asgard.santander.pl Open in urlscan Pro
193.41.231.77  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set login.do Show response asgard.santander.pl/web/main/	5 KB 3 KB	227ms 76ms	Document text/html	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Full URL https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash 866e21fc925480418892404b3b0353c4f15a9770ac5b923b85854997db730a54 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN DENY X-Xss-Protection 1; mode=block 1; mode=block Request headers Host asgard.santander.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 13:50:11 GMT X-Frame-Options SAMEORIGIN DENY Strict-Transport-Security max-age=31536000; includeSubdomains; max-age=31536000 ; includeSubDomains X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block 1; mode=block Expires Thu, 01 Dec 1994 16:00:00 GMT Cache-Control no-cache="set-cookie, set-cookie2" Vary Accept-Encoding Content-Encoding gzip Set-Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; Path=/; HttpOnly;Secure TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350; Path=/; Secure; HTTPOnly Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Keep-Alive timeout=1, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Language en-US Transfer-Encoding chunked
GET H/1.1	200 OK	reset.css asgard.santander.pl/web/common/css/	3 KB 2 KB	75ms 74ms	Stylesheet text/css	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Full URL https://asgard.santander.pl/web/common/css/reset.css Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash bea75f95c914a2a48eaf18d95f88f33348164493fd22e4e6d679cd7a255409e7 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:47:26 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type text/css Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=99
GET H/1.1	200 OK	common.css asgard.santander.pl/web/common/css/	16 KB 3 KB	139ms 64ms	Stylesheet text/css	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Full URL https://asgard.santander.pl/web/common/css/common.css Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash a587f5c11b42d280760e70dd496f25426ac6fe6a70c3d06e937ee5b8ac6c5b56 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:46:16 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type text/css Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=98
GET H/1.1	200 OK	keys.js Show response asgard.santander.pl/web/common/js/datepicker/	2 KB 2 KB	129ms 53ms	Script application/javascript	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Full URL https://asgard.santander.pl/web/common/js/datepicker/keys.js Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash 7971eccc6d2e79e9fcc66e1f19a09386e0f4d330a7ab824392ac0d8bb49702e5 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:46:02 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type application/javascript Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=100
GET H/1.1	200 OK	general.js Show response asgard.santander.pl/web/common/js/datepicker/	2 KB 2 KB	157ms 72ms	Script application/javascript	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Full URL https://asgard.santander.pl/web/common/js/datepicker/general.js Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash 8b0a8d73b414e16bfbc949966b563c9ca7bb81773a581cf3bc68a0fb40901714 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:47:06 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type application/javascript Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=100
GET H/1.1	200 OK	logo.png asgard.santander.pl/web/common/img/	21 KB 18 KB	41ms 41ms	Image image/png	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Show image Full URL https://asgard.santander.pl/web/common/img/logo.png Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash 37c8b5fc145089a3746fa97eabf91e2ed5834e23b0eef78ed0fadbdbfa65e805 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:47:22 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type image/png Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=97
GET H/1.1	200 OK	error.png asgard.santander.pl/web/common/img/	375 B 985 B	58ms 58ms	Image image/png	193.41.231.77 PL_SANTANDER_TRAN...
General Check archive.org Show headers Download Go to Show image Full URL https://asgard.santander.pl/web/common/img/error.png Requested by Host: asgard.santander.pl URL: https://asgard.santander.pl/web/main/login.do Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.41.231.77 , Poland, ASN59977 (PL_SANTANDER_TRANSIT_AS, PL), Reverse DNS Software / Resource Hash 01dd81d1cb09a97a92ca33337a904e6d74013b72e6a45ca715053c19c7919e73 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Strict-Transport-Security max-age=31536000; includeSubdomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host asgard.santander.pl Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://asgard.santander.pl/web/main/login.do Cookie JSESSIONID=0000yr0fzHTwWVlGq4fg3KYfYkg:-1; TS018ad11d=01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350 Connection keep-alive Referer https://asgard.santander.pl/web/main/login.do User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Thu, 05 Mar 2020 07:46:18 GMT Date Fri, 13 Aug 2021 13:50:12 GMT X-Frame-Options SAMEORIGIN Content-Language en-US Transfer-Encoding chunked Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; Connection Keep-Alive Content-Type image/png Vary Accept-Encoding X-XSS-Protection 1; mode=block Keep-Alive timeout=1, max=99

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| hex_chr function| hex function| str2blks_SHA1 function| safe_add function| ft function| kt function| rol function| cmn function| ff function| gg function| hh function| ii function| submitLoginAction function| submitChangePasswordAction function| loginE function| trimString function| showTab function| openPopup object| multiArray function| multipleOnLoad function| getPrev function| urlencode function| setCookie function| getCookie boolean| navMac boolean| navMacIE boolean| navIE4

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			asgard.santander.pl/	1969-12-31 23:59:59	Name: TS018ad11d Value: 01466b199ed96aea4865a6e79e089708256f3fb802d829e4566fbd772622baa4ad679c46ab18bbdaf287114d39aa14c7d049474e080db587f29265be0d27527ef64b8ef350
			asgard.santander.pl/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000yr0fzHTwWVlGq4fg3KYfYkg:-1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubdomains; max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asgard.santander.pl
193.41.231.77
01dd81d1cb09a97a92ca33337a904e6d74013b72e6a45ca715053c19c7919e73
37c8b5fc145089a3746fa97eabf91e2ed5834e23b0eef78ed0fadbdbfa65e805
7971eccc6d2e79e9fcc66e1f19a09386e0f4d330a7ab824392ac0d8bb49702e5
866e21fc925480418892404b3b0353c4f15a9770ac5b923b85854997db730a54
8b0a8d73b414e16bfbc949966b563c9ca7bb81773a581cf3bc68a0fb40901714
a587f5c11b42d280760e70dd496f25426ac6fe6a70c3d06e937ee5b8ac6c5b56
bea75f95c914a2a48eaf18d95f88f33348164493fd22e4e6d679cd7a255409e7