urlscan.io logo urlscan.io
SecurityTrails logo

app.producter.co Open in urlscan Pro
2606:4700:3034::ac43:aea9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bancosantander.producter.co/
Effective URL: https://app.producter.co/
Submission: On September 26 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::ac43:aea9, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.producter.co.
TLS certificate: Issued by GTS CA 1P5 on September 4th 2023. Valid for: 3 months.
This is the only time app.producter.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.239.69.9 16509 (AMAZON-02)
2 44.208.181.137 14618 (AMAZON-AES)
3 13.227.219.27 16509 (AMAZON-02)
1 108.156.60.77 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
2 18.239.94.30 16509 (AMAZON-02)
1 13.227.219.28 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
27 11
1    2606:4700:3030::6815:1f16 (United States)

ASN13335 (CLOUDFLARENET, US)
bancosantander.producter.co
7    2606:4700:3034::ac43:aea9 (United States)

ASN13335 (CLOUDFLARENET, US)
bancosantander.producter.co
api.producter.co
app.producter.co
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.239.69.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-9.ams58.r.cloudfront.net
cdn.heapanalytics.com
2    44.208.181.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-181-137.compute-1.amazonaws.com
heapanalytics.com
3    13.227.219.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-27.ams54.r.cloudfront.net
js.stripe.com
1    108.156.60.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-77.ams1.r.cloudfront.net
static.hotjar.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    18.239.94.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-30.ams1.r.cloudfront.net
m.stripe.network
1    13.227.219.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 producter.co
bancosantander.producter.co
api.producter.co
app.producter.co
8 MB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2793
q.stripe.com — Cisco Umbrella Rank: 24792
m.stripe.com Failed
136 KB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3072
heapanalytics.com — Cisco Umbrella Rank: 2732
75 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
3 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2971
18 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
60 KB
1 gstatic.com
fonts.gstatic.com
46 KB
0 hotjar.io Failed
content.hotjar.io Failed
27 8
Domain Requested by
4 bancosantander.producter.co 1 redirects bancosantander.producter.co
3 q.stripe.com bancosantander.producter.co
3 js.stripe.com bancosantander.producter.co
js.stripe.com
3 fonts.googleapis.com bancosantander.producter.co
app.producter.co
2 app.producter.co bancosantander.producter.co
app.producter.co
2 m.stripe.network js.stripe.com
m.stripe.network
2 api.producter.co bancosantander.producter.co
2 heapanalytics.com bancosantander.producter.co
app.producter.co
2 cdn.heapanalytics.com bancosantander.producter.co
app.producter.co
1 fonts.gstatic.com fonts.googleapis.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com bancosantander.producter.co
0 content.hotjar.io Failed script.hotjar.com
0 m.stripe.com Failed m.stripe.network
27 14

This site contains links to these domains. Also see Links.

Domain
producter.co
Subject Issuer Validity Valid
*.producter.co
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2022-12-09 -
2024-01-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.producter.co/
Frame ID: 64A6B8E7CAD040AD4761C8C09302A6AD
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 1804B9D9B247956C714708E6E7601B96
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5E76CC70A698A9D129FF7A38F05BEDB5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Producter

Page URL History Show full URLs

  1. http://bancosantander.producter.co/ HTTP 301
    https://bancosantander.producter.co/ Page URL
  2. https://app.producter.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

27
Requests

93 %
HTTPS

36 %
IPv6

8
Domains

14
Subdomains

11
IPs

2
Countries

8288 kB
Transfer

23306 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bancosantander.producter.co/ HTTP 301
    https://bancosantander.producter.co/ Page URL
  2. https://app.producter.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bancosantander.producter.co/ HTTP 301
  • https://bancosantander.producter.co/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bancosantander.producter.co/
Redirect Chain
  • http://bancosantander.producter.co/
  • https://bancosantander.producter.co/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
671db83455df68f1d1956c3bfa17365fb7edcc65e8cb737015eea60de7c339d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600
cf-cache-status
DYNAMIC
cf-ray
80cac80afc5030d0-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Sep 2023 10:21:41 GMT
expires
Tue, 26 Sep 2023 10:31:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TsO5GC4lkUl5UTFlroPYfJtidCjxIHXihNOfiYCR%2BURVYJtGF%2F0Qjqka8gwDE5fTH4WLUWP7LEvyiP473UfaRB0PKCFQ%2BjFj4zeEcdcl%2BUCv0xxYVbvGNlH21Qe9pCTPaKmlGYVb1AJRAhbcrG3S9bzYChXNPaZz%2B4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cloud-trace-context
0a9b67899c019847b2c0d884ccb0f580

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
80cac808ec8413b6-IAD
Connection
keep-alive
Content-Type
text/html
Date
Tue, 26 Sep 2023 10:21:40 GMT
Location
https://bancosantander.producter.co/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OM3ry7B1drmEZz0O3nSrfQ0up28VQ10m6Fy8P6gSNcwvikM%2BBhkr9pYBzI3iSa%2B4krDXHJ1hZHdgaRV2axQVtFeQUhOpWJ3BqiBNgr7Cc%2FvqtW5Q4PYlfvPAhKv%2FOv%2F771h7xlQM0TViPb6j7dmlX3F4TFvfoswWJWc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		769 B
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300&display=swap
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
388ed79430f5ef5c5f78f0cbebec573610bd0824cb5ff1fe698b3ba433175a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Sep 2023 10:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 10:00:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Sep 2023 10:21:41 GMT
css2
fonts.googleapis.com/ 		13 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&family=Pacifico&display=swap
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67b357488fdadbec8c548e344922f199c90f1c5a413b24e251b792422e521b86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Sep 2023 10:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 10:21:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Sep 2023 10:21:41 GMT
vendor.a93f08b1d18376059bb9.js
bancosantander.producter.co/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancosantander.producter.co/vendor.a93f08b1d18376059bb9.js
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5598678b3cbf1e8429540f5ed8cce15affcc963bd4595bc69662aac1788c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:41 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ePs6cg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1aud07TNT%2BcSe2wJNVht3WVXWfbAxtN2H%2BjgZRYhwbk5mkBdksb%2B%2F0CENzcrxG6umRRhBMOwUMemM3BIof1y0AjDYN7nm%2F0h7q1nfDIsrVjwX6FruI3MSLXtD7Oqc22spjXoZL8zG96FhOQ6e4o8FJQkKIxB28csVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
926e90e023dd2e9556bb89466dc0aaab
cache-control
public, max-age=600
cf-ray
80cac80cee3c30d0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Sep 2023 10:31:31 GMT
main.bf1033fd7720c930c4b9.js
bancosantander.producter.co/ 		11 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancosantander.producter.co/main.bf1033fd7720c930c4b9.js
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:41 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ePs6cg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lkqyu7%2BSjTX9WTzvvK%2B8eGzz0crxRDcNQajT%2FWt4h07jQBng7546z1l5jaAunxRtnMQcFeG0ktkhrqMjBrfNKrm0A9Nt%2BpRmPtgZdlWkNKE9N666r4KgeSUh6JowtKC4qWDUihtItO%2B30JDmer1THgqQRGrMnMD5Gaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
ceb9b3718e6588bfb4a5bac3d09f1b71
cache-control
public, max-age=600
cf-ray
80cac80cee3e30d0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Sep 2023 10:31:31 GMT
heap-519053531.js
cdn.heapanalytics.com/js/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-519053531.js
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-9.ams58.r.cloudfront.net
Software
nginx / Express
Resource Hash
04dedfcfd51abc5961c36781370722eca45da59118916f870be5318541c9292e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:04 GMT
content-encoding
br
via
1.1 58fc6cf05625e5ee74a288151d13c370.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
AMS58-P4
age
37
x-powered-by
Express
etag
W/"1d03b-fMUc5+p9xh5Slr5n2XIQDXTiAJ0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wJh0IOOEqXzjzMW6vXLYpRHOFzS126n0MjDyfbIeickpKrpdB-Z-Yw==
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=519053531&u=3521223210600994&v=5389546220015707&s=3721328136467884&b=web&tv=4.0&z=0&h=%2F&d=bancosantander.producter.co&t=Producter&ts=1695723701534&st=1695723701544
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.181.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-181-137.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Sep 2023 10:21:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
v3
js.stripe.com/ 		529 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/vendor.a93f08b1d18376059bb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-27.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 10:21:31 GMT
via
1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
19
x-cache
Hit from cloudfront
last-modified
Mon, 25 Sep 2023 20:35:44 GMT
server
Cloudfront
etag
W/"11677cc7f74781df69c96574b4fd7155"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
R8A-4WEfN1wVteQFyl3AtrDABbKQZ3KyNtXjZdcVAgkfn2NJZUIfLw==
bancosantander
api.producter.co/api/workspace/name/ 		28 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.producter.co/api/workspace/name/bancosantander
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/vendor.a93f08b1d18376059bb9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json, text/plain, */*
Referer
https://bancosantander.producter.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
28
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKqFb1kakAPVD60OiTSQaO%2Fr555U8Xseh%2FPg2oSyrjTkrkSsU1u%2BVCIpudODVgr4lU%2BmnDIEq69xo0DAJk8woNc5nylMPIz7lNAs1Q5ljmFeSd%2FHiNhPrwV87bFs0Y5%2FWxg00ue3wEczGdGbGpwV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
80cac81ad9b6438b-EWR
expires
0
bancosantander
api.producter.co/api/workspace/name/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.producter.co/api/workspace/name/bancosantander
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://bancosantander.producter.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin
access-control-allow-methods
PUT,GET,DELETE,OPTIONS,PATCH,POST
access-control-allow-origin
*
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80cac8180805438b-EWR
content-length
0
date
Tue, 26 Sep 2023 10:21:43 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT67yPUhlD2uYi2syFZ%2BIjIz4WKD0U4YiETZ1RmG2%2FgVXramJ3NtahPxtyg0IHeX9rIg2MOFnh0Q8zxbHgQ7uUYGGBlyUiVpzEVi7r60jIsdtb8QZtX%2FN5ynPLE7CuprcyR9y0C2T1d43E3b3gr8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hotjar-3416185.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3416185.js?sv=6
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-77.ams1.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 10:21:43 GMT
via
1.1 e802bba79ff3efb2497084ca4babc248.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
etag
W/b5d7537819d590b118d5bc0a05584870
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DOTQsY-hcHqzn8jO5HXPAAhorA4OK_5FmRD95bGrX9RNCA0t_uqaEg==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 1804 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-27.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bancosantander.producter.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2328
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 26 Sep 2023 09:42:54 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-id
8ouEN2dLFLCMf-rWhhdtw16JgPFMklwXcIQlakE1AAjyAQTEV5J6qA==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 1804 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-27.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 26 Sep 2023 10:08:02 GMT
x-content-type-options
nosniff
via
1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
826
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ptePevQjtgqvw1fF52Ke_mh9RoZWzPmVmJjM6I-wD9D7qyesJJ6YRw==
csp-report
q.stripe.com/ Frame 1804 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 26 Sep 2023 10:21:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695723703507963
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695723703507643
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1804 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 26 Sep 2023 10:21:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695723703508501
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695723703507692
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 5E76 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-30.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
157
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 26 Sep 2023 10:19:07 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 69b7884048ebe8b1ecf8d8ec9d39c85c.cloudfront.net (CloudFront)
x-amz-cf-id
pJ67gyfKVesN5pNUjMvvAlWymgApLnCG7zlfYx2nTKoviVg8mKD0rw==
x-amz-cf-pop
AMS1-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
modules.87c64ece4c32532efcb6.js
script.hotjar.com/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.87c64ece4c32532efcb6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3416185.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-28.ams54.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bancosantander.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
420276
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56133
last-modified
Thu, 21 Sep 2023 13:36:45 GMT
etag
"df814a1255030223e6ab003f27b95f6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
bfpdbZVP9JW-I_CLKORKpNhBpcW0dBVKiSh6Qumsgv7S9fTj8aMGzw==
csp-report
q.stripe.com/ Frame 5E76 		0
492 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 26 Sep 2023 10:21:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695723703508119
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1695723703507710
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 5E76 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-30.ams1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 26 Sep 2023 10:21:35 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 69b7884048ebe8b1ecf8d8ec9d39c85c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
9
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
fQClNjHhbjMP_x5cTCOhi-XqlAeIpgD6CfZ_adqA890E2fucw2LxLg==
6
m.stripe.com/ Frame 5E76 		0
0
/
content.hotjar.io/ 		0
0
Primary Request /
app.producter.co/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.producter.co/
Requested by
Host: bancosantander.producter.co
URL: https://bancosantander.producter.co/main.bf1033fd7720c930c4b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44f34eb868da91042b01ef2f43ec2720a6c72bb4c90abb44bc3d78bcc3ab4e2

Request headers

Referer
https://bancosantander.producter.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=600
cf-cache-status
DYNAMIC
cf-ray
80cac81c4d3930d0-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 26 Sep 2023 10:21:43 GMT
expires
Tue, 26 Sep 2023 10:31:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UAsqWP1JmUJwgKkOSXQjolAbUZDBMazmLu628qSYAMlSA6eud1h1sXrBb2X%2BEd9L7I%2BPEH1B4RGUpnM5NY5CNSmg8%2B4q1f1qcxt14c6H9jlqWSOuOkKIbASY2I5PvAA3lSrwbJokScTYvL9KM7a"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cloud-trace-context
859c32ba838a12dbb41fa29a5be89662
css2
fonts.googleapis.com/ 		17 KB
952 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800
Requested by
Host: app.producter.co
URL: https://app.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eaa828713ad9e2221e296c503bc62c9120775a2cd11cb9c812c180392d013a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Sep 2023 10:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 10:21:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Sep 2023 10:21:43 GMT
index.js
app.producter.co/ 		2 MB
837 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.producter.co/index.js
Requested by
Host: app.producter.co
URL: https://app.producter.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:aea9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36517fdb012e41dd27950dca66e128d694527f5b0e18f816385e2745f9ee7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:43 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eMAQoA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPCqMyjtnTdcORu4lXzvuG96WDmaCSL5ikpLZdOktiXhNUll18PDhO7qH3eeJjVg5tmPiw3raFPLsbh5ujDkvicS9risEu80Heii0jV%2BJ2UPMYPkpbuc3orr4cwcCyWo7jvckHysujVvqWAQQCAs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
4563bdc68e6d3a25ee654a898f1ad8c3
cache-control
public, max-age=600
cf-ray
80cac81cd9f802dd-CDG
alt-svc
h3=":443"; ma=86400
expires
Tue, 26 Sep 2023 10:31:43 GMT
heap-519053531.js
cdn.heapanalytics.com/js/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-519053531.js
Requested by
Host: app.producter.co
URL: https://app.producter.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-9.ams58.r.cloudfront.net
Software
nginx / Express
Resource Hash
04dedfcfd51abc5961c36781370722eca45da59118916f870be5318541c9292e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:21:04 GMT
content-encoding
br
via
1.1 58fc6cf05625e5ee74a288151d13c370.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
AMS58-P4
age
39
x-powered-by
Express
etag
W/"1d03b-fMUc5+p9xh5Slr5n2XIQDXTiAJ0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
aAhBJwrZyS6z_eaf4fR52pX4R0kRa1XjJ6s_K8fF5vfV4HhUHsifaQ==
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=519053531&u=3521223210600994&v=2861030454362811&s=3721328136467884&b=web&tv=4.0&z=2&h=%2F&d=app.producter.co&t=Producter&r=https%3A%2F%2Fbancosantander.producter.co%2F&ts=1695723703884&sp=ts&sp=1695723701534&sp=d&sp=bancosantander.producter.co&sp=h&sp=%2F&st=1695723703884
Requested by
Host: app.producter.co
URL: https://app.producter.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.181.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-181-137.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.producter.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Sep 2023 10:21:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
truncated
/ 		631 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ba48b8aca425260249ac927e7d095c5399fc30d7c244b4dacd2dec465034c32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fe887863e5174595231653281b27175cd93405490d0721a9b1d215e07b1d965

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		833 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
603d288a9c2fb424185716add9ba90669d933d729a9cbc7b62c700f73d722a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bf99c711f404f99c46cb1e4d7e68d5a3e89acb19438ed2e9518ddf72c859295

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
243c000e3037c3a0acd1025cba01acd40bcdd2dcb0c3aec0237191f788dd13f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb94758afaa24a06d2743d24116a04f5707a01b406e95038742aa12becc58003

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		157 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba061cdb359cc329d74457bbdb9b83c3de93c2bdea6ea886cfcd7e6f63b98db0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03c753ca0a728ab0f1eb65dbac78e819a93af1cf373c7abca4d81f1dec29d637

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc16666b5a8f2718bb641a0251b0cb885a1d479dd88d2d17db6d6710b43e46eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.producter.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 18:19:49 GMT
x-content-type-options
nosniff
age
403315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Sep 2024 18:19:49 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2155b59677b2f6df8a987adedf8b4139716be97efb144f88e0935e487f483a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
m.stripe.com
URL
https://m.stripe.com/6
Domain
content.hotjar.io
URL
https://content.hotjar.io/?gzip=1

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| heap object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _

7 Cookies

Domain/Path Name / Value
.producter.co/ Name: _hp2_ses_props.519053531
Value: %7B%22ts%22%3A1695723701534%2C%22d%22%3A%22bancosantander.producter.co%22%2C%22h%22%3A%22%2F%22%7D
.producter.co/ Name: _hjSessionUser_3416185
Value: eyJpZCI6IjRiNjc2NjI4LWVhMzItNTdjNC1hZDJlLWE0NmQ5MDcwYTcyOSIsImNyZWF0ZWQiOjE2OTU3MjM3MDM0MjYsImV4aXN0aW5nIjpmYWxzZX0=
.producter.co/ Name: _hjFirstSeen
Value: 1
.producter.co/ Name: _hjIncludedInSessionSample_3416185
Value: 1
.producter.co/ Name: _hjSession_3416185
Value: eyJpZCI6IjY0MmQyY2NkLTI3MjUtNGI4NS1hZjExLWU2NzQwNGI4M2ZjYiIsImNyZWF0ZWQiOjE2OTU3MjM3MDM0MjYsImluU2FtcGxlIjp0cnVlfQ==
.producter.co/ Name: _hjAbsoluteSessionInProgress
Value: 0
.producter.co/ Name: _hp2_id.519053531
Value: %7B%22userId%22%3A%223521223210600994%22%2C%22pageviewId%22%3A%222861030454362811%22%2C%22sessionId%22%3A%223721328136467884%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://api.producter.co/api/workspace/name/bancosantander
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.producter.co
app.producter.co
bancosantander.producter.co
cdn.heapanalytics.com
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
script.hotjar.com
static.hotjar.com
content.hotjar.io
m.stripe.com
108.156.60.77
13.227.219.27
13.227.219.28
18.239.69.9
18.239.94.30
2606:4700:3030::6815:1f16
2606:4700:3034::ac43:aea9
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200a
44.208.181.137
54.187.119.242
03c753ca0a728ab0f1eb65dbac78e819a93af1cf373c7abca4d81f1dec29d637
04dedfcfd51abc5961c36781370722eca45da59118916f870be5318541c9292e
243c000e3037c3a0acd1025cba01acd40bcdd2dcb0c3aec0237191f788dd13f6
2bf99c711f404f99c46cb1e4d7e68d5a3e89acb19438ed2e9518ddf72c859295
36517fdb012e41dd27950dca66e128d694527f5b0e18f816385e2745f9ee7cdb
388ed79430f5ef5c5f78f0cbebec573610bd0824cb5ff1fe698b3ba433175a27
4ba48b8aca425260249ac927e7d095c5399fc30d7c244b4dacd2dec465034c32
603d288a9c2fb424185716add9ba90669d933d729a9cbc7b62c700f73d722a69
671db83455df68f1d1956c3bfa17365fb7edcc65e8cb737015eea60de7c339d2
67b357488fdadbec8c548e344922f199c90f1c5a413b24e251b792422e521b86
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9fe887863e5174595231653281b27175cd93405490d0721a9b1d215e07b1d965
ba061cdb359cc329d74457bbdb9b83c3de93c2bdea6ea886cfcd7e6f63b98db0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5598678b3cbf1e8429540f5ed8cce15affcc963bd4595bc69662aac1788c62
c44f34eb868da91042b01ef2f43ec2720a6c72bb4c90abb44bc3d78bcc3ab4e2
eaa828713ad9e2221e296c503bc62c9120775a2cd11cb9c812c180392d013a6d
eb94758afaa24a06d2743d24116a04f5707a01b406e95038742aa12becc58003
f2155b59677b2f6df8a987adedf8b4139716be97efb144f88e0935e487f483a6
fc16666b5a8f2718bb641a0251b0cb885a1d479dd88d2d17db6d6710b43e46eb