urlscan.io logo urlscan.io
SecurityTrails logo

sofortzahlen.santanderconsumer.at Open in urlscan Pro
184.30.217.73  Public Scan

Go To Rescan Add Verdict Report
URL: https://sofortzahlen.santanderconsumer.at/
Submission: On November 27 via manual from ES — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 184.30.217.73, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is sofortzahlen.santanderconsumer.at.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 21st 2023. Valid for: 5 months.
This is the only time sofortzahlen.santanderconsumer.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 184.30.217.73 16625 (AKAMAI-AS)
4 142.250.186.164 15169 (GOOGLE)
6 142.250.185.195 15169 (GOOGLE)
1 172.217.18.3 15169 (GOOGLE)
30 5
Apex Domain
Subdomains		 Transfer
19 santanderconsumer.at
sofortzahlen.santanderconsumer.at
200 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
629 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
38 KB
30 3
Domain Requested by
19 sofortzahlen.santanderconsumer.at sofortzahlen.santanderconsumer.at
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com sofortzahlen.santanderconsumer.at
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
30 4

This site contains links to these domains. Also see Links.

Domain
www.sofort.com
www.universalpay.es
www.evopayments.eu
Subject Issuer Validity Valid
www.santanderconsumer.at
DigiCert SHA2 Extended Validation Server CA		 2023-07-21 -
2023-12-23		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sofortzahlen.santanderconsumer.at/
Frame ID: 1E1AF4F699DD19999E480D1A4A4F1C20
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Frame ID: 9FD9C384E384FFC70528D3F9D667D3A1
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se
Frame ID: 72DB110C2E12165CFA03616AC6D5FD6A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Santander Consumer Bank Österreich

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

867 kB
Transfer

2220 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sofortzahlen.santanderconsumer.at/ 		146 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
019102c3c6f6a49767f964e8afbf51b456859087df300de1c02b5d4c79fad335
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block : 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-language
de
content-security-policy
frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
content-type
text/html;charset=ISO-8859-1
date
Mon, 27 Nov 2023 12:21:54 GMT
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
server
Apache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-security-policy
frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block : 1;mode=block
popper.min2.js
sofortzahlen.santanderconsumer.at/resources/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/js/popper.min2.js?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:28 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=82244
accept-ranges
bytes
content-length
7510
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
util.min.js
sofortzahlen.santanderconsumer.at/resources/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/js/util.min.js?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bfbae86331f4d35f047ed950197a0fc02c3c44d7f22207acef0ff2dcd634c386
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:32 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=82256
accept-ranges
bytes
content-length
30904
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
bootstrap.min.js
sofortzahlen.santanderconsumer.at/resources/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/js/bootstrap.min.js?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9d97e6f07cea0614b8b483f2ae34478228d29fb331009eca6fa7fd6abb9d91e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Wed, 15 Nov 2023 07:21:50 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=82159
accept-ranges
bytes
content-length
14774
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
ga.js
sofortzahlen.santanderconsumer.at/resources/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/js/ga.js?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d7ba726dad43d715dcb2dcc239a1e58fdbfdc4f02a048761bd8b14365de384e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Wed, 15 Nov 2023 07:21:50 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=82163
accept-ranges
bytes
content-length
2714
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
datepicker.js
sofortzahlen.santanderconsumer.at/resources/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/js/datepicker.js?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84da6f57797ee4875c266e68d5246d68030023248629f549d1a4a3173af9f6b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Wed, 15 Nov 2023 07:21:50 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=82172
accept-ranges
bytes
content-length
677
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
estilos2.css
sofortzahlen.santanderconsumer.at/resources/css/ 		470 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/css/estilos2.css?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e29b342a4ffd07c6bd2e75a1609bea60a387f8eb53d56e9e7aab1bff5bde738e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:30 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=82306
accept-ranges
bytes
content-length
261
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
font.css
sofortzahlen.santanderconsumer.at/resources/styles/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/styles/font.css?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea3ab8f47f2aae4f931408daf4e39238d85a0a84a4c85fce3845a23c6add667e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Wed, 15 Nov 2023 07:21:50 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=82273
accept-ranges
bytes
content-length
375
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
main.css
sofortzahlen.santanderconsumer.at/resources/styles/ 		179 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/styles/main.css?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9744e68fce0f9fa120c29eee63b021ff46b937fad558b494aeb5d7703f71401b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:32 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=82159
accept-ranges
bytes
content-length
18711
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
style.css
sofortzahlen.santanderconsumer.at/resources/icons/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/icons/style.css?ver=5.4
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b038b4eb7865c413188f1e4d08d905a842307ad42fafce25825e62aad32a0b8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Wed, 15 Nov 2023 07:21:50 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=82256
accept-ranges
bytes
content-length
579
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=de
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
eb7bf02db906592731efaa8338874fde0ebd1135d5ae5307aca6b451871d0e73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 27 Nov 2023 12:21:54 GMT
KINEOX_logo_web_blanco.png
sofortzahlen.santanderconsumer.at/resources/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofortzahlen.santanderconsumer.at/resources/images/KINEOX_logo_web_blanco.png
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cca96e311d994c2346ef76bf81ebf118a7e1d1c9e44f0c46a1ec36a9e6256f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:30 GMT
server
Apache
x-frame-options
DENY
content-type
image/png
cache-control
private, max-age=82312
accept-ranges
bytes
content-length
5818
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
pagoseguro.svg
sofortzahlen.santanderconsumer.at/resources/images/white/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofortzahlen.santanderconsumer.at/resources/images/white/pagoseguro.svg
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfdb4f170947b831598274e09b76083babca6f5f6c66cc50bb5daef704301f90
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:32 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=82192
accept-ranges
bytes
content-length
2220
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
pci.svg
sofortzahlen.santanderconsumer.at/resources/images/white/ 		9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofortzahlen.santanderconsumer.at/resources/images/white/pci.svg
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3dca3b9b6a1cb3ff3c2cec6f220e1dbed674c5cff23de86f8c52932b00c67799
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:28 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=82222
accept-ranges
bytes
content-length
3807
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
mastercard.svg
sofortzahlen.santanderconsumer.at/resources/images/white/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofortzahlen.santanderconsumer.at/resources/images/white/mastercard.svg
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2175da4b55b67cec00ddb1c055a55acadf40d95f7be2472fec4620f51d04ab1f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:30 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=82288
accept-ranges
bytes
content-length
4261
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
visa.svg
sofortzahlen.santanderconsumer.at/resources/images/white/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofortzahlen.santanderconsumer.at/resources/images/white/visa.svg
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
794dcca3fd07973ebf5875fd74e537b7d78975e233959c218936ff662c6d76fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://sofortzahlen.santanderconsumer.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:32 GMT
server
Apache
content-encoding
gzip
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=82169
accept-ranges
bytes
content-length
912
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63743e397a521685e675bafa7e8bcf839d7fcbfe47c3e449ce1fa96743cd8691

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30238758bce993f638a1ab40d956d59c018f6fe158de5e01ebfa8c8bac203bc0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b1e146f48cb6b1abd0861e1a443bb0469588929afad35d758bf61579ab2f6dc

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
OpenSans-Regular.woff2
sofortzahlen.santanderconsumer.at/resources/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/fonts/OpenSans-Regular.woff2
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
132cba07505fbae9bb5ff1785d2cf3429320ada7a4705e3ea5b7b3a1f8cef73f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

Referer
https://sofortzahlen.santanderconsumer.at/
Origin
https://sofortzahlen.santanderconsumer.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:30 GMT
server
Apache
x-frame-options
DENY
content-type
font/woff2
cache-control
private, max-age=82221
accept-ranges
bytes
content-length
44532
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
icomoon.woff2
sofortzahlen.santanderconsumer.at/resources/icons/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/resources/icons/fonts/icomoon.woff2?8ycc3k
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/resources/icons/style.css?ver=5.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4e4ea9ac006447b7a9c0973941ce02627b002dcdf73460788ab72b51fcc4ad70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

Referer
https://sofortzahlen.santanderconsumer.at/resources/icons/style.css?ver=5.4
Origin
https://sofortzahlen.santanderconsumer.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
last-modified
Tue, 04 Jul 2023 08:02:32 GMT
server
Apache
x-frame-options
DENY
content-type
font/woff2
cache-control
private, max-age=82204
accept-ranges
bytes
content-length
2592
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de 'unsafe-inline' 'unsafe-eval' data:
getCookie
sofortzahlen.santanderconsumer.at/scfat/ 		4 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/scfat/getCookie
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/resources/js/util.min.js?ver=5.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

Accept
*/*
Referer
https://sofortzahlen.santanderconsumer.at/
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
255abf54-6a90-4c3d-ad5c-f39334be2263
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires
0
pragma
no-cache
content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
server
Apache
x-frame-options
DENY
content-type
text/plain;charset=ISO-8859-1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
4
x-xss-protection
1; mode=block, : 1;mode=block
x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
getCookie
sofortzahlen.santanderconsumer.at/scfat/ 		4 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sofortzahlen.santanderconsumer.at/scfat/getCookie
Requested by
Host: sofortzahlen.santanderconsumer.at
URL: https://sofortzahlen.santanderconsumer.at/resources/js/util.min.js?ver=5.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.217.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block, : 1;mode=block

Request headers

Accept
*/*
Referer
https://sofortzahlen.santanderconsumer.at/
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
255abf54-6a90-4c3d-ad5c-f39334be2263
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
pragma
no-cache
content-security-policy
frame-ancestors 'self';, default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 12:21:54 GMT
server
Apache
x-frame-options
DENY
content-type
text/plain;charset=ISO-8859-1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
4
x-xss-protection
1; mode=block, : 1;mode=block
expires
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sofortzahlen.santanderconsumer.at/
Origin
https://sofortzahlen.santanderconsumer.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 09:29:48 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9FD9 		61 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
dcdfbcf1996208b60ad7771be4671acfcfbb34d2778c9779eb028f493ef41aa0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZZLoT3cX3A2uYRe5Fj_Tmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sofortzahlen.santanderconsumer.at/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZZLoT3cX3A2uYRe5Fj_Tmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:21:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 9FD9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 03:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 03:22:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 9FD9 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 09:29:48 GMT
truncated
/ Frame 9FD9 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9FD9 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9FD9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:32:18 GMT
x-content-type-options
nosniff
age
172177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 02 Dec 2023 12:32:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9FD9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
206632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 02:58:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9FD9 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se&co=aHR0cHM6Ly9zb2ZvcnR6YWhsZW4uc2FudGFuZGVyY29uc3VtZXIuYXQ6NDQz&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=q2z5l3lx8jc4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 27 Nov 2023 12:21:55 GMT
bframe
www.google.com/recaptcha/api2/ Frame 72DB 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
b8b09aa04daa7562629e8568e4b21c4a701049916a22b74b5d075bb7ba93ea7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CvO_tVo1ph9mYXGKHgK-9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sofortzahlen.santanderconsumer.at/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CvO_tVo1ph9mYXGKHgK-9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:21:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 72DB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 03:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 03:22:49 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 72DB 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lda45waAAAAAHHLSJoIenzSZfNWZ7Kp8mxiH-se
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 09:29:48 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| Popper function| $ function| jQuery object| bootstrap string| cf string| ca function| acceptCookiesBanner function| acceptCookiesBannerAudited function| auditEvent function| setCookieServer function| isNewCookieServer function| getCookieServer function| isActiveCookieCFServer function| isActiveCookieCAServer function| removeCookieServer function| showMenu function| openModalCookie function| openModalCookieAudited function| acceptCookies function| acceptCookiesAudited function| showPleaseWait function| hidePleaseWait function| changeRetorno function| changeLanguage string| waitContent object| waitingDialog function| preBoton function| postBoton function| showConfirmation function| showError function| showWarning function| initExternalScript1 function| executeExternalScript1 object| MvcUtil function| getDatePickerLimit function| getDatePicker function| getDatePickerByClassName function| show_msg function| changePopUp function| cookieVolver string| lastResponse function| prePago function| acepta function| lee function| noacepta string| error string| info function| enviarInformacion function| position function| openAndAccept string| retorno function| myFunction function| openModalAjax function| rediTo object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_836511

1 Cookies

Domain/Path Name / Value
sofortzahlen.santanderconsumer.at/ Name: JSESSIONID
Value: 26D112910FD80B3C8333B6F970EC24BF.jvm1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com *.bankid.no 'unsafe-inline' 'unsafe-eval' data:
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Security-Policy frame-ancestors 'self'; default-src 'self' *.kineox.com *.pagofacil.de imspagofacil.es *.imspagofacil.es imsolutionspci.es *.imsolutionspci.es *.google.com *.googleapis.com *.gstatic.com wss://*.hotjar.com *.hotjar.com *.hotjar.io *.surveymonkey.com *.googletagmanager.com *.google-analytics.com *.usercentrics.eu *.santander.de *.signicat.com 'unsafe-inline' 'unsafe-eval' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block : 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
sofortzahlen.santanderconsumer.at
www.google.com
www.gstatic.com
142.250.185.195
142.250.186.164
172.217.18.3
184.30.217.73
019102c3c6f6a49767f964e8afbf51b456859087df300de1c02b5d4c79fad335
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
11cca96e311d994c2346ef76bf81ebf118a7e1d1c9e44f0c46a1ec36a9e6256f
132cba07505fbae9bb5ff1785d2cf3429320ada7a4705e3ea5b7b3a1f8cef73f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2175da4b55b67cec00ddb1c055a55acadf40d95f7be2472fec4620f51d04ab1f
30238758bce993f638a1ab40d956d59c018f6fe158de5e01ebfa8c8bac203bc0
3dca3b9b6a1cb3ff3c2cec6f220e1dbed674c5cff23de86f8c52932b00c67799
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b1e146f48cb6b1abd0861e1a443bb0469588929afad35d758bf61579ab2f6dc
4e4ea9ac006447b7a9c0973941ce02627b002dcdf73460788ab72b51fcc4ad70
63743e397a521685e675bafa7e8bcf839d7fcbfe47c3e449ce1fa96743cd8691
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
794dcca3fd07973ebf5875fd74e537b7d78975e233959c218936ff662c6d76fc
84da6f57797ee4875c266e68d5246d68030023248629f549d1a4a3173af9f6b3
9744e68fce0f9fa120c29eee63b021ff46b937fad558b494aeb5d7703f71401b
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
9d7ba726dad43d715dcb2dcc239a1e58fdbfdc4f02a048761bd8b14365de384e
b038b4eb7865c413188f1e4d08d905a842307ad42fafce25825e62aad32a0b8a
b8b09aa04daa7562629e8568e4b21c4a701049916a22b74b5d075bb7ba93ea7f
bfbae86331f4d35f047ed950197a0fc02c3c44d7f22207acef0ff2dcd634c386
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cfdb4f170947b831598274e09b76083babca6f5f6c66cc50bb5daef704301f90
d9d97e6f07cea0614b8b483f2ae34478228d29fb331009eca6fa7fd6abb9d91e
dcdfbcf1996208b60ad7771be4671acfcfbb34d2778c9779eb028f493ef41aa0
e29b342a4ffd07c6bd2e75a1609bea60a387f8eb53d56e9e7aab1bff5bde738e
ea3ab8f47f2aae4f931408daf4e39238d85a0a84a4c85fce3845a23c6add667e
eb7bf02db906592731efaa8338874fde0ebd1135d5ae5307aca6b451871d0e73
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540