urlscan.io logo urlscan.io
SecurityTrails logo

meine.santander.de Open in urlscan Pro
2a02:e981:2c::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://identity.santander.de/
Effective URL: https://meine.santander.de/login/
Submission: On March 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2a02:e981:2c::45, located in United States and belongs to INCAPSULA, US. The main domain is meine.santander.de. The Cisco Umbrella rank of the primary domain is 790972.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 28th 2021. Valid for: a year.
This is the only time meine.santander.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.60.197.69 19551 (INCAPSULA)
4 14 2a02:e981:2c::45 19551 (INCAPSULA)
1 1 193.127.226.40 2134 (GSVNET-AS...)
3 2600:1901:0:5... 15169 (GOOGLE)
10 2600:1901:0:c... 15169 (GOOGLE)
2 2600:1901:0:2... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 104.111.235.67 16625 (AKAMAI-AS)
28 6
1    45.60.197.69 (United States)

ASN19551 (INCAPSULA, US)
identity.santander.de
14    2a02:e981:2c::45 (United States)

ASN19551 (INCAPSULA, US)
meine.santander.de
1    193.127.226.40 (Spain)

ASN2134 (GSVNET-AS GS Virtual Network Produban, ES)
api.santander.de
3    2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
app.usercentrics.eu
10    2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.usercentrics.eu
2    2600:1901:0:256b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aggregator.service.usercentrics.eu
2    2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
graphql.usercentrics.eu
1    104.111.235.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-235-67.deploy.static.akamaitechnologies.com
www.santander.de
Apex Domain
Subdomains		 Transfer
17 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 13112
api.usercentrics.eu — Cisco Umbrella Rank: 12984
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 16512
graphql.usercentrics.eu — Cisco Umbrella Rank: 14934
234 KB
17 santander.de
identity.santander.de
meine.santander.de — Cisco Umbrella Rank: 790972
api.santander.de — Cisco Umbrella Rank: 926613
www.santander.de — Cisco Umbrella Rank: 290747
422 KB
28 2
Domain Requested by
14 meine.santander.de 4 redirects meine.santander.de
10 api.usercentrics.eu app.usercentrics.eu
3 app.usercentrics.eu meine.santander.de
app.usercentrics.eu
2 graphql.usercentrics.eu app.usercentrics.eu
2 aggregator.service.usercentrics.eu app.usercentrics.eu
1 www.santander.de
1 api.santander.de 1 redirects
1 identity.santander.de 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
www.santander.de
Subject Issuer Validity Valid
meine.santander.de
Entrust Certification Authority - L1K		 2021-04-28 -
2022-05-27		 a year crt.sh
app.usercentrics.eu
GTS CA 1D4		 2022-02-21 -
2022-05-22		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D4		 2022-02-21 -
2022-05-22		 3 months crt.sh
aggregator.service.usercentrics.eu
GTS CA 1D4		 2022-02-12 -
2022-05-13		 3 months crt.sh
graphql.usercentrics.eu
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
www.santander.de
Entrust Certification Authority - L1M		 2021-02-22 -
2022-03-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://meine.santander.de/login/
Frame ID: F64C6CFE567656133EB10C8D094CA818
Requests: 20 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/3.3.1/cross-domain-bridge.html
Frame ID: 53231D8C4D305D9551B8F068057D1D98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Santander Login

Page URL History Show full URLs

  1. https://identity.santander.de/ HTTP 301
    https://meine.santander.de/olb HTTP 301
    https://meine.santander.de/olb/ HTTP 301
    https://meine.santander.de/olb/login?token= HTTP 303
    https://api.santander.de/scb-internet/client-external/oauthsos/password/authorize?response_type=code&... HTTP 302
    https://meine.santander.de/login/?errorCode=50900071 HTTP 301
    http://meine.santander.de/login/ HTTP 307
    https://meine.santander.de/login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

28
Requests

100 %
HTTPS

63 %
IPv6

2
Domains

8
Subdomains

6
IPs

3
Countries

652 kB
Transfer

1844 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://identity.santander.de/ HTTP 301
    https://meine.santander.de/olb HTTP 301
    https://meine.santander.de/olb/ HTTP 301
    https://meine.santander.de/olb/login?token= HTTP 303
    https://api.santander.de/scb-internet/client-external/oauthsos/password/authorize?response_type=code&client_id=b6bceffd-d472-4812-8f97-a43fac6a4064&scope=myglobalview.basicdata.read%20myglobalview.balance.read%20myprofile.read%20myglobalview.operacion.read%20myaccounts.basicdata.read%20myaccounts.balance.read%20myloans.read%20mybusinesstransactions.read%20mypayments.read%20mypayments.write%20myaccounts.operacion.read%20externalaccounts.read%20mybonds.read%20myhybrids.read%20mypostbox.read%20mycards.basicdata.read%20mypaymentstemplates.read%20mypaymentstemplates.write%20myfuturepayments.write%20myfuturepayments.read%20myolbaccesscontrol.write%20myperiodicpayments.read%20myperiodicpayments.write%20mydigitalsignatures.read%20mydigitalsignatures.write%20myconsents.read%20myconsents.write%20myolbaccesscontrol.read%20myselfservices.write%20myauthentications.read%20myaccounts.operacion.write%20mycards.basicdata.write%20myhybrids.write%20myidentity.read%20myidentity.write%20myaddresses.write%20mycustomertacs.write%20mycustomertacs.read&redirect_uri=https://meine.santander.de/login/oauth?redirect_uri=meine.santander.de/olb HTTP 302
    https://meine.santander.de/login/?errorCode=50900071 HTTP 301
    http://meine.santander.de/login/ HTTP 307
    https://meine.santander.de/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
meine.santander.de/login/
Redirect Chain
  • https://identity.santander.de/
  • https://meine.santander.de/olb
  • https://meine.santander.de/olb/
  • https://meine.santander.de/olb/login?token=
  • https://api.santander.de/scb-internet/client-external/oauthsos/password/authorize?response_type=code&client_id=b6bceffd-d472-4812-8f97-a43fac6a4064&scope=myglobalview.basicdata.read%20myglobalview....
  • https://meine.santander.de/login/?errorCode=50900071
  • http://meine.santander.de/login/
  • https://meine.santander.de/login/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7aeebc7fa96998720b5966278a5cdb5e430d9f9e1b91e459a07fa328fe107aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 01 Mar 2022 14:05:52 GMT
content-type
text/html
last-modified
Thu, 21 Oct 2021 10:14:28 GMT
vary
Accept-Encoding
etag
W/"61713d84-6eb"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
https://meine.santander.de
content-encoding
gzip
x-cdn
Imperva
x-iinfo
45-81002916-81002351 PNNN RT(1646143552008 0) q(0 0 0 -1) r(0 0) U5

Redirect headers

Location
https://meine.santander.de/login/
Non-Authoritative-Reason
HSTS
main.d8a5d2b3.css
meine.santander.de/login/static/css/ 		43 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e0105f2e4cf3dcf5dcb79100c856afe6362a2113c1c6514a51621474ec9278f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Mar 2022 14:05:52 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 10:14:28 GMT
x-cdn
Imperva
etag
W/"61713d84-add7"
vary
Accept-Encoding
content-type
text/css
x-iinfo
45-81002993-81002351 PNNN RT(1646143552176 0) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
expires
Thu, 31 Mar 2022 14:05:52 GMT
main.e1361d58.js
meine.santander.de/login/static/js/ 		598 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/static/js/main.e1361d58.js
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0df8b419834329a3f7529e034107026764d3618fa3f7c18a8addae9f87066f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Mar 2022 14:05:53 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 10:14:28 GMT
x-cdn
Imperva
etag
W/"61713d84-95741"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
45-81002994-81002995 NNNN CT(74 79 0) RT(1646143552180 0) q(0 0 2 -1) r(3 3) U5
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
expires
Thu, 31 Mar 2022 14:05:53 GMT
_Incapsula_Resource
meine.santander.de/ 		145 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=5&cb=1379624442
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0324e3e5ca3ad3924bad263e9315070881c018669ab231dc9b0a0e807918ad76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20908
content-type
application/javascript
bundle_legacy.js
app.usercentrics.eu/browser-ui/latest/ 		719 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/js/main.e1361d58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
47b7487c1c734a6295e6ff35e9d73f050404ee0523789ff313fe74f1d83f52b5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 13:46:34 GMT
content-encoding
gzip
age
1159
x-guploader-uploadid
ADPycdsvnK_3B5kyHVNvIte7XzEE-8iK7CEuusixb3Ft47IeWi52sh9HuUaBxgKwtgIPz1AcdTZucyTBLRo3bR6fqZoYMCxlGw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210821
last-modified
Fri, 25 Feb 2022 14:20:16 GMT
server
UploadServer
etag
"b0accf29fa661600a35d648ace5ae038"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=nmxdmg==, md5=sKzPKfpmFgCjXWSKzlrgOA==
x-goog-generation
1645798816448778
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
210821
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 01 Mar 2022 14:46:34 GMT
config
meine.santander.de/login/ 		135 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/config
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/js/main.e1361d58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
456bdb39693d77ab14cba8854f5321eaa5a6db460fdcaf46227bf9884d79c77b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Access-Control-Allow-Methods
GET,OPTIONS
Access-Control-Allow-Origin
*
Accept
application/json, text/plain, */*
Referer
https://meine.santander.de/login/
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*

Response headers

date
Tue, 01 Mar 2022 14:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Imperva
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://meine.santander.de
x-iinfo
45-81003426-81002995 PNYN RT(1646143552893 0) q(0 0 0 -1) r(2 2) U5
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
LOGIN_BANNER_MESSAGE
meine.santander.de/login/contents/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/contents/LOGIN_BANNER_MESSAGE
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/js/main.e1361d58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';object-src 'none';font-src 'self' data:;connect-src 'self' 'unsafe-inline' https://catalogue.nodered.org https://flow-library-catalogue-scts-dc-arch.scger.pre.corp;upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Access-Control-Allow-Methods
GET,OPTIONS
Access-Control-Allow-Origin
*
Accept
application/json, text/plain, */*
Referer
https://meine.santander.de/login/
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*

Response headers

content-security-policy
default-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline';object-src 'none';font-src 'self' data:;connect-src 'self' 'unsafe-inline' https://catalogue.nodered.org https://flow-library-catalogue-scts-dc-arch.scger.pre.corp;upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-iinfo
45-81003427-81002351 PNNN RT(1646143552895 0) q(0 0 0 -1) r(1 1) U5
content-length
0
x-xss-protection
1; mode=block
x-cdn
Imperva
referrer-policy
no-referrer
x-frame-options
DENY
date
Tue, 01 Mar 2022 14:05:53 GMT
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
expect-ct
max-age=0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://meine.santander.de
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
_Incapsula_Resource
meine.santander.de/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meine.santander.de/_Incapsula_Resource?SWKMTFSR=1&e=0.833197105975072
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
languages.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-guploader-uploadid
ADPycduGa5JzjkdObQcgJx0vzHgnX2scgVyHUUELEsiB0AMUrQpASl1TxVdaVF3IRGeN7R4EKeUCFO9D6MZF2NPAjZU
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-headers
Content-Type,Origin
date
Tue, 01 Mar 2022 14:05:53 GMT
expires
Tue, 01 Mar 2022 14:05:53 GMT
cache-control
private, max-age=0
content-length
0
server
UploadServer
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
languages.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ 		61 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 14:05:50 GMT
content-encoding
gzip
age
3
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdu4w4fS1FSL7zjG9rmBfrrT47uebwdlAy6n9QGJD4vfwlDqwYNGysrdNlX2K5lGWSaYtirdfPBouhx5tGE2iaY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
last-modified
Thu, 24 Feb 2022 09:21:44 GMT
server
UploadServer
etag
"da13a9b5363ff28c20e52e67131f24fd"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-generation
1645694504014633
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length
67
accept-ranges
bytes
content-type
application/json
expires
Tue, 01 Mar 2022 14:06:00 GMT
dps-de.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/dps-de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e9c24f083b120d86e8510c6959a981b16f810e75f3c771138d1ad9b812f130e1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 14:05:48 GMT
content-encoding
gzip
age
5
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdtYpOJE1iJt8T0WpUNJaaqq5blm7EcR00BvIAVL5fux0z_xapYRL0BRNgZidfdikSgjYP__9t5LKMqC7a8-MFY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1202
last-modified
Thu, 24 Feb 2022 09:21:44 GMT
server
UploadServer
etag
"04b0e648b5afc47286c125977b07469b"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=ocng+w==, md5=BLDmSLWvxHKGwSWXewdGmw==
x-goog-generation
1645694504009912
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length
1202
accept-ranges
bytes
content-type
application/json
expires
Tue, 01 Mar 2022 14:05:58 GMT
dps-de.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/dps-de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-guploader-uploadid
ADPycduHqN7MM2zOTkxs-qyjwDO6-mVJ6d6ZsLe48EN7fnt_WyZ12HUQO-V9hzfOrIfP29e4DCByQWXTAjceZeVqxt4ldluuww
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-headers
Content-Type,Origin
date
Tue, 01 Mar 2022 14:05:53 GMT
expires
Tue, 01 Mar 2022 14:05:53 GMT
cache-control
private, max-age=0
content-length
0
server
UploadServer
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SantanderText-Bold.329e4ee6.woff
meine.santander.de/login/static/media/ 		76 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/static/media/SantanderText-Bold.329e4ee6.woff
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f68e66ba374a44363c46d74b801119fca28d767bbddc25d3fedde9b8763a4b15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Origin
https://meine.santander.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Mar 2022 14:05:53 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 10:14:28 GMT
x-cdn
Imperva
etag
"61713d84-12f24"
strict-transport-security
max-age=31536000
content-type
application/font-woff
x-iinfo
45-81003482-81002995 PNYN RT(1646143553100 0) q(0 1 1 -1) r(1 1) U5
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Thu, 31 Mar 2022 14:05:53 GMT
SantanderText-Regular.cb0bd8c2.woff
meine.santander.de/login/static/media/ 		74 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/static/media/SantanderText-Regular.cb0bd8c2.woff
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
956d3119408c7d63f9fcf7e1331871839111242237aaf779599bfb8f456f0e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Origin
https://meine.santander.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Mar 2022 14:05:53 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 10:14:29 GMT
x-cdn
Imperva
etag
"61713d85-12798"
strict-transport-security
max-age=31536000
content-type
application/font-woff
x-iinfo
45-81003483-81002351 PNYN RT(1646143553102 0) q(0 0 0 -1) r(0 0) U5
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Thu, 31 Mar 2022 14:05:53 GMT
core.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ 		578 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/core.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c3c6439caf97179df137cd1070936f799c74ec546a6835ebd67af9cc41ec116
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 14:05:48 GMT
content-encoding
gzip
age
5
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdtCcRduLaaIcxCPRBZSSXqe2BFO5mKfOi4Fn7eUVKcjDgX8Th8U3IGKxmAsH7o47QhPUAMzTlSWcpOsaOOxyR4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
last-modified
Thu, 24 Feb 2022 09:21:44 GMT
server
UploadServer
etag
"ad19bc83001d7968b7a1c42ccfdbb218"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=e8nd7g==, md5=rRm8gwAdeWi3ocQsz9uyGA==
x-goog-generation
1645694503985689
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length
350
accept-ranges
bytes
content-type
application/json
expires
Tue, 01 Mar 2022 14:05:58 GMT
core.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/core.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-guploader-uploadid
ADPycdvjAmSZ6m-ODpClGoF3WA4iNw_XS17K_wdYsLO6Z9EJ50dy3oqDg9eXuMOFbNp2rKz_eYfRgZhrr4R2-DFlcvbI4gCKwg
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-headers
Content-Type,Origin
date
Tue, 01 Mar 2022 14:05:53 GMT
expires
Tue, 01 Mar 2022 14:05:53 GMT
cache-control
private, max-age=0
content-length
0
server
UploadServer
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/3.3.1/ Frame 5323 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/3.3.1/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/

Response headers

x-guploader-uploadid
ADPycdtPxBcYmrPzh07OjKrPiGpXLqm95myq-OVfioOwRF79qYJV-yCa8yi4pc3KHErACCsX00cxlG_9cNgW0t0Pyk86McHjmA
x-goog-generation
1645631339556656
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1123
content-encoding
gzip
x-goog-hash
crc32c=plByng== md5=Oe7/94FkAijk+qkJSNFy4A==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
1123
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
server
UploadServer
date
Thu, 24 Feb 2022 14:04:46 GMT
expires
Sat, 26 Mar 2022 14:04:46 GMT
cache-control
public, max-age=2592000, no-transform
age
432067
last-modified
Wed, 23 Feb 2022 15:48:59 GMT
etag
"39eefff781640228e4faa90948d172e0"
content-type
text/html
strict-transport-security
max-age=7776000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1px.png
app.usercentrics.eu/session/ 		489 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=jBQVAAZ_9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:01:52 GMT
content-encoding
gzip
age
241
x-guploader-uploadid
ADPycdvlSXPFhbtsZR-TwM2hrNaWaZCrbsoO5i0ykkmeABhs1d-ZtC9aihkjRzg7qphnud446LUoc7lxswQGWySJSrw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation
1588928773413784
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
content-type
image/png
expires
Tue, 01 Mar 2022 14:31:52 GMT
de.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ 		30 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9aa60446b1502f96edd4a8675dad6559def72920ed75901696934b91e4b5fc46
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 14:05:50 GMT
content-encoding
gzip
age
3
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycduJVtnTYijOWxcJGfGoHTt8196jbOZ5pdoNRtQ4b8fpefbgRY87kEI_2WFYcQtUA1kozLa4msjzw7y9JLYq1CZ93d60gg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8958
last-modified
Thu, 24 Feb 2022 09:21:44 GMT
server
UploadServer
etag
"19fded2d96bc48fd652965adab3e3e4c"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=WPaczQ==, md5=Gf3tLZa8SP1lKWWtqz4+TA==
x-goog-generation
1645694504007050
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10, no-transform
x-goog-stored-content-length
8958
accept-ranges
bytes
content-type
application/json
expires
Tue, 01 Mar 2022 14:06:00 GMT
de.json
api.usercentrics.eu/settings/jBQVAAZ_9/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/jBQVAAZ_9/latest/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-guploader-uploadid
ADPycds1xAh4CLbgW7BIAh2nzgDYoFQqYDCNIk2PvBPxUHRHpg_lCmfLf1Y91Hd0e3sgqTkSJsdHriiNsPFiABqq3KUJXiUc4Q
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-headers
Content-Type,Origin
date
Tue, 01 Mar 2022 14:05:53 GMT
expires
Tue, 01 Mar 2022 14:05:53 GMT
cache-control
private, max-age=0
content-length
0
server
UploadServer
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translations-de.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b3823530bb230e07ee95164bace0ba30bb145af643ad191cc3601c99c7bff81d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 06:52:05 GMT
content-encoding
gzip
vary
Accept-Encoding
age
26029
x-client-geo-location
DE,DEHE
x-guploader-uploadid
ADPycdsNm1VpaMd2FawFIg9KLSnve9tYr4JB764Uxxq1UCUsBp_EGuDzV64-10zTtQeJwXFMQGv4D47GQ0PsrSX_9Ik
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2485
last-modified
Tue, 15 Feb 2022 07:24:38 GMT
server
UploadServer
etag
"9de92ca5448e4e3365f9e9a1bf4dee4d"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=1weHBA==, md5=nekspUSOTjNl+emhv03uTQ==
x-goog-generation
1643626771526727
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2485
accept-ranges
bytes
content-type
application/json
expires
Wed, 02 Mar 2022 06:52:05 GMT
translations-de.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-guploader-uploadid
ADPycdvUQrw2w2ewMBfk5Rgy73_lrtE4lE6NNFBBjD11b88sT9g-_6lH-IypaWgkDQz37Wd-yQMuU9mz8txRvISgPV5SzeqAMQ
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-headers
Content-Type,Origin
date
Tue, 01 Mar 2022 14:05:54 GMT
expires
Tue, 01 Mar 2022 14:05:54 GMT
cache-control
private, max-age=0
content-length
0
server
UploadServer
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=7776000
x-client-geo-location
DE,DEHE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
de
aggregator.service.usercentrics.eu/aggregate/ 		66 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/de?templates=BJ59EidsWQ@25.6.25,BJz7qNsdj-7@15.7.12,BkeKqEjuoZQ@9.4.6,HJI5SmLm7@4.0.18,Hk8e94jOjWX@11.1.4,HkocEodjb7@52.11.31,HyiV94juoW7@8.3.2,P7VJC8kxK@5.5.18,RqE7fGM_Q@2.0.22,S1_9Vsuj-Q@15.7.10,S1kgcNo_j-m@6.5.8,S1pcEj_jZX@21.9.4,SyfKc4oOjWQ@10.3.2,gkEBFID-V@5.4.4,rJhhqVs_ob7@9.12.3,tnfBi7gwe@14.3.2,uQiyefbRi@16.2.2
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fe2ae5f59fb0f0fa77aab6ebb64d5399c8b62a97db1b1e172708b910741d53e4

Request headers

Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Sat, 26 Feb 2022 21:25:59 GMT
content-encoding
br
server
Google Frontend
age
232795
etag
"15qp5kc"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11544
via
1.1 google
de
aggregator.service.usercentrics.eu/aggregate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/de?templates=BJ59EidsWQ@25.6.25,BJz7qNsdj-7@15.7.12,BkeKqEjuoZQ@9.4.6,HJI5SmLm7@4.0.18,Hk8e94jOjWX@11.1.4,HkocEodjb7@52.11.31,HyiV94juoW7@8.3.2,P7VJC8kxK@5.5.18,RqE7fGM_Q@2.0.22,S1_9Vsuj-Q@15.7.10,S1kgcNo_j-m@6.5.8,S1pcEj_jZX@21.9.4,SyfKc4oOjWQ@10.3.2,gkEBFID-V@5.4.4,rJhhqVs_ob7@9.12.3,tnfBi7gwe@14.3.2,uQiyefbRi@16.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin, Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
access-control-max-age
86400
x-cloud-trace-context
1ecb2b3114a3d22c0d9b72ad6d8e3159
date
Tue, 01 Mar 2022 14:05:54 GMT
content-type
text/html
server
Google Frontend
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
graphql
graphql.usercentrics.eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Origin
https://meine.santander.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 01 Mar 2022 14:05:54 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
graphql
graphql.usercentrics.eu/ 		1 KB
706 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle_legacy.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
344d79e3843f7a57a08c99cee7202f4b0b6197e3e613dc0972efb1056c8f1447

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://meine.santander.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Request-ID
034abc1e-6762-4e1b-ae3d-33454ace0e04
content-type
application/json

Response headers

date
Tue, 01 Mar 2022 14:05:54 GMT
content-encoding
gzip
etag
W/"535-UGV2ITBc7578jNl/8TkkFmFAmjs"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
scb_logo_234x60.png
www.santander.de/static/img/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.santander.de/static/img/scb_logo_234x60.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a5d2cac18b39f982247df94b41bfbffd0f35679b2f03810fb2006f9d152e17cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu *.google.com *.presseportal.de *.adform.net *.adsrvr.org *.facebook.net *.facebook.com santander-de.financingservices.de api.financingservices.de *.bing.com *.hotjar.com data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *.google.com *.googleapis.com santander-de.financingservices.de *; img-src 'self' *.google.com data: *; font-src 'self' *.gstatic.com *; connect-src *.doubleclick.net *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de *.adform.net api.financingservices.de *.bing.com *.hotjar.io *.google.com; frame-src *.youtube.com *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu *.google.com *.presseportal.de vwd.santanderbank.de *.adsrvr.org *.hotjar.com;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://meine.santander.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.santander.de *.kernarea.de; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.kernpunkt.de *.googletagmanager.com *.google-analytics.com *.vwd-webtech.com *.doubleclick.net *.akamaihd.net *.googleadservices.com *.wtp101.com *.google.com *.santanderbank.de *.usercentrics.eu *.google.com *.presseportal.de *.adform.net *.adsrvr.org *.facebook.net *.facebook.com santander-de.financingservices.de api.financingservices.de *.bing.com *.hotjar.com data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.vwd-webtech.com *.santanderbank.de *.google.com *.googleapis.com santander-de.financingservices.de *; img-src 'self' *.google.com data: *; font-src 'self' *.gstatic.com *; connect-src *.doubleclick.net *.google-analytics.com *.kernpunkt.de *.algolia.net *.kernarea.de *.best-credit.de *.usercentrics.eu *.santander.de *.adform.net api.financingservices.de *.bing.com *.hotjar.io *.google.com; frame-src *.youtube.com *.santander.de *.youtube-nocookie.com *.baufi-lead.de *.usercentrics.eu *.google.com *.presseportal.de vwd.santanderbank.de *.adsrvr.org *.hotjar.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000 ; includeSubDomains
content-length
2296
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Feb 2022 09:19:15 GMT
server
Apache
date
Tue, 01 Mar 2022 14:05:54 GMT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=0
feature-policy
display-capture 'none'; geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; accelerometer 'none'; ambient-light-sensor 'none'; gyroscope 'none'; microphone 'none'; fullscreen 'none'; sync-xhr 'none'
etag
"8f8-5d7a671aae33b"
accept-ranges
bytes
expires
Tue, 01 Mar 2022 14:05:54 GMT
SantanderTextW05-Regular.3007e130.woff
meine.santander.de/login/static/media/ 		68 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meine.santander.de/login/static/media/SantanderTextW05-Regular.3007e130.woff
Requested by
Host: meine.santander.de
URL: https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e981:2c::45 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2d2d2cfd7a36307f8ca530948d454dcd9f706830b7c18ee0cc4fa3ec16d96091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://meine.santander.de/login/static/css/main.d8a5d2b3.css
Origin
https://meine.santander.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Mar 2022 14:05:54 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 10:14:28 GMT
x-cdn
Imperva
etag
"61713d84-10ee8"
strict-transport-security
max-age=31536000
content-type
application/font-woff
x-iinfo
45-81003671-81002351 PNYN RT(1646143553620 0) q(0 0 0 -1) r(0 0) U5
cache-control
max-age=2592000, public
accept-ranges
bytes
expires
Thu, 31 Mar 2022 14:05:54 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone string| GoogleAnalyticsObject function| ga function| _ object| regeneratorRuntime function| __import__ boolean| UC_UI_IS_RENDERED object| dataLayer object| UC_UI

10 Cookies

Domain/Path Name / Value
identity.santander.de/ Name: ddf7dc8ea0f85951ae8a645e98f4e71f
Value: dfcaa914eb72f8e826967d2774cbb29a
.santander.de/ Name: nlbi_2496673
Value: 9tsLRED6q2+WCB6NAWv3ewAAAABK467JcfCJx30hdE8bX2c7
.santander.de/ Name: incap_ses_1104_2496673
Value: HJimLWLb0FAYD2r9vTJSDz4oHmIAAAAAbRBCNIVHeJMMIDvNZEl+PA==
meine.santander.de/ Name: f398079c2c271e797ffb2aba07c61762
Value: c531af952aedb386b0f1c777f736affa
.santander.de/ Name: nlbi_2187745
Value: noKyWOD+90ygj0FBiNkT6QAAAABFjaNYq65oyNdfpobLhTJs
.santander.de/ Name: incap_ses_1456_2187745
Value: wrihSRkSkVtb4kRfisA0FD8oHmIAAAAAWBFZtv8o2WNgfyf/X2MGOQ==
api.santander.de/ Name: JSESSIONID
Value: 67df9589-69d2-4fc1-a72e-1c22b865be7e
api.santander.de/ Name: e6d8a42bd91d9d09c1edcbe944942b33
Value: 0a895b0817d7dcfa3ecd05def06cee18
meine.santander.de/ Name: f9b4a3ddd03ee8ba92a245593f6b5259
Value: 50a643b43d8b472110b65c7c0900ba03
meine.santander.de/ Name: ADRUM_BT
Value: R:33|g:fbd4d33e-b69b-440a-8f05-adcc01e4c2922271505

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
api.santander.de
api.usercentrics.eu
app.usercentrics.eu
graphql.usercentrics.eu
identity.santander.de
meine.santander.de
www.santander.de
104.111.235.67
193.127.226.40
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2a02:e981:2c::45
45.60.197.69
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
0324e3e5ca3ad3924bad263e9315070881c018669ab231dc9b0a0e807918ad76
0df8b419834329a3f7529e034107026764d3618fa3f7c18a8addae9f87066f2f
1c3c6439caf97179df137cd1070936f799c74ec546a6835ebd67af9cc41ec116
2d2d2cfd7a36307f8ca530948d454dcd9f706830b7c18ee0cc4fa3ec16d96091
344d79e3843f7a57a08c99cee7202f4b0b6197e3e613dc0972efb1056c8f1447
456bdb39693d77ab14cba8854f5321eaa5a6db460fdcaf46227bf9884d79c77b
47b7487c1c734a6295e6ff35e9d73f050404ee0523789ff313fe74f1d83f52b5
7aeebc7fa96998720b5966278a5cdb5e430d9f9e1b91e459a07fa328fe107aeb
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
956d3119408c7d63f9fcf7e1331871839111242237aaf779599bfb8f456f0e2e
9aa60446b1502f96edd4a8675dad6559def72920ed75901696934b91e4b5fc46
a5d2cac18b39f982247df94b41bfbffd0f35679b2f03810fb2006f9d152e17cf
b3823530bb230e07ee95164bace0ba30bb145af643ad191cc3601c99c7bff81d
dc8343dae24291634bf1aec40cb6794f860bc2b1d28f0ab683854cced24619a0
e0105f2e4cf3dcf5dcb79100c856afe6362a2113c1c6514a51621474ec9278f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c24f083b120d86e8510c6959a981b16f810e75f3c771138d1ad9b812f130e1
f68e66ba374a44363c46d74b801119fca28d767bbddc25d3fedde9b8763a4b15
fe2ae5f59fb0f0fa77aab6ebb64d5399c8b62a97db1b1e172708b910741d53e4