk:; img-src data:; style-src 'self' 'unsafe-inline' https://stackpath.bootstrapcdn.com http://fonts.googleapis.com; font-src 'self' https://stackpath.bootstrapcdn.com https://fonts.gstatic.com data:; frame-src 'self' https://player.vimeo.com; manifest-src 'self';
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
santander-mentoring-uat.dbhosting.co.uk
santander-mio-uat.dbhosting.co.uk
134.213.49.129
2a00:1450:4001:817::200a
2a00:1450:4001:825::2003
2a00:1a48:7807:102:be76:4eff:fe08:c71
2230fb51b65299f1b9aa185a09239701015c9b85875a6ac10cbdf71bf6915249
2277f452111885b4f158f0f95c60fa8e4833d745529ebf89cd1e296918af5d7f
3eabda9d783cc7f74d4d0bc44585c951fef34c5035524ac2f34976d9a29aa211
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
94ab1c221ea1301f65adc65244da5b1d01cc89adb8c52bf7eb401f5ad7d73885
a3fbabf7e2f777596518abd4be94a8f14767c76652ba8be79f39969bb01f2466
add4a77a5c5bc7bd903d1f1ad6aaf5da5c6f11c05874649055c5531251766bf1
e1a7ba652bce34de319f09eec2eaaf0c2f1b75aacb2d5bda4e12cd3cbd029271
e270fc6a6d64ec8cce6d98bde3e6ab3c0c1d8b118f4f6644e255dd34c88286b2

santander-mio-uat.dbhosting.co.uk Open in urlscan Pro 2a00:1a48:7807:102:be76:4eff:fe08:c71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

497 kBTransfer

2619 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

santander-mio-uat.dbhosting.co.uk Open in urlscan Pro
2a00:1a48:7807:102:be76:4eff:fe08:c71 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

497 kB
Transfer

2619 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions