www.tuplansantander.com Open in urlscan Pro
158.82.145.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tuplansantander.com/
Effective URL:
https://www.tuplansantander.com/Login?ReturnUrl=%2F
Submission Tags: phishing
Submission: On July 06 via api (July 6th 2023, 7:42:50 pm UTC) from ES — Scanned from ES

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 158.82.145.204, located in United States and belongs to WILLISNORTHAMERICA, US. The main domain is www.tuplansantander.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on June 20th 2022. Valid for: a year.

This is the only time www.tuplansantander.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	158.82.145.204 158.82.145.204	40196 (WILLISNOR...) (WILLISNORTHAMERICA)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
22	4

19 158.82.145.204 (United States) 2 redirects

ASN40196 (WILLISNORTHAMERICA, US)

www.tuplansantander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	tuplansantander.com 2 redirects www.tuplansantander.com	3 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	142 KB
22	3

	Domain	Requested by
19	www.tuplansantander.com	2 redirects www.tuplansantander.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.tuplansantander.com www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
22	4

This site contains no links.

Subject Issuer	Validity	Valid
www.tuplansantander.com GlobalSign RSA OV SSL CA 2018	`2022-06-20` - `2023-07-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.tuplansantander.com/Login?ReturnUrl=%2F
Frame ID: 45144B919A1E6567C45EFE0429042456
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Santander

Page URL History Show full URLs

http://www.tuplansantander.com/ HTTP 302
https://www.tuplansantander.com/ HTTP 302
http://www.tuplansantander.com/Login?ReturnUrl=%2F HTTP 307
https://www.tuplansantander.com/Login?ReturnUrl=%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3077 kB
Transfer

3347 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tuplansantander.com/ HTTP 302
https://www.tuplansantander.com/ HTTP 302
http://www.tuplansantander.com/Login?ReturnUrl=%2F HTTP 307
https://www.tuplansantander.com/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
www.tuplansantander.com/
Redirect Chain

http://www.tuplansantander.com/
https://www.tuplansantander.com/
http://www.tuplansantander.com/Login?ReturnUrl=%2F
https://www.tuplansantander.com/Login?ReturnUrl=%2F

5 KB
6 KB

187ms
187ms

Document
text/html

158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

48d47c1e96a7a394f231918ca4be7cb90beba704c9fe8194402796b99b5d72bc

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: private,max-age=600
Content-Length: 4902
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Jul 2023 19:42:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN DENY
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.tuplansantander.com/Login?ReturnUrl=%2F
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bootstrap.css
www.tuplansantander.com/Content/ 149 KB
150 KB 171ms
171ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/bootstrap.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

cf17646c80abd346c10cbcd5e2eddbe010cc9a77c617b13f35e31fcc43b80b9c

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:57:59 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "e93547f1597ed71:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 152512
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.css
www.tuplansantander.com/Content/ 2 KB
2 KB 504ms
171ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/owl.carousel.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "d59cc0f1597ed71:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 1547
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK owl.theme.css
www.tuplansantander.com/Content/ 2 KB
2 KB 506ms
173ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/owl.theme.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "6522caf1597ed71:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 1743
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.tuplansantander.com/Content/ 42 KB
43 KB 506ms
172ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/style.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

5eb36d3d4fdff88ba8cbaaa4ee8a85aa2ef262dc6c55a2a7d3d62cdd69739724

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Tue, 17 May 2022 02:44:02 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "ea5deaf79769d81:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 43072
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK style-D1.css
www.tuplansantander.com/Content/ 14 KB
15 KB 505ms
171ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/style-D1.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

5fa6bb1a2b1b8dc4f8a317265ba51b5e8ddf5be4ba139ebc5cfb4222c5692a3c

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Fri, 12 Nov 2021 11:41:20 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "bd2f4a36bad7d71:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 14581
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK company-style.css
www.tuplansantander.com/Styles/ 9 KB
10 KB 507ms
173ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Styles/company-style.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

a06d369fe0913cbd4c65990dcfed1e2b0b924a48f4716b8fcec067e4da9c235b

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Thu, 06 Jul 2023 19:42:41 GMT
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: DENY
Content-Type: text/css; charset=utf-8
Cache-Control: private, max-age=3600,max-age=600
Content-Length: 9165
X-Xss-Protection: 1; mode=block
Expires: Thu, 06 Jul 2023 20:42:41 GMT

GET
H/1.1 200
OK site.css
www.tuplansantander.com/Content/ 29 KB
29 KB 677ms
170ms Stylesheet
text/css 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Content/site.css

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

768d0b798db69961b22488b2c86ed316e4f30d5c8513c036be4a70e7fc2a9726

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:00 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "599d6f1597ed71:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 29345
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.tuplansantander.com/Scripts/ 87 KB
88 KB 678ms
171ms Script
application/javascript 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Scripts/jquery-3.6.0.min.js

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

618360fa506f29f16a755ffc1dceb6db2f194c4f66ac32d2503f0a5f9a735a95

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:13 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "58f597f9597ed71:0"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 89413
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
www.tuplansantander.com/Scripts/ 39 KB
39 KB 845ms
337ms Script
application/javascript 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Scripts/bootstrap.min.js

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

5ef889a83c52a2b5760c9613d699f81044475da8de2dbd3b29020f959d31e78e

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:40 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:13 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "f3c552f9597ed71:0"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 39553
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK owl.carousel.js Show response
www.tuplansantander.com/Scripts/ 53 KB
54 KB 843ms
173ms Script
application/javascript 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/Scripts/owl.carousel.js

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Tue, 16 Jan 2018 16:36:54 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "0d79537e88ed31:0"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 54308
X-Xss-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 215ms
79ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-89907842-1

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

847eb7d7768949069a95efa1acfe0942cf370b2d4dfc40a59ed09e56a5b5f6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:42:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65387
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:13:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 19:42:42 GMT

GET
H/1.1 200
OK 20807149-579b-4bd6-a5bf-7d18a4a96058.png
www.tuplansantander.com/Images/ 3 KB
3 KB 177ms
171ms Image
image/png 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tuplansantander.com/Images/20807149-579b-4bd6-a5bf-7d18a4a96058.png

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

25fe88e2eac120f1a8ed7f03971f4093ea413eb71a35a142936b1165d6c0519d

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Fri, 28 May 2021 13:33:28 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "e3a432bc653d71:0"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 2613
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK hint.png
www.tuplansantander.com/Content/img/ 2 KB
2 KB 171ms
171ms Image
image/png 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tuplansantander.com/Content/img/hint.png

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

d26e50691bbde50b9d195814883f52d6f072bd57b19ada83d7f6cf685a74412a

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Wed, 21 Jul 2021 17:58:03 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "15beaff3597ed71:0"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 1930
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 4437b971-9845-44fe-870e-e257ec053b7a.jpg
www.tuplansantander.com/Images/ 1 KB
2 KB 170ms
170ms Image
image/jpeg 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tuplansantander.com/Images/4437b971-9845-44fe-870e-e257ec053b7a.jpg

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

460bc709b25ee7076c1427b9c79fc4eb92b4f85efc045a4bfc897e3a8ffee820

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Tue, 15 Jun 2021 18:17:49 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "4b7bdbbf1262d71:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 1383
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 03bdf81a-3021-4221-9e3b-ba7d2b0cbcef.jpg
www.tuplansantander.com/Images/ 1 MB
1 MB 181ms
181ms Image
image/jpeg 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tuplansantander.com/Images/03bdf81a-3021-4221-9e3b-ba7d2b0cbcef.jpg

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Styles/company-style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

fb19f7efe8714df15efcb4a4dac056f75f70b3ca7115c12db100160d02e46408

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/Styles/company-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Tue, 15 Jun 2021 18:37:58 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "4175901562d71:0"
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 1213144
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Lato-Bold.ttf
www.tuplansantander.com/fonts/ 642 KB
642 KB 170ms
170ms Font
application/octet-stream 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/fonts/Lato-Bold.ttf

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Content/style-D1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tuplansantander.com/Content/style-D1.css
Origin: https://www.tuplansantander.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Tue, 14 Jun 2016 05:23:58 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "06b9cf3fcc5d11:0"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 657188
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Lato-Regular.ttf
www.tuplansantander.com/fonts/ 642 KB
642 KB 175ms
175ms Font
application/octet-stream 158.82.145.204
WILLISNORTHAMERICA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuplansantander.com/fonts/Lato-Regular.ttf

Requested by

Host: www.tuplansantander.com
URL: https://www.tuplansantander.com/Content/style-D1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

158.82.145.204 , United States, ASN40196 (WILLISNORTHAMERICA, US),

Reverse DNS

Software

Resource Hash

6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780

Security Headers

Name	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tuplansantander.com/Content/style-D1.css
Origin: https://www.tuplansantander.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *;img-src * 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
X-Content-Type-Options: nosniff
Date: Thu, 06 Jul 2023 19:42:41 GMT
Last-Modified: Tue, 14 Jun 2016 05:23:58 GMT
X-Permitted-Cross-Domain-Policies: none
ETag: "06b9cf3fcc5d11:0"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 657212
X-Xss-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 79ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-96BBNSN4EM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89907842-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df152c046e2936008b420834abbcc03472cdaf3f76cc33dc1a50ef4b017db8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:42:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 19:42:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 196ms
63ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89907842-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 18:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4043
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 20:35:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 145ms
52ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-96BBNSN4EM&gtm=45je36s0&_p=1904669840&cid=2086655910.1688672563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688672562&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuplansantander.com%2FLogin%3FReturnUrl%3D%252F&dt=Santander&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-96BBNSN4EM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.tuplansantander.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 19:42:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuplansantander.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
213 B 71ms
71ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1904669840&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuplansantander.com%2FLogin%3FReturnUrl%3D%252F&ul=en-us&de=UTF-8&dt=Santander&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAIC~&jid=536404608&gjid=130053267&cid=2086655910.1688672563&tid=UA-89907842-1&_gid=1531767715.1688672563&_r=1&gtm=457e36s0&z=139005501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuplansantander.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 19:42:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuplansantander.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tuplansantander.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kdas2xt4neuinoxnx0n0tmp2
www.tuplansantander.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: HbzM9Q2hopahU3HBYQ6yFLzgE7tBYqn74ePnaZcVJwURpeBcJ3wpwbyV0IwVM7j-f6is9NyjR1S9mhFrgz2IqAjEskbO8E_wRs2nrlfWXtc1
www.tuplansantander.com/	1969-12-31 23:59:59	Name: TS01920e0b Value: 01bfca5a25c826000fa9e58ab3e57d60544ad419db8a5d1a6abdfce07ae15174db1ad979156da3aecd0dd8437af1bea3128330b1a51c558a3cb4372864a307d41f001c52d06c59d7b9b4ecf3d3832f1172ba8b94b7
.tuplansantander.com/	1970-01-20 13:04:39	Name: _ga_96BBNSN4EM Value: GS1.1.1688672562.1.0.1688672562.0.0.0
.tuplansantander.com/	1970-01-20 13:04:39	Name: _ga Value: GA1.2.2086655910.1688672563
.tuplansantander.com/	1970-01-20 13:04:39	Name: _gid Value: GA1.2.1531767715.1688672563
.tuplansantander.com/	1970-01-20 13:04:39	Name: _gat_gtag_UA_89907842_1 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src ;img-src 'unsafe-inline' data:;script-src 'unsafe-inline' 'unsafe-eval';script-src-elem * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.tuplansantander.com
158.82.145.204
2001:4860:4802:32::36
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2008
25fe88e2eac120f1a8ed7f03971f4093ea413eb71a35a142936b1165d6c0519d
460bc709b25ee7076c1427b9c79fc4eb92b4f85efc045a4bfc897e3a8ffee820
48d47c1e96a7a394f231918ca4be7cb90beba704c9fe8194402796b99b5d72bc
5eb36d3d4fdff88ba8cbaaa4ee8a85aa2ef262dc6c55a2a7d3d62cdd69739724
5ef889a83c52a2b5760c9613d699f81044475da8de2dbd3b29020f959d31e78e
5fa6bb1a2b1b8dc4f8a317265ba51b5e8ddf5be4ba139ebc5cfb4222c5692a3c
618360fa506f29f16a755ffc1dceb6db2f194c4f66ac32d2503f0a5f9a735a95
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
768d0b798db69961b22488b2c86ed316e4f30d5c8513c036be4a70e7fc2a9726
847eb7d7768949069a95efa1acfe0942cf370b2d4dfc40a59ed09e56a5b5f6d3
a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43
a06d369fe0913cbd4c65990dcfed1e2b0b924a48f4716b8fcec067e4da9c235b
a72843979d55dc4d5d9bcac65c18b3b75d753258c9fece915f49e9ad52a290b8
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
c9430ccc20d8d58e10dbcaba36ae11739cf20190424b6f55c0d8cf90241658f6
cf17646c80abd346c10cbcd5e2eddbe010cc9a77c617b13f35e31fcc43b80b9c
d26e50691bbde50b9d195814883f52d6f072bd57b19ada83d7f6cf685a74412a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df152c046e2936008b420834abbcc03472cdaf3f76cc33dc1a50ef4b017db8a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb19f7efe8714df15efcb4a4dac056f75f70b3ca7115c12db100160d02e46408

www.tuplansantander.com Open in urlscan Pro 158.82.145.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

3077 kBTransfer

3347 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

www.tuplansantander.com Open in urlscan Pro
158.82.145.204 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3077 kB
Transfer

3347 kB
Size

7
Cookies

22 HTTP transactions
0 data transactions