retail-santander.net Open in urlscan Pro
37.9.175.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bc4.io/b092a8c#654ac6126670621b47b2248b23b94593
Effective URL:
https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr...
Submission: On October 05 via api (October 5th 2023, 1:25:35 pm UTC) from ES — Scanned from ES

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 37.9.175.188, located in Slovakia and belongs to WEBSUPPORT-SRO-SK-AS, SK. The main domain is retail-santander.net.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time retail-santander.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	129.213.198.22 129.213.198.22	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	35.190.2.215 35.190.2.215	15169 (GOOGLE) (GOOGLE)
1 13	37.9.175.188 37.9.175.188	51013 (WEBSUPPOR...) (WEBSUPPORT-SRO-SK-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:85b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	5

1 129.213.198.22 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

bc4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.2.215 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 215.2.190.35.bc.googleusercontent.com

hab.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.9.175.188 (Slovakia) 1 redirects

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: ing.r5.websupport.sk

retail-santander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:85b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	retail-santander.net 1 redirects retail-santander.net	356 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	90 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 47264	108 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	34 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	5 KB
1	hab.me 1 redirects hab.me	148 B
1	bc4.io 1 redirects bc4.io	416 B
20	7

	Domain	Requested by
13	retail-santander.net	1 redirects retail-santander.net
5	cdnjs.cloudflare.com	retail-santander.net
2	cdn.tailwindcss.com	1 redirects retail-santander.net
1	ajax.googleapis.com	retail-santander.net
1	cdn.jsdelivr.net	retail-santander.net
1	hab.me	1 redirects
1	bc4.io	1 redirects
20	7

This site contains no links.

Subject Issuer	Validity	Valid
retail-santander.net R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Frame ID: DF5AEAAF323A4BBD90F403E17C733702
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal Online B_c238803edb9a0c38815f62ae6ac89b23c238803edb9a0c, SMc238803edb9a0c38815f62ae6ac89b23

Page URL History Show full URLs

http://bc4.io/b092a8c HTTP 301
https://hab.me/xFZcr6Z HTTP 301
https://retail-santander.net/olbss/index.php?pwd=SANUK23 HTTP 302
https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmf... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

20
Requests

95 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

592 kB
Transfer

1455 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bc4.io/b092a8c HTTP 301
https://hab.me/xFZcr6Z HTTP 301
https://retail-santander.net/olbss/index.php?pwd=SANUK23 HTTP 302
https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.3.3

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request l.php Show response
retail-santander.net/olbss/X0c9hQg6W8/
Redirect Chain

http://bc4.io/b092a8c
https://hab.me/xFZcr6Z
https://retail-santander.net/olbss/index.php?pwd=SANUK23
https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa

21 KB
3 KB

86ms
84ms

Document
text/html

37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: b202161f05860cb1708ef7cb92c30fe48220d75be93c48c13f31f2a1281db6f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:25:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: openresty
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:25:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
pragma: no-cache
server: openresty

GET
H2

200

3.3.3 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.3.3

354 KB
108 KB

51ms
51ms

Script
text/javascript

2606:4700:20::681a:85b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.3.3

Requested by

Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa

Protocol

Server

2606:4700:20::681a:85b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea5165a14a0c8a5273cdb7e0820bd56ac90fbedfbe37d3cd602306b4adf2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 667527
x-vercel-internal-timing: hotness;desc="COLD",boot;dur=25.551696000038646;desc="Boot time",fn-import;dur=358.59795500000473;desc="Import function code",listen;dur=0;desc="Start local server",request;dur=374.60865199996624;desc="Run local request",handle;dur=21.566910999943502;desc="Handle local request",response;dur=1644.09728300001;desc="Respond",cold;dur=414.27198900002986;desc="Cold Time",ttfb;dur=2079.9361829999834;desc="TTFB"
last-modified: Mon, 07 Aug 2023 01:00:24 GMT
x-vercel-id: gru1::iad1::kftrl-1691370021589-b46a63c900ba
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQZ1LxKH5jR3aHsjm7TANxMdwbql3x%2BHol5n32fe%2BECH4tU%2BBnbwX8jGTmcf2FjDB9YVg82q0SwX8H%2BJ7%2B6lGkHCZIIXBoUOFgKdjfAoz2Me0y3ThkP8q4X%2B1eYlmFx9JEf0jV%2BpPSX1ogZYpo8prWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8115fdb22a7560cf-MAD

Redirect headers

date: Thu, 05 Oct 2023 13:25:30 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: gru1::iad1::nq59h-1696511703524-6b2b9756f113
server: cloudflare
age: 313
x-vercel-cache: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZU28ofXA5jUPQD0yQD6P4yNkBbzKa%2B51A14xJQn61iBnGCzvBVTGHqunDT4qJhZaCQI765BeBc5jnSXRc65olk6zt0aFCDpREtWkm8qb%2FxbAw7a6cRx5bIrdHWZ22dA%2BjOrir3%2F5mgEmeV2aPBnZKk%3D"}],"group":"cf-nel","max_age":604800}
location: /3.3.3
cache-control: max-age=14400
cf-ray: 8115fdb1da1260cf-MAD
content-length: 0

GET
H2 200 animate.min.css
cdn.jsdelivr.net/npm/animate.css@3.7.2/ 57 KB
5 KB 110ms
44ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/animate.css@3.7.2/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 372374
x-jsd-version: 3.7.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220065-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"e311-Kab1RWnBk//WEW8Dvj60I1nGDrc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P28p9w2Pl0F5GKKxBNfLzCvJ4vYksm%2Ba7pwk%2BIC1Ozlg1JTfBzQak42MFFEGY5ZEaCHGPQdWkR5dM1%2FAqx5i8EVuHwhpmYcvS2MUkubxb%2B9IR4fDfsC5pAD7bi24QEYAR6DcsOV1xICia1u%2B0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8115fdb1de392fa7-MAD

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 187ms
60ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 13:34:37 GMT

GET
H2 200 main.css
retail-santander.net/olbss/assets/css/ 239 KB
28 KB 88ms
88ms Stylesheet
text/css 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://retail-santander.net/olbss/assets/css/main.css
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: faf54fe503f6acb9fa6e0ab01508d9d573da36283e297732219202955bcfc40e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
etag: W/"3bd5a-606ef993599ed"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 header-logo.png
retail-santander.net/olbss/assets/images/ 3 KB
3 KB 80ms
78ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/header-logo.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: f700c3638638b62b07e614c8cae5665cf4bfa956452ab4e6fea5a15965fc40f7

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "aeb-606ef9935a98d"
content-length: 2795
content-type: image/png

GET
H2 200 dhob.png
retail-santander.net/olbss/assets/images/ 3 KB
3 KB 83ms
82ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/dhob.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 817b9a10e77915bc514a8d73d41bd3dd63ae9043188a9542ba20832a83adde0b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "b7d-606ef9935a98d"
content-length: 2941
content-type: image/png

GET
H2 200 dhom.png
retail-santander.net/olbss/assets/images/ 963 B
1 KB 84ms
82ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/dhom.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: aed3d1a8cb34cf83ef47a99d4fd3ce481f7297a42ea35e8bac8c5481a8f44a47

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "3c3-606ef9935a98d"
content-length: 963
content-type: image/png

GET
H2 200 loty.png
retail-santander.net/olbss/assets/images/ 4 KB
4 KB 90ms
88ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/loty.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 849889c4c32a9b7efc14cbcc9d78faee875664b47249865e167be7093449d2a4

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "1092-606ef9935a98d"
content-length: 4242
content-type: image/png

GET
H2 200 loader2.gif
retail-santander.net/olbss/assets/images/ 112 KB
113 KB 93ms
92ms Image
image/gif 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/loader2.gif
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 1cbbf82e76783e2525148d29c323c82ab6018e1dfeefbe9cdd9250f89c991b86

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "1c19a-606ef9935a98d"
content-length: 115098
content-type: image/gif

GET
H2 200 bsa.png
retail-santander.net/olbss/assets/images/ 34 KB
34 KB 182ms
181ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/bsa.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: f29600ba0dd9aaedab35d0caca7d865ed6fd333ae67c8f82520c1997b8eb778a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "8655-606ef9935a98d"
content-length: 34389
content-type: image/png

GET
H2 200 bsm.png
retail-santander.net/olbss/assets/images/ 7 KB
7 KB 183ms
181ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/bsm.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 11f518e87be7673a4983d9b1982a8e57774e65e084afdd9cadcf2de8a29a1661

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "1d5f-606ef9935a98d"
content-length: 7519
content-type: image/png

GET
H2 200 fod.png
retail-santander.net/olbss/assets/images/ 10 KB
10 KB 183ms
182ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/fod.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 07345b3097d578fd42d8c2359e4e598b568435982b835ad2a01cc63920b6766f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "2693-606ef9935a98d"
content-length: 9875
content-type: image/png

GET
H2 200 fom.png
retail-santander.net/olbss/assets/images/ 11 KB
11 KB 183ms
182ms Image
image/png 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retail-santander.net/olbss/assets/images/fom.png
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 0a6ad2e531d98102b975de4b5575985e0504092e123ebcd352b1eacaeb5990b0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/olbss/X0c9hQg6W8/l.php?id=Egm34L65sYZt48XK4kLi2OT6WmnwbM4U7foqu88ReWGbZa0jmfpU0IsTn3X739BhgMe9Kr3FsA2wtuFsjustGlCG8Ghf5cDu8rLgy5TFt2hQpLJKWDe34Raa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "2b59-606ef9935a98d"
content-length: 11097
content-type: image/png

GET
H2 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/ 256 KB
64 KB 105ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/jquery.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 30266804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64839
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-40023"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKA%2Bs6ejxTuOq397lY3QKca4qXa%2BIdUfzJw7u6VWNE4WY%2BnoNjnkV1gny6ohXbUpjQM9IujAhDqmk6BzlvFirtMaIm36MDhdRB%2BQrzedWIcWjZSuHiS6Yllq7XG86GeWWHXXwd3gJGJKm256A3HK1twY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8115fdb31a9d217d-MAD
expires: Tue, 24 Sep 2024 13:25:30 GMT

GET
H2 200 jquery.validate.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 45 KB
11 KB 81ms
71ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21008280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10622
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-b4b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVGVw3jzWLloFCTFsDmOO8ddknNuCBpiIbGvSzinqeZnqQWDXS2OaAX1hg76RnpqfM%2F1y1fkmAUA7jZiAheqrq8YbLfu%2B0AXG2lWrhbXz25Dj4lfJOLOFTWsC5ea01mIqLiICXGNq8KxYIj2RgRp0YD5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8115fdb31aa4217d-MAD
expires: Tue, 24 Sep 2024 13:25:30 GMT

GET
H2 200 additional-methods.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 38 KB
9 KB 76ms
72ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/additional-methods.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 550800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9078
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-985d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mbWGZYwp79h37XSnK1ZW8iIZFncCFBk3Gzx2W4CUP9eOBO2eI70JzsEYZUqKFO1pSDUZXV%2BNtubWaUmbVuPh4cbl4ia%2FMNVJp9Tx8A6EXuJ74aY%2B%2BpL7%2Bct7DUQFsyp3AMGuKcIXYWrDjTcPJGexj46"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8115fdb31aa6217d-MAD
expires: Tue, 24 Sep 2024 13:25:30 GMT

GET
H2 200 jquery.maskedinput.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 10 KB
3 KB 75ms
72ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1717672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2306
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-284d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knnRaeHaWZ6v5KBGgjOg4mkbaIQaCFXWDQCIihHHECRfARt9Tajmh234Fri2osJ2JovI7zpbA72u8fjw9L9CdcOyDxislLofJASfOM%2Frza1tNzsCUshI1LGmvtMU%2BpHpFTA1SNrHEQDVe5VfSG9759Ha"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8115fdb31aa2217d-MAD
expires: Tue, 24 Sep 2024 13:25:30 GMT

GET
H2 200 jquery.payment.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/ 17 KB
3 KB 74ms
70ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/jquery.payment.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://retail-santander.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 67874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3067
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-421b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFaR8g0t0YaI2i7ZsSxWgkjch6Qh7WR16rcIQrJjI6D9Ywhpsfs5ug%2FtntJ2VSKzuqsTyQ1pMOty1XFitOZtoR72cNnL6te6Popj1JQ9F1QAxSHI22CkJC82ZJywtd%2F89%2FOnRT1xpuP%2FKMCEmuDJjE8b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8115fdb31aa5217d-MAD
expires: Tue, 24 Sep 2024 13:25:30 GMT

GET
H2 200 Text-Regular.ttf
retail-santander.net/olbss/assets/font/ 138 KB
138 KB 182ms
182ms Font
font/ttf 37.9.175.188
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://retail-santander.net/olbss/assets/font/Text-Regular.ttf
Requested by: Host: retail-santander.net
URL: https://retail-santander.net/olbss/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.9.175.188 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r5.websupport.sk
Software: openresty /
Resource Hash: 3c34b516dc489a5ff3cb121a73b6cfc25ec0920394b2d3b742d30201e71e6e24

Request headers

Referer: https://retail-santander.net/olbss/assets/css/main.css
Origin: https://retail-santander.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:25:30 GMT
last-modified: Thu, 05 Oct 2023 03:19:57 GMT
server: openresty
accept-ranges: bytes
etag: "22788-606ef9935a98d"
content-length: 141192
content-type: font/ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind function| $ function| jQuery string| /template.html

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bc4.io/	1970-01-20 15:16:11	Name: reference Value: 2850481094463803379
			retail-santander.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8eb1aac2d8e3c7e25b5af543a11b6bf3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bc4.io
cdn.jsdelivr.net
cdn.tailwindcss.com
cdnjs.cloudflare.com
hab.me
retail-santander.net
129.213.198.22
2606:4700:20::681a:85b
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:806::200a
35.190.2.215
37.9.175.188
07345b3097d578fd42d8c2359e4e598b568435982b835ad2a01cc63920b6766f
0a6ad2e531d98102b975de4b5575985e0504092e123ebcd352b1eacaeb5990b0
11f518e87be7673a4983d9b1982a8e57774e65e084afdd9cadcf2de8a29a1661
1cbbf82e76783e2525148d29c323c82ab6018e1dfeefbe9cdd9250f89c991b86
1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375
2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb
3c34b516dc489a5ff3cb121a73b6cfc25ec0920394b2d3b742d30201e71e6e24
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
817b9a10e77915bc514a8d73d41bd3dd63ae9043188a9542ba20832a83adde0b
849889c4c32a9b7efc14cbcc9d78faee875664b47249865e167be7093449d2a4
8ea5165a14a0c8a5273cdb7e0820bd56ac90fbedfbe37d3cd602306b4adf2590
aed3d1a8cb34cf83ef47a99d4fd3ce481f7297a42ea35e8bac8c5481a8f44a47
b202161f05860cb1708ef7cb92c30fe48220d75be93c48c13f31f2a1281db6f1
f29600ba0dd9aaedab35d0caca7d865ed6fd333ae67c8f82520c1997b8eb778a
f700c3638638b62b07e614c8cae5665cf4bfa956452ab4e6fea5a15965fc40f7
faf54fe503f6acb9fa6e0ab01508d9d573da36283e297732219202955bcfc40e

retail-santander.net Open in urlscan Pro 37.9.175.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

592 kBTransfer

1455 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

2 Cookies

Indicators

retail-santander.net Open in urlscan Pro
37.9.175.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

592 kB
Transfer

1455 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!