urlscan.io logo urlscan.io
SecurityTrails logo

minnettbank.santanderconsumer.no Open in urlscan Pro
45.60.34.180  Public Scan

Go To Rescan Add Verdict Report
URL: https://minnettbank.santanderconsumer.no/
Submission Tags: falconsandbox
Submission: On December 04 via api from US — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 8 domains to perform 58 HTTP transactions. The main IP is 45.60.34.180, located in United States and belongs to INCAPSULA, US. The main domain is minnettbank.santanderconsumer.no.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on August 15th 2024. Valid for: 6 months.
This is the only time minnettbank.santanderconsumer.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 45.60.34.180 19551 (INCAPSULA)
4 2a00:1450:400... 15169 (GOOGLE)
1 7 109.68.90.49 25148 (BASEFARM-...)
4 2a02:6ea0:c70... 60068 (CDN77 Dat...)
21 178.63.128.65 24940 (HETZNER-A...)
1 193.26.146.37 207674 (VIPPS-AS ...)
1 87.230.98.78 61157 (PLUSSERVE...)
1 2a02:6ea0:c70... 60068 (CDN77 Dat...)
2 193.26.146.36 207674 (VIPPS-AS ...)
2 87.230.98.76 61157 (PLUSSERVE...)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:267... 16509 (AMAZON-02)
1 2600:9000:235... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
58 15
11    45.60.34.180 (United States)

ASN19551 (INCAPSULA, US)
minnettbank.santanderconsumer.no
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    109.68.90.49 (Oslo, Norway)

ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO)
PTR: acme.signature.signicat.cloud
id.santanderconsumer.no
4    2a02:6ea0:c700::107 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
cdn.consentmanager.net
21    178.63.128.65 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: service.giosg.com
service.giosg.com
api.giosg.com
1    193.26.146.37 (Norway)

ASN207674 (VIPPS-AS VIPPS MOBILEPAY AS, NO)
services.bankid.no
1    87.230.98.78 (Germany)

ASN61157 (PLUSSERVER-ASN1 PlusServer GmbH, DE)
PTR: ds87-230-98-78.dedicated.psmanaged.com
delivery.consentmanager.net
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
cdn.consentmanager.net
2    193.26.146.36 (Norway)

ASN207674 (VIPPS-AS VIPPS MOBILEPAY AS, NO)
csfe.bankid.no
2    87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1 PlusServer GmbH, DE)
PTR: ma5050018.psmanaged.com
c.delivery.consentmanager.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:2670:1200:1d:5e80:5500:93a1 (United States)

ASN16509 (AMAZON-02, US)
018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com
1    2600:9000:2359:3c00:1:db71:1100:93a1 (United States)

ASN16509 (AMAZON-02, US)
globalcdn.interactiondesigner.giosg.com
1    2600:9000:2057:c200:9:f3c8:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.giosgusercontent.com
Apex Domain
Subdomains		 Transfer
22 giosg.com
service.giosg.com — Cisco Umbrella Rank: 128256
globalcdn.interactiondesigner.giosg.com — Cisco Umbrella Rank: 448920
api.giosg.com — Cisco Umbrella Rank: 210998
347 KB
18 santanderconsumer.no
minnettbank.santanderconsumer.no
id.santanderconsumer.no
866 KB
8 consentmanager.net
cdn.consentmanager.net — Cisco Umbrella Rank: 14609
delivery.consentmanager.net — Cisco Umbrella Rank: 14246
c.delivery.consentmanager.net — Cisco Umbrella Rank: 32724
123 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
347 KB
3 bankid.no
services.bankid.no
csfe.bankid.no — Cisco Umbrella Rank: 381090
57 KB
2 giosgusercontent.com
018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com
cdn.giosgusercontent.com — Cisco Umbrella Rank: 305996
7 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
0 googlesyndication.com Failed
ade.googlesyndication.com Failed
58 8
Domain Requested by
17 service.giosg.com minnettbank.santanderconsumer.no
service.giosg.com
globalcdn.interactiondesigner.giosg.com
11 minnettbank.santanderconsumer.no minnettbank.santanderconsumer.no
7 id.santanderconsumer.no 1 redirects minnettbank.santanderconsumer.no
id.santanderconsumer.no
5 cdn.consentmanager.net www.googletagmanager.com
cdn.consentmanager.net
delivery.consentmanager.net
minnettbank.santanderconsumer.no
4 api.giosg.com globalcdn.interactiondesigner.giosg.com
4 www.googletagmanager.com minnettbank.santanderconsumer.no
www.googletagmanager.com
2 c.delivery.consentmanager.net minnettbank.santanderconsumer.no
2 csfe.bankid.no id.santanderconsumer.no
csfe.bankid.no
1 cdn.giosgusercontent.com
1 globalcdn.interactiondesigner.giosg.com service.giosg.com
1 018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com service.giosg.com
1 region1.google-analytics.com www.googletagmanager.com
1 delivery.consentmanager.net cdn.consentmanager.net
1 services.bankid.no id.santanderconsumer.no
0 ade.googlesyndication.com Failed minnettbank.santanderconsumer.no
58 15

This site contains links to these domains. Also see Links.

Domain
www.santanderconsumer.no
finansportalen.no
santanderconsumer.no
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-08-15 -
2025-02-11		 6 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
id.santanderconsumer.no
R11		 2024-11-12 -
2025-02-10		 3 months crt.sh
1376624012.rsc.cdn77.org
E5		 2024-11-14 -
2025-02-12		 3 months crt.sh
*.giosg.com
Starfield Secure Certificate Authority - G2		 2024-07-26 -
2025-08-19		 a year crt.sh
services.bankid.no
GlobalSign RSA OV SSL CA 2018		 2024-11-15 -
2025-12-17		 a year crt.sh
delivery.consentmanager.net
R11		 2024-11-09 -
2025-02-07		 3 months crt.sh
csfe.bankid.no
GlobalSign RSA OV SSL CA 2018		 2024-02-26 -
2025-03-29		 a year crt.sh
c.delivery.consentmanager.net
R10		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.interactions.giosgusercontent.com
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-19		 a year crt.sh
globalcdn.interactiondesigner.giosg.com
Amazon RSA 2048 M03		 2024-09-01 -
2025-09-30		 a year crt.sh
cdn.giosgusercontent.com
Amazon RSA 2048 M02		 2024-11-13 -
2025-12-12		 a year crt.sh

This page contains 6 frames:

Primary Page: https://minnettbank.santanderconsumer.no/
Frame ID: 2FA039195E5233B27F9A6F1C32055DE4
Requests: 40 HTTP requests in this frame

Frame: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Frame ID: 69AF20646C2F76076EBB056648643F45
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fminnettbank.santanderconsumer.no
Frame ID: 6F2231B701F2B96C8EDCDE6CB688F9B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.consentmanager.net/delivery/crossdomain.html
Frame ID: B0AFD253E700497352904436D29BFB99
Requests: 1 HTTP requests in this frame

Frame: https://service.giosg.com/bar/visitor/chat?org=b11a1516-d3f2-11e6-b037-00163e789e28&c=3653&url=https%253A%252F%252Fminnettbank.santanderconsumer.no%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
Frame ID: 80B0BDF09C90F72E18DD99170EB07CBE
Requests: 1 HTTP requests in this frame

Frame: https://csfe.bankid.no/CentralServerFEJS/a?cid=XQqC3dBIrV9bB48Z
Frame ID: 7AE99A90E2042AE0FD988EF2A8A846EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nettbank for kredittkort, lån og leasing – Santander Consumer Bank

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

15
Subdomains

15
IPs

3
Countries

1747 kB
Transfer

5037 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://id.santanderconsumer.no/oidc/authorize?client_id=prod.santanderc-no.obas&response_type=code&scope=signicat.national_id%20profile%20openid%20phone&response_mode=form_post&redirect_uri=https:%2F%2Fminnettbank.santanderconsumer.no%2FResolve%3Fam%3Ddesktop&acr_values=urn:signicat:oidc:method:nbid&signicat_profile=default&state=62272f29-1b31-4070-811c-3082d5db039d&nonce=2fe5ae2f-21fe-46b5-aed6-3a3b86917a44 HTTP 302
  • https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
minnettbank.santanderconsumer.no/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ba4bd7bd2d89991b1d2940021c3307d8a810c71773e16665d9ccaa0420d8c1a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.bankid.no *.google.com *.google.no *.google.dk *.google.se *.google.fi youtube.com fonts.googleapis.com ssl.gstatic.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.mouseflow.com *.consentmanager.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://minnettbank.santanderconsumer.no
cache-control
public, no-cache="Set-Cookie", max-age=691200
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.bankid.no *.google.com *.google.no *.google.dk *.google.se *.google.fi youtube.com fonts.googleapis.com ssl.gstatic.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.mouseflow.com *.consentmanager.net; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
13-54303086-54303089 NNNN CT(13 8 0) RT(1733350853664 40) q(0 0 0 0) r(1 1) U12
x-xss-protection
1; mode=block
site_styles
minnettbank.santanderconsumer.no/Resources/Bundles/dist/ 		631 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fd72052eaf92e5f1236fcc46f9112e41ecbf164fe9ecb12664b0de946c740177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 243) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29672607, public
content-encoding
gzip
x-cdn
Imperva
expires
Thu, 13 Nov 2025 08:44:20 GMT
content-length
116672
date
Wed, 04 Dec 2024 22:20:53 GMT
last-modified
Wed, 13 Nov 2024 08:44:20 GMT
content-type
text/css; charset=utf-8
site_scripts
minnettbank.santanderconsumer.no/Resources/Bundles/dist/ 		1 MB
418 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_scripts?v=rx8CoR2CHNqiNxRsrlaDETaL2quD48fYf6KIS4HVTnU1
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
42c354558b5374ce9a4a682d43f0d30467f4076066b7bcbf86a7b72697819277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 246) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=29672607, public
content-encoding
gzip
x-cdn
Imperva
expires
Thu, 13 Nov 2025 08:44:20 GMT
content-length
427215
date
Wed, 04 Dec 2024 22:20:53 GMT
last-modified
Wed, 13 Nov 2024 08:44:20 GMT
content-type
text/javascript; charset=utf-8
_Incapsula_Resource
minnettbank.santanderconsumer.no/ 		88 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2071788950
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
98e8f9ae95094f604333c2e508447c1da66ea8effb97820094638da886724990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
content-length
21441
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		459 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ec0f2d8cbbc3ce0240314c6054700615d3f20fc276481e74aa2d4e8c34af146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 04 Dec 2024 22:20:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 22:20:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 21:37:49 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133813
x-xss-protection
0
server
Google Tag Manager
santander-logo.svg
minnettbank.santanderconsumer.no/Resources/Images/logo/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minnettbank.santanderconsumer.no/Resources/Images/logo/santander-logo.svg
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7ef80cd197cf83e5325a1b1f1468f4ccb277dea70b4e876a04b52fb21c32635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 395) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=261454, public
content-encoding
gzip
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Sat, 07 Dec 2024 22:58:28 GMT
content-length
2114
date
Wed, 04 Dec 2024 22:20:54 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
image/svg+xml
dot.png
minnettbank.santanderconsumer.no/resources/images/svg/ 		68 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minnettbank.santanderconsumer.no/resources/images/svg/dot.png
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 397) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=174769, public
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Fri, 06 Dec 2024 22:53:43 GMT
content-length
68
date
Wed, 04 Dec 2024 22:20:54 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
image/png
bankid.svg
minnettbank.santanderconsumer.no/resources/images/svg/ 		2 KB
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minnettbank.santanderconsumer.no/resources/images/svg/bankid.svg
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b053d9da34e1adf0fef9cd78c02eeb9851a40fe732268d58fc90aa83e95de345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 398) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=261025, public
content-encoding
gzip
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Sat, 07 Dec 2024 22:51:19 GMT
content-length
524
date
Wed, 04 Dec 2024 22:20:54 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
image/svg+xml
SantanderTextW05-Regular.woff2
minnettbank.santanderconsumer.no/Resources/Fonts/SantanderFont/Regular/ 		46 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/Resources/Fonts/SantanderFont/Regular/SantanderTextW05-Regular.woff2
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://minnettbank.santanderconsumer.no
Referer
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 399) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=260750, public
content-encoding
gzip
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Sat, 07 Dec 2024 22:46:44 GMT
content-length
43453
date
Wed, 04 Dec 2024 22:20:54 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
application/font-woff
SantanderHeadlineW05-Rg.ttf
minnettbank.santanderconsumer.no/Resources/Fonts/SantanderFont/Headline/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/Resources/Fonts/SantanderFont/Headline/SantanderHeadlineW05-Rg.ttf
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cf2166ed0037c6f2797c0774063ecc0275cd08473aeff74cf79dc510bb60398b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://minnettbank.santanderconsumer.no
Referer
https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_styles?v=JF5xJ65QqmYBqvrxP4KFvhpLe4Bc2NY_9Wu1yEQcRAU1

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 400) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=262198, public
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Sat, 07 Dec 2024 23:10:52 GMT
content-length
141148
date
Wed, 04 Dec 2024 22:20:54 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
application/octet-stream
santanderconsumer.no
id.santanderconsumer.no/std/method/ Frame 69AF
Redirect Chain
  • https://id.santanderconsumer.no/oidc/authorize?client_id=prod.santanderc-no.obas&response_type=code&scope=signicat.national_id%20profile%20openid%20phone&response_mode=form_post&redirect_uri=https:...
  • https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/Resources/Bundles/dist/site_scripts?v=rx8CoR2CHNqiNxRsrlaDETaL2quD48fYf6KIS4HVTnU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
17be6853c54a168d0265be0067eafb01edcee1c2b203977e6f443424d9a8c671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://minnettbank.santanderconsumer.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://csfe.bankid.no
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Date
Wed, 04 Dec 2024 22:20:55 GMT
Keep-Alive
timeout=5, max=99
P3P
CP="CAO PSA OUR"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
X-ua-compatible
IE=edge,chrome=1

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Date
Wed, 04 Dec 2024 22:20:54 GMT
Keep-Alive
timeout=5, max=100
Location
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
_Incapsula_Resource
minnettbank.santanderconsumer.no/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://minnettbank.santanderconsumer.no/_Incapsula_Resource?SWKMTFSR=1&e=0.5125035847558477
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex
cache-control
no-cache, no-store
content-length
1
content-type
text/plain
37710.js
cdn.consentmanager.net/delivery/customcmp/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customcmp/37710.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ee08e211a2e1459ba4f5535806f7e284528fcf40abb4c9044473de1cb99f2325
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
x-77-cache
HIT
expires
Wed, 04 Dec 2024 22:37:08 GMT
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
public, max-age=1800
content-type
text/javascript; charset=utf-8
x-77-nzt-ray
43862e2436ebf95ac7d55067755bc005
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 22:07:08 GMT
x-77-nzt
EgwBz9PTGQH3sgIAAAwBw7WvAgG3iQAAAA
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-xss-protection
0
x-77-age
690
server
CDN77-Turbo
b11a1516-d3f2-11e6-b037-00163e789e28
service.giosg.com/live2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/live2/b11a1516-d3f2-11e6-b037-00163e789e28
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
0d8f990698dbc0226a0139d0f909b54c37945280c3802a3c7796373c48fe9846
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=60, public
content-encoding
gzip
etag
"674898f7-7ee"
expires
Wed, 04 Dec 2024 22:21:55 GMT
accept-ranges
bytes
content-length
2030
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 28 Nov 2024 16:23:19 GMT
server
nginx
vary
Accept-Encoding
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 6F22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fminnettbank.santanderconsumer.no
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
101248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 18:13:27 GMT
expires
Wed, 03 Dec 2025 18:13:27 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
id.santanderconsumer.no/style/ Frame 69AF 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/style/style.css
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
69a2e090d0a82519fa0588c1cdaf4f40a222b04eba1b8a29e475bcc7e39087bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
ETag
W/"16981-1725612222000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
16981
Keep-Alive
timeout=5, max=98
Date
Wed, 04 Dec 2024 22:20:54 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 06 Sep 2024 08:43:42 GMT
Content-Type
text/css
Server
Apache
signicat.css
id.santanderconsumer.no/style/ Frame 69AF 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/style/signicat.css
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
c4fa210b16e97fb091c3b23c98da3dcd8cb98870d6bb05c52db28ea22ac43411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
ETag
W/"2513-1725612222000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
2513
Keep-Alive
timeout=5, max=97
Date
Wed, 04 Dec 2024 22:20:54 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 06 Sep 2024 08:43:42 GMT
Content-Type
text/css
Server
Apache
jquery-1.7.1.min.js
id.santanderconsumer.no/jquery/ Frame 69AF 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/jquery/jquery-1.7.1.min.js
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
ETag
W/"93868-1725612222000"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
93868
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 22:20:54 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 06 Sep 2024 08:43:42 GMT
Content-Type
text/javascript
Server
Apache
bid-browser-test.js
services.bankid.no/test/precheck/ Frame 69AF 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bankid.no/test/precheck/bid-browser-test.js
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.26.146.37 , Norway, ASN207674 (VIPPS-AS VIPPS MOBILEPAY AS, NO),
Reverse DNS
Software
Apache /
Resource Hash
ffef7682d09998f8522a7944850e5e08a12902d64fd92332e251f304b8c453a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/

Response headers

Strict-Transport-Security
max-age=31536000
Content-Length
32215
Date
Wed, 04 Dec 2024 22:20:55 GMT
Content-Type
text/javascript;charset=UTF-8
Server
Apache
Connection
close
libs.js
id.santanderconsumer.no/plugins/bankid-js/v7.13/webclient/js/ Frame 69AF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/plugins/bankid-js/v7.13/webclient/js/libs.js
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
d8bdd8a0445ca65540db6ece130f725153522cf497208fd417ef1ce852ff24c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
ETag
"91e-620a83f3079c0"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
2334
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 22:20:55 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 27 Aug 2024 11:07:27 GMT
Vary
Accept
Server
Apache
Content-Type
application/javascript
bankid.min.js
id.santanderconsumer.no/plugins/bankid-js/v7.13/webclient/js/ Frame 69AF 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.santanderconsumer.no/plugins/bankid-js/v7.13/webclient/js/bankid.min.js
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.68.90.49 Oslo, Norway, ASN25148 (BASEFARM-ASN ORANGE BUSINESS DIGITAL NORWAY AS, NO),
Reverse DNS
acme.signature.signicat.cloud
Software
Apache /
Resource Hash
1eb19af199af48ddcf2908381e806d7a1989423e6a1b77de4faa3413ea875767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/std/method/santanderconsumer.no?id=nbid%3Adefault%3Anb&target=https%3A%2F%2Fid.santanderconsumer.no%2Foidc%2Fsaml11target%3FflowId%3Dm4y4n1NBPeSkRUBjIgf1pwBZe65FHCit&requestArtifactId=m4y4n1NBPeSkRUBjIgf1pwBZe65FHCit

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex, nofollow
ETag
"13a9-620a83f3079c0"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Accept-Ranges
bytes
Content-Length
5033
Keep-Alive
timeout=5, max=100
Date
Wed, 04 Dec 2024 22:20:55 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 27 Aug 2024 11:07:27 GMT
Vary
Accept
Server
Apache
Content-Type
application/javascript
cmp.php
delivery.consentmanager.net/delivery/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.consentmanager.net/delivery/cmp.php?id=37710&h=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&__cmpfcc=1&l=en&ls=EN_EN_NO&lp=NO&o=1733350855127
Requested by
Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/customcmp/37710.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1 PlusServer GmbH, DE),
Reverse DNS
ds87-230-98-78.dedicated.psmanaged.com
Software
/
Resource Hash
070878351cd87da2d9cc1d3b26e7a10c72fa7da91dde48c333eb41a9312d89ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Wed, 04 Dec 2024 22:20:55 GMT
x-xss-protection
0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cmp_final.min.js
cdn.consentmanager.net/delivery/js/ 		442 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/js/cmp_final.min.js?t=2024-12-4
Requested by
Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/customcmp/37710.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a39edc064915e15f9a4132e628b922f76e9705c8c41f1c312f532b2c4178de68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
etag
W/"6e9f3-627fd7b69bbc0"
x-77-cache
HIT
expires
Fri, 29 Nov 2024 18:45:25 GMT
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
max-age=86400
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 18:45:11 GMT
x-77-nzt-ray
43862e2436ebf95ac7d55067a2791909
vary
Accept-Encoding
x-77-nzt
EgwBz9PTGQH3fDIAAAwBJRPCNAW1AAAAAA
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-77-pop
frankfurtDE
x-77-age
12924
server
CDN77-Turbo
939.6cb77e3afd9e14ea4e56.js
service.giosg.com/static/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/939.6cb77e3afd9e14ea4e56.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live2/b11a1516-d3f2-11e6-b037-00163e789e28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
a3430ce332df40eb10c3b90857993bf39f12c2ba1f5c7ebd1b3a5077ad49e847
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=315360000, public
content-encoding
gzip
etag
"674898f7-2d5b"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11611
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 16:23:19 GMT
server
nginx
vary
Accept-Encoding
973.d81536b7904bd4c5c07a.js
service.giosg.com/static/ 		141 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live2/b11a1516-d3f2-11e6-b037-00163e789e28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
3ac46ada672e74859c6f58fcfcc4b933dca3eb49adf58ef1464f3df9691762cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=315360000, public
content-encoding
gzip
etag
"674898f7-a116"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
41238
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 16:23:19 GMT
server
nginx
vary
Accept-Encoding
/
service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/client-settings2/ 		40 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/client-settings2/?url=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live2/b11a1516-d3f2-11e6-b037-00163e789e28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
9a3c6745944ff4d49ae5c377138e5d42d8e5a02f84ff4f625cb0aca8771f7bf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Client-Origin
https://minnettbank.santanderconsumer.no
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
x-response-duration
15
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
6607
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:55 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language, Accept-Encoding
/
service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/client-settings2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/client-settings2/?url=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-origin
Access-Control-Request-Method
GET
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:55 GMT
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server
nginx
strict-transport-security
max-age=63072000
bV8xLndfMzc3MTAucl9HRFBSLmxfbm8uZF8zMDI1OC54XzM1NS52LnAudF8zMDI1OC54dF8yOQ.js
cdn.consentmanager.net/delivery/customdata/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customdata/bV8xLndfMzc3MTAucl9HRFBSLmxfbm8uZF8zMDI1OC54XzM1NS52LnAudF8zMDI1OC54dF8yOQ.js
Requested by
Host: delivery.consentmanager.net
URL: https://delivery.consentmanager.net/delivery/cmp.php?id=37710&h=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&__cmpfcc=1&l=en&ls=EN_EN_NO&lp=NO&o=1733350855127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
25d47ac2bd2d3fc6cd416966bc836b1fc59b889eeadc1dc021fc62ec678bad3c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
x-77-cache
HIT
expires
Wed, 04 Dec 2024 22:29:05 GMT
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
public, max-age=1800
content-type
text/javascript; charset=utf-8
x-77-nzt-ray
43862e2436ebf95ac7d55067f66f5813
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 21:59:05 GMT
x-77-nzt
EgwBz9PTGQH3RQQAAAwBJRPCNAG32QAAAA
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-xss-protection
0
x-77-age
1093
server
CDN77-Turbo
crossdomain.html
cdn.consentmanager.net/delivery/ Frame B0AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/crossdomain.html
Requested by
Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_final.min.js?t=2024-12-4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Referer
https://minnettbank.santanderconsumer.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 22:20:55 GMT
etag
W/"846-624bfb9833080"
last-modified
Fri, 18 Oct 2024 12:48:50 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
84
x-77-cache
HIT
x-77-nzt
EgwBw7WqEQH3VAAAAAwBnJIhHwG3AAAAAA
x-77-nzt-ray
4c156224543e4c78c7d55067a8078a1d
x-77-pop
frankfurtDE
helper20.js
csfe.bankid.no/CentralServerFEJS/Gateway/ Frame 69AF 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csfe.bankid.no/CentralServerFEJS/Gateway/helper20.js?cid=XQqC3dBIrV9bB48Z
Requested by
Host: id.santanderconsumer.no
URL: https://id.santanderconsumer.no/plugins/bankid-js/v7.13/webclient/js/bankid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.26.146.36 , Norway, ASN207674 (VIPPS-AS VIPPS MOBILEPAY AS, NO),
Reverse DNS
Software
Apache /
Resource Hash
f1199e64815247e3a09529ca29d99288c3edee230ca827c5a56a912453010add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://id.santanderconsumer.no/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
close
X-Content-Type-Options
nosniff
Expires
0
Date
Wed, 04 Dec 2024 22:20:54 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript;charset=utf-8
Server
Apache
X-Frame-Options
DENY
664.4ddac03812a4dd93192d.js
service.giosg.com/static/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/664.4ddac03812a4dd93192d.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/live2/b11a1516-d3f2-11e6-b037-00163e789e28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
d3c6df5438dc5257ff4cb09fc5662c056385346c0624b26adb8ca446227f0182
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=315360000, public
content-encoding
gzip
etag
"674898f7-918"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2328
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 16:23:19 GMT
server
nginx
vary
Accept-Encoding
chat
service.giosg.com/bar/visitor/ Frame 80B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/bar/visitor/chat?org=b11a1516-d3f2-11e6-b037-00163e789e28&c=3653&url=https%253A%252F%252Fminnettbank.santanderconsumer.no%252F&cid=undefined&sgid=undefined&cookiesAllowed=true
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://minnettbank.santanderconsumer.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache,max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:55 GMT
etag
W/"8f55484b386b98186e35e54da5bc4719"
last-modified
Thu, 21 Nov 2024 14:05:21 GMT
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server
nginx
strict-transport-security
max-age=15768000
x-amz-id-2
6c7JRATir3yqFzvJwsSVX6EfhH/yhpmyEbLgRPF+ozVGg12aCRwML+41aHOtv7fffkrD4j+3xHA=
x-amz-request-id
BDNZHWPJ3QQJX7WA
x-amz-server-side-encryption
AES256
recall_cookie.svg
cdn.consentmanager.net/delivery/recall/ 		869 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.net/delivery/recall/recall_cookie.svg
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::107 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
etag
W/"365-5d782acc3a098"
x-77-cache
HIT
expires
Thu, 02 Oct 2025 15:01:47 GMT
date
Wed, 04 Dec 2024 22:20:56 GMT
edge-control
max-age=2592000
content-type
image/svg+xml
last-modified
Tue, 08 Feb 2022 14:38:47 GMT
x-77-nzt-ray
43862e2436ebf95ac8d55067a3692614
vary
Accept-Encoding
x-77-nzt
EgwBz9PTGQH3bXVTAAwBJRPCLgG3AAAAAA
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
x-77-pop
frankfurtDE
x-77-age
5469549
server
CDN77-Turbo
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=37710&did=1&cfdid=30258&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&o=1733350855542&l=NO&lv=92229&d=1&ct=14&e=&e2=&e3=&i=&sv=29&dv=355&
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1 PlusServer GmbH, DE),
Reverse DNS
ma5050018.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
43
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Wed, 04 Dec 2024 22:20:55 GMT
x-xss-protection
0
content-type
image/gif
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=37710&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&o=1733350855543&l=NO&lv=92229&d=1&ct=14&e=&e2=&e3=&i=&sv=29&dv=355&
Requested by
Host: minnettbank.santanderconsumer.no
URL: https://minnettbank.santanderconsumer.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1 PlusServer GmbH, DE),
Reverse DNS
ma5050018.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
43
date
Wed, 04 Dec 2024 22:20:55 GMT
edge-control
no-store, no-cache, must-revalidate
last-modified
Wed, 04 Dec 2024 22:20:55 GMT
x-xss-protection
0
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		416 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7J118R96W7&l=dataLayer&cx=c&gtm=45He4c30v6597604za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0ddca1094a4810f2a9697a6b7a82c21c2927adc2ee5f9adccb36ac977e0de58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 22:20:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135339
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-6522680&l=dataLayer&cx=c&gtm=45He4c30v6597604za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1725f80f628f588210de57f301107d730d8a1915ea4a7d8dc5d6dd421a1f00a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 04 Dec 2024 22:20:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 22:20:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 21:37:49 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85087
x-xss-protection
0
server
Google Tag Manager
a
csfe.bankid.no/CentralServerFEJS/ Frame 7AE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csfe.bankid.no/CentralServerFEJS/a?cid=XQqC3dBIrV9bB48Z
Requested by
Host: csfe.bankid.no
URL: https://csfe.bankid.no/CentralServerFEJS/Gateway/helper20.js?cid=XQqC3dBIrV9bB48Z
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
193.26.146.36 , Norway, ASN207674 (VIPPS-AS VIPPS MOBILEPAY AS, NO),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://id.santanderconsumer.no/sig-prod-auth14/std/method/santanderconsumer.no/b3a163d7ce6244de87a0f7ff1000c61c0754e8c0b28e11efbd3e005056ac9116/upr/bid; default-src 'none'; img-src data:; reflected-xss block; report-uri /CentralServerFEJS/a/report-error?cid=XQqC3dBIrV9bB48Z; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://id.santanderconsumer.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
3424
Content-Security-Policy
connect-src 'self' https://id.santanderconsumer.no/sig-prod-auth14/std/method/santanderconsumer.no/b3a163d7ce6244de87a0f7ff1000c61c0754e8c0b28e11efbd3e005056ac9116/upr/bid; default-src 'none'; img-src data:; reflected-xss block; report-uri /CentralServerFEJS/a/report-error?cid=XQqC3dBIrV9bB48Z; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';
Content-Type
text/html;charset=utf-8
Date
Wed, 04 Dec 2024 22:20:55 GMT
Expires
0
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
/
service.giosg.com/api/visitor-data/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/16366/ 		334 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/visitor-data/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/16366/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/939.6cb77e3afd9e14ea4e56.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
5702fa97a3a2472d6ec71b7af3dc97d81ab5e2f879df8a4f0f10e8b30527faaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-GIOSG-ClientVersion
6376a3a757a81bccca1b4c1e03546ff3
Referer
https://minnettbank.santanderconsumer.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000
x-response-duration
16
cache-control
no-cache
content-encoding
gzip
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
238
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language, Cookie, Accept-Encoding
/
service.giosg.com/api/visitor-data/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/16366/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/visitor-data/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/16366/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Access-Control-Request-Method
GET
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:56 GMT
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server
nginx
strict-transport-security
max-age=63072000
/
service.giosg.com/api/v5/public/trace/ 		18 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
d85970168aaa7b320d4f335d425990a1061bd5b6ccec9dfde2eeac68fc96edca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://minnettbank.santanderconsumer.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*
Content-Type
text/plain; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000
x-response-duration
231
allow
GET, POST, HEAD, OPTIONS
access-control-allow-origin
*
content-length
18
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language
src=6522680;type=s360_002;cat=s360_0;ord=1;num=9708288825413;npa=1;u1=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F;gdid=dZTJkMz.dMzk4MW;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=deni...
ade.googlesyndication.com/ddm/activity/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7J118R96W7&gtm=45je4c30v883686473z86597604za200zb6597604&_p=1733350854553&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&gdid=dZTJkMz.dMzk4MW&gtm_up=1&cid=492679945.1733350856&ul=no-no&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&dp=%2Fminnettbank%2F&sid=1733350855&sct=1&seg=0&dl=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&dt=Nettbank%20for%20kredittkort%2C%20l%C3%A5n%20og%20leasing%20%E2%80%93%20Santander%20Consumer%20Bank&en=page_view&_fv=1&_nsi=1&_ss=2&ep.mobile_app=null&ep.url_passthrough=true&tfd=2174
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7J118R96W7&l=dataLayer&cx=c&gtm=45He4c30v6597604za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://minnettbank.santanderconsumer.no
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 22:20:56 GMT
content-type
text/plain
server
Golfe2
favicon-32x32.png
minnettbank.santanderconsumer.no/Resources/Images/favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://minnettbank.santanderconsumer.no/Resources/Images/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.34.180 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dd62fcf127870c6a2a17f26dacdc98b217946b3044ed30f2e099773748cb5402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=31536000
x-iinfo
13-54303086-0 0CNN RT(1733350853664 2202) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=529313, public
etag
"0601544932bdb1:0"
x-cdn
Imperva
expires
Wed, 11 Dec 2024 01:22:48 GMT
content-length
1152
date
Wed, 04 Dec 2024 22:20:55 GMT
last-modified
Thu, 31 Oct 2024 12:49:04 GMT
content-type
image/png
/
service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/wm4fdh37dpkcsb3ummaaetwzrqphsxyr52sisascvqjaaham/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/wm4fdh37dpkcsb3ummaaetwzrqphsxyr52sisascvqjaaham/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Access-Control-Request-Method
POST
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:56 GMT
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server
nginx
strict-transport-security
max-age=63072000
/
service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/pb2idjmuwvtxa3zp6yaaf2hfmqmoxkqr5kyxkascvqiqahqm/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/pb2idjmuwvtxa3zp6yaaf2hfmqmoxkqr5kyxkascvqiqahqm/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-giosg-clientversion
Access-Control-Request-Method
POST
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, content-type, accept, origin, authorization, x-giosg-clientversion, x-client-origin, X-GIOSG-SCRIPT-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 22:20:56 GMT
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
server
nginx
strict-transport-security
max-age=63072000
live.json
018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com/ 		17 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com/live.json
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:1200:1d:5e80:5500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
83428badd7afe5a29a6dbb2d7b8633a1574cecf09858a4eaec83bbc028a9dd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
etag
W/"43a4-mftRCL1Z3h91xBthj3NSI5w22dg"
age
18
access-control-allow-methods
GET,PUT,POST,DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
ve4qn9x2xEFhz1zeQWZDs5tOBMR5GYR25YTvIFkNUZsSdZ_YCQ4wyg==
date
Wed, 04 Dec 2024 22:20:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type,Authorization,x-requested-with
strict-transport-security
max-age=31536000
cache-control
public, max-age=30
via
1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P9
server
nginx
player.js
globalcdn.interactiondesigner.giosg.com/ 		878 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://globalcdn.interactiondesigner.giosg.com/player.js
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:3c00:1:db71:1100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
77e0575e35d8c0e4b4039e1f24e027ae43c0c62bd7a258f4473d434440a7681a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

content-encoding
gzip
etag
W/"db63b-1938782d7dd"
age
6
access-control-allow-methods
GET,PUT,POST,DELETE
x-cache
Hit from cloudfront
x-amz-cf-id
FeFixiwvxAXjrAVpT-Z6G-cMCJ6dBthA7A8DXSI_1kdMOILXMsQgvQ==
date
Wed, 04 Dec 2024 22:20:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 13:15:19 GMT
access-control-allow-headers
Content-Type,Authorization,x-requested-with
strict-transport-security
max-age=31536000
cache-control
public, max-age=60, max-stale=10, immutable, stale-if-revalidate=10, stale-if-error=10
via
1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P10
server
nginx
/
service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/wm4fdh37dpkcsb3ummaaetwzrqphsxyr52sisascvqjaaham/ 		2 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/wm4fdh37dpkcsb3ummaaetwzrqphsxyr52sisascvqjaaham/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/939.6cb77e3afd9e14ea4e56.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-GIOSG-ClientVersion
6376a3a757a81bccca1b4c1e03546ff3
Referer
https://minnettbank.santanderconsumer.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000
x-response-duration
15
allow
GET, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
*
content-length
2
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language
/
service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/pb2idjmuwvtxa3zp6yaaf2hfmqmoxkqr5kyxkascvqiqahqm/ 		2 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/giosg_api/visitor/nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym/pb2idjmuwvtxa3zp6yaaf2hfmqmoxkqr5kyxkascvqiqahqm/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/939.6cb77e3afd9e14ea4e56.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-GIOSG-ClientVersion
6376a3a757a81bccca1b4c1e03546ff3
Referer
https://minnettbank.santanderconsumer.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000
x-response-duration
22
allow
GET, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
*
content-length
2
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language
16979922-f727-11ee-8c14-0242ac12000f
service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/giosg_brands/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/orgs/b11a1516-d3f2-11e6-b037-00163e789e28/giosg_brands/16979922-f727-11ee-8c14-0242ac12000f
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
07c9eee2be62cd537da2f941b67a475b5607e9ec1e37abc19d64e928ee6b93ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
x-response-duration
6
content-encoding
gzip
allow
GET, PUT, PATCH, DELETE, HEAD, OPTIONS
access-control-allow-origin
*
content-length
835
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language, Accept-Encoding
/
service.giosg.com/api/v5/public/trace/ 		17 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/api/v5/public/trace/
Requested by
Host: service.giosg.com
URL: https://service.giosg.com/static/973.d81536b7904bd4c5c07a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://minnettbank.santanderconsumer.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*
Content-Type
text/plain; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000
x-response-duration
167
allow
GET, POST, HEAD, OPTIONS
access-control-allow-origin
*
content-length
17
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-language
en
content-type
application/json
server
nginx
vary
Accept, Accept-Language
external
api.giosg.com/events/v2/store/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.giosg.com/events/v2/store/external
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://minnettbank.santanderconsumer.no
content-type
text/html
date
Wed, 04 Dec 2024 22:20:56 GMT
server
openresty
giosgTCApi.build.js
service.giosg.com/static/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.giosg.com/static/giosgTCApi.build.js
Requested by
Host: globalcdn.interactiondesigner.giosg.com
URL: https://globalcdn.interactiondesigner.giosg.com/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
nginx /
Resource Hash
6fbb6ae5c01819e12493729f3e2913f34691c4e875b4d30b35393dd28006ca38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

strict-transport-security
max-age=63072000
cache-control
max-age=315360000, public
content-encoding
gzip
etag
"674898f7-34cc"
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
13516
p3p
CP=Giosg does not have a P3P policy. Check: https://service.giosg.com/privacy_policy/
date
Wed, 04 Dec 2024 22:20:56 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 16:23:19 GMT
server
nginx
vary
Accept-Encoding
fr1OrBT1l7uu0SgbPz7V0unRLWKk4z.svg
cdn.giosgusercontent.com/assets/2924/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.giosgusercontent.com/assets/2924/fr1OrBT1l7uu0SgbPz7V0unRLWKk4z.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:9:f3c8:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bae9c07a5c2bb59bfb7fb97eeecab3ae1ab14939a0bb473ad3e2548f90cf7fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://minnettbank.santanderconsumer.no/

Response headers

vary
accept-encoding
cache-control
public, max-age=31536000
content-encoding
br
x-amz-version-id
zQFFlnUUr.8lHIxH7KArWth5uZDsu8B3
etag
W/"6e0105968a5224998a2445f3ada4470f"
age
1498956
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
D0n4OGEqlgvGOcIFVSdAzqie9QVAS5MNLMjx7yRvL-WEzSKoQEijbA==
date
Sun, 17 Nov 2024 13:58:22 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Tue, 05 Dec 2023 12:51:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
external
api.giosg.com/events/v2/store/ 		2 B
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.giosg.com/events/v2/store/external
Requested by
Host: globalcdn.interactiondesigner.giosg.com
URL: https://globalcdn.interactiondesigner.giosg.com/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cross-origin-opener-policy
same-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
allow
POST, OPTIONS
referrer-policy
same-origin
access-control-allow-origin
https://minnettbank.santanderconsumer.no
content-length
2
date
Wed, 04 Dec 2024 22:20:57 GMT
content-type
application/json
server
openresty
x-frame-options
DENY
external
api.giosg.com/events/v2/store/ 		2 B
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.giosg.com/events/v2/store/external
Requested by
Host: globalcdn.interactiondesigner.giosg.com
URL: https://globalcdn.interactiondesigner.giosg.com/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://minnettbank.santanderconsumer.no/

Response headers

cross-origin-opener-policy
same-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
allow
POST, OPTIONS
referrer-policy
same-origin
access-control-allow-origin
https://minnettbank.santanderconsumer.no
content-length
2
date
Wed, 04 Dec 2024 22:20:57 GMT
content-type
application/json
server
openresty
x-frame-options
DENY
external
api.giosg.com/events/v2/store/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.giosg.com/events/v2/store/external
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.128.65 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
service.giosg.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://minnettbank.santanderconsumer.no
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://minnettbank.santanderconsumer.no
content-type
text/html
date
Wed, 04 Dec 2024 22:20:56 GMT
server
openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/src=6522680;type=s360_002;cat=s360_0;ord=1;num=9708288825413;npa=1;u1=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F;gdid=dZTJkMz.dMzk4MW;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4c30v9179630913z86597604za201zb6597604;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fminnettbank.santanderconsumer.no?

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| dataLayer object| NetBankWeb function| $ function| jQuery function| Pikaday function| AutoNumeric object| Chartist function| clearImmediate function| setImmediate object| regeneratorRuntime number| uidEvent object| EventBus object| _0x4e7b function| _0xb4e7 object| numberA object| google_tag_manager object| google_tag_data function| _giosg function| onYouTubeIframeAPIReady function| cmpmngr_queryfile number| cmp_id function| cmp_readParam function| cmp_setParam string| cmp_host string| cmp_cdn string| cmp_codesrc function| cmp_unq function| cmp_fnd function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_extractlang function| cmp_getlangs function| cmp_getPageLangs function| cmp_getPageLang function| cmp_getLangsFromURL function| cmp_getXMLLang function| cmp_rc function| cmp_stub function| cmp_dsastub function| cmp_gppstub function| cmp_gpp_ping function| cmp_addFrame function| cmp_msghandler function| cmp_setStub function| cmp_setGppStub function| __cmp function| __gpp function| __dsa object| webpackChunkgiosgclient_v2 object| giosg object| cmp_config_data object| cmp_scripts string| cmp_proto function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 function| cmp_script_loaded function| cmp_utillities function| cmp_gppmanifest function| cmp_fibo function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_purpose function| cmp_feature function| cmp_stack function| cmp_vendor function| cmp_snapshot function| cmp_storage function| cmp_gpp_helper function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmp_display_qr function| cmp_display_welect function| cmpsource string| cmpccsversionbuild number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole object| cmp_dataLayer function| cmp_gtag object| cmp_utls function| cmp_getGPPManifests function| cmp_regulations function| cmp_getregulation function| cmp_affiliatedomains function| cmp_awindomains object| cmp_contentblocker function| cmp_getcss object| cmpmngr function| cmp_gc function| cmp_hc function| __cmapi object| __cmp_langs_loaded object| cmp_timer object| cmp_timer2 function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icologoiablogo function| cmp_svg_icomatexternal_link number| cmp_waitforcrossdomain number| cmp_langdetect object| cmp_loadedLangs object| cmp_loadedLangsstarted function| gtag object| giosgTCApi object| GiosgClient function| cmp_spachange number| cmpGDPR string| cmpRegulation string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpLoadingStatus string| cmpDisplayStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes number| cmpDesignId boolean| consentExists string| userChoiceType string| userChoiceStatus boolean| prevent_duplicate_googleanalytics object| utag_data object| gaGlobal object| giosgIbJsonp number| __mobxInstanceCount object| __mobxGlobals object| giosgInteractionPlayer function| onGiosgInteractionEvent

17 Cookies

Domain/Path Name / Value
id.santanderconsumer.no/std Name: JSESSIONID
Value: CEE3DE8844B5B74719F1C2B2D722920C.sig-prod-auth14
id.santanderconsumer.no/std Name: JSESSIONID-fallback
Value: CEE3DE8844B5B74719F1C2B2D722920C.sig-prod-auth14
minnettbank.santanderconsumer.no/ Name: __RequestVerificationToken
Value: zNOxM8lNsk1YfpSGpTB2o7OmltiWH9AJs5K1j3-ykVeq1WLtMCkt7xweDOYciUt9LbBHoCEshgbZ-HGsAuWjnZVikWY1
minnettbank.santanderconsumer.no/ Name: scb-persist-insert
Value: !6TuvId4l3tqx+wuBVQVNhTiGz3b8jTZEjCsL+kYbcfYq1HeJUWMVMl/h2xuVNlUyBOLtXMX05MgR7p1kXXin4gJGmaAU5ltPkHUNSU0=
.santanderconsumer.no/ Name: visid_incap_2431390
Value: zt0nORmKSpy93Q8EEGfn2MXVUGcAAAAAQUIPAAAAAADFNQji2ESoo1SY8UcavR45
.santanderconsumer.no/ Name: nlbi_2431390
Value: plZEN/Eg4l8Lu29qHEWnIgAAAAAhTsZmK8Tk9+SBIqVqsbgC
.santanderconsumer.no/ Name: incap_ses_7233_2431390
Value: B/b3YyJAOkxu+yXQWcdgZMXVUGcAAAAAB4ze+Mbaf5PqfYPj+IYb5Q==
id.santanderconsumer.no/ Name: transid
Value: 2wibajuaelg8mk8hpsyk39s4ufr21jcaybect3q4wtmji2b9wl
id.santanderconsumer.no/ Name: transid-fallback
Value: 2wibajuaelg8mk8hpsyk39s4ufr21jcaybect3q4wtmji2b9wl
.santanderconsumer.no/ Name: __cmpcvcu22188
Value: __s23_s905_c41132_s1049_s898_c37650_c60302__
.santanderconsumer.no/ Name: __cmpcpcu22188
Value: __51__
.santanderconsumer.no/ Name: __cmpcvc
Value: __s23_s905_c41132_s1049_s898_c37650_c60302__
.santanderconsumer.no/ Name: __cmpcpc
Value: __51__
.santanderconsumer.no/ Name: __cmpiab
Value: __1017_
service.giosg.com/ Name: sgid
Value: zcvwjitpvvesjxcvayaakaacontqeeah67zsnmuochxz5sqcikwbeaafbq
minnettbank.santanderconsumer.no/ Name: giosg_chat_id_3653
Value: nwk6u7pgfcgcdjh6luaapamjrdwtas5qo7ino2unqfexboym
minnettbank.santanderconsumer.no/ Name: giosg_sgid_3653
Value: zcvwjitpvvesjxcvayaakaacontqeeah67zsnmuochxz5sqcikwbeaafbq

2 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV73FF(Line 191)
Message:
Refused to connect to 'https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1990455655.1733350855&npa=1&gtm=45He4c30v6597604za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733350854963&tfd=838&apve=1' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.bankid.no *.google.com *.google.no *.google.dk *.google.se *.google.fi youtube.com fonts.googleapis.com ssl.gstatic.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.mouseflow.com *.consentmanager.net". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://minnettbank.santanderconsumer.no/
Message:
Refused to load the image 'https://ade.googlesyndication.com/ddm/activity/src=6522680;type=s360_002;cat=s360_0;ord=1;num=9708288825413;npa=1;u1=https%3A%2F%2Fminnettbank.santanderconsumer.no%2F;gdid=dZTJkMz.dMzk4MW;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4c30v9179630913z86597604za201zb6597604;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fminnettbank.santanderconsumer.no?' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.bankid.no *.google.com *.google.no *.google.dk *.google.se *.google.fi youtube.com fonts.googleapis.com ssl.gstatic.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.mouseflow.com *.consentmanager.net". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.santanderconsumer.no *.santander.no *.scbbf.local *.scb.nu *.bankid.no *.google.com *.google.no *.google.dk *.google.se *.google.fi youtube.com fonts.googleapis.com ssl.gstatic.com lh3.googleusercontent.com *.googletagmanager.com *.google-analytics.com *.giosg.com *.giosgusercontent.com giosg-chat-public-eu.s3.amazonaws.com *.hotjar.com *.doubleclick.net *.mouseflow.com *.consentmanager.net; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

018c3a08-5443-cac9-ae2a-e4348f63aea8.interactions.giosgusercontent.com
ade.googlesyndication.com
api.giosg.com
c.delivery.consentmanager.net
cdn.consentmanager.net
cdn.giosgusercontent.com
csfe.bankid.no
delivery.consentmanager.net
globalcdn.interactiondesigner.giosg.com
id.santanderconsumer.no
minnettbank.santanderconsumer.no
region1.google-analytics.com
service.giosg.com
services.bankid.no
www.googletagmanager.com
ade.googlesyndication.com
109.68.90.49
178.63.128.65
193.26.146.36
193.26.146.37
2001:4860:4802:32::36
2600:9000:2057:c200:9:f3c8:9b00:93a1
2600:9000:2359:3c00:1:db71:1100:93a1
2600:9000:2670:1200:1d:5e80:5500:93a1
2a00:1450:4001:828::2008
2a02:6ea0:c700::107
2a02:6ea0:c700::19
45.60.34.180
87.230.98.76
87.230.98.78
070878351cd87da2d9cc1d3b26e7a10c72fa7da91dde48c333eb41a9312d89ac
07c9eee2be62cd537da2f941b67a475b5607e9ec1e37abc19d64e928ee6b93ce
0d8f990698dbc0226a0139d0f909b54c37945280c3802a3c7796373c48fe9846
1725f80f628f588210de57f301107d730d8a1915ea4a7d8dc5d6dd421a1f00a1
17be6853c54a168d0265be0067eafb01edcee1c2b203977e6f443424d9a8c671
1eb19af199af48ddcf2908381e806d7a1989423e6a1b77de4faa3413ea875767
25d47ac2bd2d3fc6cd416966bc836b1fc59b889eeadc1dc021fc62ec678bad3c
3ac46ada672e74859c6f58fcfcc4b933dca3eb49adf58ef1464f3df9691762cc
42c354558b5374ce9a4a682d43f0d30467f4076066b7bcbf86a7b72697819277
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5702fa97a3a2472d6ec71b7af3dc97d81ab5e2f879df8a4f0f10e8b30527faaf
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
61fc7904e3c27951c1d6853b9116b6ebad2c5d282602e0eb6ba1792770e4eae6
69a2e090d0a82519fa0588c1cdaf4f40a222b04eba1b8a29e475bcc7e39087bc
6fbb6ae5c01819e12493729f3e2913f34691c4e875b4d30b35393dd28006ca38
77e0575e35d8c0e4b4039e1f24e027ae43c0c62bd7a258f4473d434440a7681a
7ef80cd197cf83e5325a1b1f1468f4ccb277dea70b4e876a04b52fb21c32635c
83428badd7afe5a29a6dbb2d7b8633a1574cecf09858a4eaec83bbc028a9dd96
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8bae9c07a5c2bb59bfb7fb97eeecab3ae1ab14939a0bb473ad3e2548f90cf7fa
8ec0f2d8cbbc3ce0240314c6054700615d3f20fc276481e74aa2d4e8c34af146
98e8f9ae95094f604333c2e508447c1da66ea8effb97820094638da886724990
9a3c6745944ff4d49ae5c377138e5d42d8e5a02f84ff4f625cb0aca8771f7bf1
a3430ce332df40eb10c3b90857993bf39f12c2ba1f5c7ebd1b3a5077ad49e847
a39edc064915e15f9a4132e628b922f76e9705c8c41f1c312f532b2c4178de68
a701cd4a9cfc02344ae90ef4adacb3ffb69feb8d5922e324df6383a03b1a9921
b053d9da34e1adf0fef9cd78c02eeb9851a40fe732268d58fc90aa83e95de345
b0ddca1094a4810f2a9697a6b7a82c21c2927adc2ee5f9adccb36ac977e0de58
ba4bd7bd2d89991b1d2940021c3307d8a810c71773e16665d9ccaa0420d8c1a4
c4fa210b16e97fb091c3b23c98da3dcd8cb98870d6bb05c52db28ea22ac43411
cf2166ed0037c6f2797c0774063ecc0275cd08473aeff74cf79dc510bb60398b
d3c6df5438dc5257ff4cb09fc5662c056385346c0624b26adb8ca446227f0182
d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25
d85970168aaa7b320d4f335d425990a1061bd5b6ccec9dfde2eeac68fc96edca
d8bdd8a0445ca65540db6ece130f725153522cf497208fd417ef1ce852ff24c4
dd62fcf127870c6a2a17f26dacdc98b217946b3044ed30f2e099773748cb5402
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee08e211a2e1459ba4f5535806f7e284528fcf40abb4c9044473de1cb99f2325
f1199e64815247e3a09529ca29d99288c3edee230ca827c5a56a912453010add
fd72052eaf92e5f1236fcc46f9112e41ecbf164fe9ecb12664b0de946c740177
ffef7682d09998f8522a7944850e5e08a12902d64fd92332e251f304b8c453a7