www.santander.de Open in urlscan Pro
23.42.17.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://schuettorf-online.de/meine.santander.de/7d123f0f95048c9/login.php
Effective URL:
https://www.santander.de/privatkunden/
Submission: On June 11 via automatic, source phishtank (June 11th 2020, 11:30:43 am UTC)

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 28 HTTP transactions. The main IP is 23.42.17.202, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.santander.de.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 25th 2020. Valid for: a year.

This is the only time www.santander.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.245.99.137 185.245.99.137	31400 (ACCELERAT...) (ACCELERATED-IT)
1 23	23.42.17.202 23.42.17.202	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
2	35.241.3.184 35.241.3.184	15169 (GOOGLE) (GOOGLE)
28	3

1 185.245.99.137 (Germany) 1 redirects

ASN31400 (ACCELERATED-IT, DE)
PTR: sv-l-028.fra.wp-projects.net

schuettorf-online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.42.17.202 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-17-202.deploy.static.akamaitechnologies.com

www.santander.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.14.188 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.3.184 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	santander.de 1 redirects www.santander.de	1 MB
6	usercentrics.eu app.usercentrics.eu api.usercentrics.eu	242 KB
1	schuettorf-online.de 1 redirects schuettorf-online.de	249 B
28	3

	Domain	Requested by
23	www.santander.de	1 redirects www.santander.de
4	app.usercentrics.eu	www.santander.de app.usercentrics.eu
2	api.usercentrics.eu	app.usercentrics.eu
1	schuettorf-online.de	1 redirects
28	4

This site contains links to these domains. Also see Links.

Domain
service.santander.de
carcredit-santander.de
www.santander-karriere.de
www.drk.de
meine.santander.de
embed.presseportal.de

Subject Issuer	Validity	Valid
www.santander.de Entrust Certification Authority - L1M	`2020-03-25` - `2021-03-18`	a year	crt.sh
app.usercentrics.eu GTS CA 1D2	`2020-05-30` - `2020-08-28`	3 months	crt.sh
api.usercentrics.eu GTS CA 1D2	`2020-05-30` - `2020-08-28`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.santander.de/privatkunden/
Frame ID: A13C7B8A15997E3C4DC90FD001EB0507
Requests: 27 HTTP requests in this frame

Frame: https://app.usercentrics.eu/latest/cdcs-iframe-index.html
Frame ID: 28FE8DE2DA1CEAC1013675A427FFCF74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://schuettorf-online.de/meine.santander.de/7d123f0f95048c9/login.php HTTP 302
https://www.santander.de/ HTTP 301
https://www.santander.de/privatkunden/ Page URL

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

1315 kB
Transfer

3309 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://service.santander.de/special/vorsorge-vermoegen/produkt/bu?sanc=
Title: Einkommen

Search URL Search Domain Scan URL

URL: https://carcredit-santander.de/?medium=Santander
Title: Fahrzeugfinanzieren

Search URL Search Domain Scan URL

URL: https://www.santander-karriere.de/de/beruns/karriere/stellenangebote_1/stellenangebote.html
Title: Zu den Stellenangeboten

Search URL Search Domain Scan URL

URL: https://www.drk.de/santander
Title: Jetzt mitmachen

Search URL Search Domain Scan URL

URL: https://meine.santander.de/olb
Title: Login Online Banking

Search URL Search Domain Scan URL

URL: https://embed.presseportal.de/de/63354
Title: Presse

Search URL Search Domain Scan URL

URL: https://www.santander-karriere.de/
Title: Karriere

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://schuettorf-online.de/meine.santander.de/7d123f0f95048c9/login.php HTTP 302
https://www.santander.de/ HTTP 301
https://www.santander.de/privatkunden/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.santander.de/privatkunden/
Redirect Chain

https://schuettorf-online.de/meine.santander.de/7d123f0f95048c9/login.php
https://www.santander.de/
https://www.santander.de/privatkunden/

131 KB
16 KB

40ms
40ms

Document
text/html

23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c95b1c392beeb2e495720fb1222cb9404461d0d0d574b813b60f617f2ed3eb00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de .usercentrics.eu .presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.santander.de
:scheme: https
:path: /privatkunden/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
last-modified: Wed, 10 Jun 2020 15:59:27 GMT
etag: "20a18-5a7bcedb3bb76"
server: Apache
x-frame-options: SAMEORIGIN
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
accept-ranges: bytes
content-encoding: gzip
content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu *.presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
content-length: 15541
content-type: text/html; charset=UTF-8
cache-control: max-age=22
expires: Thu, 11 Jun 2020 11:30:42 GMT
date: Thu, 11 Jun 2020 11:30:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains

Redirect headers

status: 301
server: AkamaiGHost
content-length: 0
location: https://www.santander.de/privatkunden/
cache-control: max-age=0
expires: Thu, 11 Jun 2020 11:30:20 GMT
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains

GET
H2 200 style_080620201544.css
www.santander.de/ressourcen/css/ 339 KB
49 KB 29ms
28ms Stylesheet
text/css 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/css/style_080620201544.css

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0e878e47458e3f0c5e0760d14c12126056740efdcd4bfe2ff50506eff4da3634

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de .usercentrics.eu .presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu *.presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 49370
etag: "54b6a-5a7bcedaa64d7-gzip"
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Jun 2020 15:59:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: text/css
cache-control: max-age=31465923
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
accept-ranges: bytes
expires: Thu, 10 Jun 2021 16:02:23 GMT

GET
H2 200 instantsearch.min.js Show response
www.santander.de/ressourcen/js/ 339 KB
89 KB 45ms
44ms Script
application/javascript 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/js/instantsearch.min.js

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

761fb36dd98da2ccefe90379d726ab63417ef121e4631fea190512edca73356b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 90358
etag: "54bdc-574a7c4f05b00"
last-modified: Fri, 15 May 2020 09:10:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
cache-control: max-age=2349043
accept-ranges: bytes
expires: Wed, 08 Jul 2020 16:01:03 GMT

GET
H2 200 main.js Show response
app.usercentrics.eu/latest/ 26 KB
8 KB 36ms
12ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usercentrics.eu/latest/main.js
Requested by: Host: www.santander.de
URL: https://www.santander.de/privatkunden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b502d2366a15742de1b9d1a31798d38a8d78f6a7371b5f2a5b4e5d38a133045c

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 11:58:40 GMT
content-encoding: gzip
x-goog-meta-version: 1.48.0
age: 84700
x-guploader-uploadid: AAANsUnY9cmWnbSQ2T0NL_7alk-xGRnv3QEDRx0pIeLY97REiqXsOB8NToGMsBORKbPaz5_NnAmAg69NijGJ3qXEdQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8030
last-modified: Tue, 09 Jun 2020 11:58:12 GMT
server: UploadServer
etag: "a0edac56da82e918b71f37b81b801ad1"
x-goog-hash: crc32c=aIdRYw==, md5=oO2sVtqC6Ri3Hze4G4Aa0Q==
x-goog-generation: 1591703892452205
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 8030
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Jun 2020 11:58:40 GMT

GET
H2 200 santander-logo-2018.svg
www.santander.de/ressourcen/img/svg/ 3 KB
2 KB 34ms
33ms Image
image/svg+xml 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/ressourcen/img/svg/santander-logo-2018.svg

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

93a1ff5243dd12506ee56360eb1cec0b5fcd58e08d6ac05af6dd2c06d10f0a1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 1189
etag: "ae0-574a7c4f05b00"
last-modified: Fri, 15 May 2020 09:10:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=31465839
accept-ranges: bytes
expires: Thu, 10 Jun 2021 16:00:59 GMT

GET
H2 200 libmin_1408190917.js Show response
www.santander.de/ressourcen/js/ 264 KB
77 KB 28ms
28ms Script
application/javascript 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/js/libmin_1408190917.js

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

033c0a65dff400569a076c123566ddfd99e2016689a2e2fb957a65e7a356fd49

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 77550
etag: "41eb9-5900e8e8b77c0-gzip"
last-modified: Wed, 14 Aug 2019 07:17:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
cache-control: max-age=2349084
accept-ranges: bytes
expires: Wed, 08 Jul 2020 16:01:44 GMT

GET
H2 200 jsconf_29112019.js Show response
www.santander.de/ressourcen/js/ 260 B
1 KB 29ms
28ms Script
application/javascript 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/js/jsconf_29112019.js

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6505c06f8e6583de7d81187c8122736e72f88d3c298cfb0d9eac5f814d52b4ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 193
etag: "104-598b375c58480"
last-modified: Fri, 15 May 2020 09:10:44 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
cache-control: max-age=2349073
accept-ranges: bytes
expires: Wed, 08 Jul 2020 16:01:33 GMT

GET
H2 200 custommin_080620201544.js Show response
www.santander.de/ressourcen/js/ 48 KB
12 KB 31ms
31ms Script
application/javascript 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/js/custommin_080620201544.js

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

33c54b948ff9b04817608011b5b47f244806bf5233fd703ab91dc329fdce8bad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de .usercentrics.eu .presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu *.presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 11181
etag: "bef4-5a7bceda7828f-gzip"
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Jun 2020 15:59:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/javascript
cache-control: max-age=2349085
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
accept-ranges: bytes
expires: Wed, 08 Jul 2020 16:01:45 GMT

GET
H2 200 bundle.js Show response
app.usercentrics.eu/latest/ 1 MB
217 KB 12ms
12ms Script
application/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usercentrics.eu/latest/bundle.js
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88378a91415b102c1cbfb6df43016025916d7218dcdcde6527eb59560dc2d770

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 11:59:32 GMT
content-encoding: gzip
x-goog-meta-version: 1.48.0
age: 84648
x-guploader-uploadid: AAANsUko6TsV9UVRMrr4efhRGSrmXhBybAWTvEqZ9kE_s99nGAz_HXHTMa8eJqz3u28DNzuXOB6qpULMCxmYAe9NeIWHYNLH9A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 221749
last-modified: Tue, 09 Jun 2020 11:58:12 GMT
server: UploadServer
etag: "b1dfb5af8a1a8b807ba1a6606c372f17"
x-goog-hash: crc32c=9aUQww==, md5=sd+1r4oai4B7oaZgbDcvFw==
x-goog-generation: 1591703892453584
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400, no-transform
x-goog-stored-content-length: 221749
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Jun 2020 11:59:32 GMT

GET
H2 200 santandertextw05-regular-woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 46 KB
46 KB 51ms
51ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santandertextw05-regular-woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
x-content-type-options: nosniff
last-modified: Wed, 03 Apr 2019 11:46:09 GMT
server: Apache
etag: "b630-5859eccb08240"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=17
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 46640
expires: Thu, 11 Jun 2020 11:30:37 GMT

GET
H2 200 santandertextw05-bold-woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 48 KB
49 KB 43ms
43ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santandertextw05-bold-woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Apr 2019 11:46:09 GMT
server: Apache
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
etag: "bfb0-5859eccb08240"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=9
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 49072
x-content-type-options: nosniff
expires: Thu, 11 Jun 2020 11:30:29 GMT

GET
H2 200 santandermicrotextw05-rg_woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 35 KB
36 KB 37ms
36ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santandermicrotextw05-rg_woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8bd090480a7497b1cf0690275c147ae2184878d3ff5d48bbb31ae56ee217c649

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Jun 2020 07:32:00 GMT
server: Apache
etag: "8af0-5a73d23dbbc00"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=18
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 35568
x-content-type-options: nosniff
expires: Thu, 11 Jun 2020 11:30:38 GMT

GET
H2 200 santanderheadlinew05-rg-woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 46 KB
47 KB 38ms
37ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santanderheadlinew05-rg-woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

535c47209ecf005f74929ba3bd50b107a702bead1f165b856e002165a1a56ba8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
x-content-type-options: nosniff
last-modified: Fri, 15 May 2020 09:10:44 GMT
server: Apache
etag: "b6c4-5859eccb08240"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=13
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 46788
expires: Thu, 11 Jun 2020 11:30:33 GMT

GET
H2 200 santandertextw05-light-woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 46 KB
47 KB 40ms
39ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santandertextw05-light-woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

16b5c32c7afeb111e1100bb06ec82336b03c770678121695336b1a394adf1d9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Apr 2019 11:46:09 GMT
server: Apache
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
etag: "b884-5859eccb08240"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=24
date: Thu, 11 Jun 2020 11:30:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 47236
x-content-type-options: nosniff
expires: Thu, 11 Jun 2020 11:30:44 GMT

GET
H2 200 svg-sprite_291120191302.svg Show response
www.santander.de/ressourcen/img/svg/ 96 KB
36 KB 29ms
29ms XHR
image/svg+xml 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/img/svg/svg-sprite_291120191302.svg

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

050ab8d0c020c347902fda911484a2112d53ae219de7b9d832af602bf2a2e22c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.santander.de/privatkunden/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 35792
etag: "17fbd-5a78e3df1ba80-gzip"
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jun 2020 08:17:30 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=31465855
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
accept-ranges: bytes
expires: Thu, 10 Jun 2021 16:01:16 GMT

GET
H2 200 santandertextw05-italic-woff2.woff2
www.santander.de/ressourcen/fonts/santander-web-font/ 47 KB
48 KB 30ms
30ms Font
text/plain 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.santander.de/ressourcen/fonts/santander-web-font/santandertextw05-italic-woff2.woff2

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a54352e44d3702268e5d708adcdd2b87dc763d257a962cb8ce0c68b94b184c83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/ressourcen/css/style_080620201544.css
Origin: https://www.santander.de

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Apr 2019 11:46:09 GMT
server: Apache
etag: "ba48-5859eccb08240"
x-frame-options: SAMEORIGIN
status: 200
cache-control: max-age=15
date: Thu, 11 Jun 2020 11:30:21 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 47688
x-content-type-options: nosniff
expires: Thu, 11 Jun 2020 11:30:36 GMT

GET
H2 200 kreditkarten_605x193.png
www.santander.de/content/images/cards/ 86 KB
85 KB 28ms
27ms Image
image/png 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/cards/kreditkarten_605x193.png

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1bbf4276b165bc5633a97e925596839e9318c9b55accd0de70fb09ab09e409ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "15969-59944cb593400"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 86101
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 12:35:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=534678
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:01:39 GMT

GET
H2 200 visual_karriere_605x193.jpg
www.santander.de/content/images/visual/privatkunden/ 21 KB
22 KB 32ms
32ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual_karriere_605x193.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

32c2679c969b5e5851383b46543a8176074f356c9cdb57dbf7cc32a29f613472

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "53c4-57f1d7f4bb380"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 21290
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 12:35:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=534736
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:02:37 GMT

GET
H2 200 visual-corona-virus-info_605x193.jpg
www.santander.de/content/images/visual/privatkunden/ 21 KB
22 KB 37ms
36ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual-corona-virus-info_605x193.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

543d9db3f358bc6730ab60b1631202354932c4dfe11152f2712f8aad28fa8be6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "53f2-5a687629ff840"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 21350
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 12:35:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=534710
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:02:11 GMT

GET
H2 200 visual_drk_605x193.jpg
www.santander.de/content/images/visual/privatkunden/ 18 KB
17 KB 39ms
39ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual_drk_605x193.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/privatkunden/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

388fb7427c986801d2d1d69b884b96a92c5252e9392a7bf4b526b48aaf6b4abc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "46bf-5a37a6138c000-gzip"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 16471
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Apr 2020 10:54:56 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=534669
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:01:30 GMT

GET
H2 200 teaser_carcredit_neu_1140x253.jpg
www.santander.de/content/images/visual/mobility/ 71 KB
72 KB 39ms
39ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/mobility/teaser_carcredit_neu_1140x253.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b56f8afed1e6a575ea53e859454d23fd25789dee36b7fd9c8ea7e8296e67f5ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "11bbf-576366330b000"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 72518
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 12:35:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=342217
accept-ranges: bytes
x-content-type-options: nosniff
expires: Mon, 15 Jun 2020 10:33:58 GMT

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/P0gsJN6Qy/latest/ 21 KB
8 KB 53ms
29ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usercentrics.eu/settings/P0gsJN6Qy/latest/de.json
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.184 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 184.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 804c3a09a824720136acb7eb84e492881d5ef901d6cf70e440f46428064000ff

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 11:30:15 GMT
content-encoding: gzip
age: 6
x-guploader-uploadid: AAANsUmQdWlqzV2fQlg5hpgV9DnzQ4wopxYvRxgqlFRCKD_oaKT1GBrRQZ9DSWe_LgEjseYHTtI46I06CQo0ehmsq61x5ThGOw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7186
last-modified: Wed, 10 Jun 2020 13:47:11 GMT
server: UploadServer
etag: "90b6e1fd7fd66d4e018002b391900865"
x-goog-hash: crc32c=vcvfNQ==, md5=kLbh/X/WbU4BgAKzkZAIZQ==
x-goog-generation: 1591796831636001
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length: 7186
accept-ranges: bytes
content-type: application/json
expires: Thu, 11 Jun 2020 11:30:25 GMT

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
837 B 12ms
12ms Image
image/png 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.usercentrics.eu/session/1px.png?settingsId=P0gsJN6Qy
Requested by: Host: www.santander.de
URL: https://www.santander.de/privatkunden/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 11:14:11 GMT
content-encoding: gzip
age: 970
x-guploader-uploadid: AAANsUlrNnczKcLjSus_WuutS0vXWQkF1RasesaXVlpqdpRejmAGMgnpK1OlZLaYUsFWhRac6KfAi8gdgsnPR8RQyg
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation: 1588928773413784
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
content-type: image/png
expires: Thu, 11 Jun 2020 11:44:11 GMT

GET
H2 200 visual_santanderkobmbi_2020_1920x400.jpg
www.santander.de/content/images/visual/privatkunden/ 125 KB
127 KB 32ms
32ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual_santanderkobmbi_2020_1920x400.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

07f7f6319384caaf343acf4c2e17d3494d9380d214d3dd52adc7b017652f0f51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 128173
etag: "1f584-59b2245df2ac0"
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jun 2020 15:20:25 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=534685
feature-policy: display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
accept-ranges: bytes
expires: Wed, 17 Jun 2020 16:01:46 GMT

GET
H2 200 visual_bestcredit_april_1920x400.jpg
www.santander.de/content/images/visual/privatkunden/ 52 KB
50 KB 29ms
29ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual_bestcredit_april_1920x400.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4e14d5c1a56c389d323d44fd482613eea44dbc9b94950ffc75d45c6ad01eb664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "cea5-5a7185e051b80"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 50474
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Jun 2020 12:35:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=534719
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:02:20 GMT

GET
H2 200 visual_bestgiro_april_1920x400.jpg
www.santander.de/content/images/visual/privatkunden/ 122 KB
123 KB 36ms
36ms Image
image/jpeg 23.42.17.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.santander.de/content/images/visual/privatkunden/visual_bestgiro_april_1920x400.jpg

Requested by

Host: www.santander.de
URL: https://www.santander.de/ressourcen/js/libmin_1408190917.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.42.17.202 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-42-17-202.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0ea7bd8b4adef1414325863403ca9aacddce3819445f0c81f717bb67bcc37275

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.re-drive.de *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *; img-src 'self' data: *; font-src 'self' *; connect-src *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de; frame-src *.youtube.com santander.de *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
content-encoding: gzip
etag: "1e924-5a234d55a0940"
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 125034
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jun 2020 07:52:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Thu, 11 Jun 2020 11:30:21 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=534636
accept-ranges: bytes
x-content-type-options: nosniff
expires: Wed, 17 Jun 2020 16:00:57 GMT

GET
H2 200 cdcs-iframe-index.html
app.usercentrics.eu/latest/ Frame 28FE 0
0 12ms
12ms Document
text/html 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.usercentrics.eu/latest/cdcs-iframe-index.html
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.188 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.14.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: app.usercentrics.eu
:scheme: https
:path: /latest/cdcs-iframe-index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.santander.de/privatkunden/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.santander.de/privatkunden/

Response headers

status: 200
x-guploader-uploadid: AAANsUnAJ-pGbNgP76q2lH6_fKIstXsM0I2wX-vrJmwR2vs3oGJ3Opo3dPw3_tDzu8gyc-NeVaE_LFkZ0gFf0u1Pmw
date: Wed, 10 Jun 2020 11:59:56 GMT
expires: Thu, 11 Jun 2020 11:59:56 GMT
last-modified: Tue, 09 Jun 2020 11:58:12 GMT
etag: "8b81fcd8a3c1926a5df862eea5fb50e2"
x-goog-generation: 1591703892481927
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 168
x-goog-meta-version: 1.48.0
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=se5D4g== md5=i4H82KPBkmpd+GLupftQ4g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 168
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=86400, no-transform
age: 84625
alt-svc: clear

GET
H2 200 99c4551100c1817e2772e02e69e128bc8f29d09aeedaf04c842f644f90b77f3b.json Show response
api.usercentrics.eu/consent-templates/ 33 KB
8 KB 13ms
13ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.usercentrics.eu/consent-templates/99c4551100c1817e2772e02e69e128bc8f29d09aeedaf04c842f644f90b77f3b.json
Requested by: Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/latest/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.184 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 184.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ad112f5b79f2719058c0d1559e864b2d8b0d28e36dffd3b6c964a03a39c93424

Request headers

Referer: https://www.santander.de/privatkunden/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 08:09:37 GMT
content-encoding: gzip
age: 12044
x-guploader-uploadid: AAANsUniMa0FB8o4-HZ23-yOSyzXi2EIaG-VYpQYWNyJRiH0V4UPZZS49rzMSw-PuklobK-QCPNjQkSD0-9Gl-MRvDk
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8006
last-modified: Wed, 03 Jun 2020 12:23:41 GMT
server: UploadServer
etag: "d4b1ff61a1ab63c2d8ff04680449e868"
x-goog-hash: crc32c=WT7W4A==, md5=1LH/YaGrY8LY/wRoBEnoaA==
x-goog-generation: 1591187021277050
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, no-transform
x-goog-stored-content-length: 8006
accept-ranges: bytes
content-type: application/json
expires: Thu, 18 Jun 2020 08:09:37 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .santander.de .kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' .re-drive.de .kernpunkt.de .googletagmanager.com .google-analytics.com .vwd-webtech.com .doubleclick.net .akamaihd.net .googleadservices.com .wtp101.com .google.com .santanderbank.de .usercentrics.eu data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' .vwd-webtech.com .santanderbank.de ; img-src 'self' data: ; font-src 'self' ; connect-src .google-analytics.com .kernpunkt.de .algolia.net .kernarea.de .best-credit.de .usercentrics.eu .santander.de; frame-src .youtube.com santander.de .santander.de .youtube-nocookie.com .baufi-lead.de .usercentrics.eu .presseportal.de; sandbox allow-forms allow-modals allow-popups allow-same-origin allow-scripts allow-top-navigation allow-presentation;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
schuettorf-online.de
www.santander.de
185.245.99.137
23.42.17.202
35.190.14.188
35.241.3.184
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
033c0a65dff400569a076c123566ddfd99e2016689a2e2fb957a65e7a356fd49
050ab8d0c020c347902fda911484a2112d53ae219de7b9d832af602bf2a2e22c
07f7f6319384caaf343acf4c2e17d3494d9380d214d3dd52adc7b017652f0f51
0e878e47458e3f0c5e0760d14c12126056740efdcd4bfe2ff50506eff4da3634
0ea7bd8b4adef1414325863403ca9aacddce3819445f0c81f717bb67bcc37275
16b5c32c7afeb111e1100bb06ec82336b03c770678121695336b1a394adf1d9e
1bbf4276b165bc5633a97e925596839e9318c9b55accd0de70fb09ab09e409ed
32c2679c969b5e5851383b46543a8176074f356c9cdb57dbf7cc32a29f613472
33c54b948ff9b04817608011b5b47f244806bf5233fd703ab91dc329fdce8bad
388fb7427c986801d2d1d69b884b96a92c5252e9392a7bf4b526b48aaf6b4abc
4e14d5c1a56c389d323d44fd482613eea44dbc9b94950ffc75d45c6ad01eb664
535c47209ecf005f74929ba3bd50b107a702bead1f165b856e002165a1a56ba8
543d9db3f358bc6730ab60b1631202354932c4dfe11152f2712f8aad28fa8be6
6505c06f8e6583de7d81187c8122736e72f88d3c298cfb0d9eac5f814d52b4ca
761fb36dd98da2ccefe90379d726ab63417ef121e4631fea190512edca73356b
804c3a09a824720136acb7eb84e492881d5ef901d6cf70e440f46428064000ff
88378a91415b102c1cbfb6df43016025916d7218dcdcde6527eb59560dc2d770
8bd090480a7497b1cf0690275c147ae2184878d3ff5d48bbb31ae56ee217c649
93a1ff5243dd12506ee56360eb1cec0b5fcd58e08d6ac05af6dd2c06d10f0a1f
a54352e44d3702268e5d708adcdd2b87dc763d257a962cb8ce0c68b94b184c83
ad112f5b79f2719058c0d1559e864b2d8b0d28e36dffd3b6c964a03a39c93424
b502d2366a15742de1b9d1a31798d38a8d78f6a7371b5f2a5b4e5d38a133045c
b56f8afed1e6a575ea53e859454d23fd25789dee36b7fd9c8ea7e8296e67f5ce
c95b1c392beeb2e495720fb1222cb9404461d0d0d574b813b60f617f2ed3eb00
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29

www.santander.de Open in urlscan Pro 23.42.17.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

4 Countries

1315 kBTransfer

3309 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

www.santander.de Open in urlscan Pro
23.42.17.202 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

1315 kB
Transfer

3309 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions