urlscan.io logo urlscan.io
SecurityTrails logo

santander.flexopus.com Open in urlscan Pro
94.130.119.99  Public Scan

Go To Rescan Add Verdict Report
URL: https://santander.flexopus.com/
Submission Tags: @phishunt_io
Submission: On May 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 94.130.119.99, located in Germany and belongs to HETZNER-AS, DE. The main domain is santander.flexopus.com.
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.
This is the only time santander.flexopus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 94.130.119.99 24940 (HETZNER-AS)
23 2
Apex Domain
Subdomains		 Transfer
22 flexopus.com
santander.flexopus.com
sentry.flexopus.com Failed
1 MB
23 1
Domain Requested by
22 santander.flexopus.com santander.flexopus.com
0 sentry.flexopus.com Failed santander.flexopus.com
23 2

This site contains links to these domains. Also see Links.

Domain
support.microsoft.com
www.mozilla.org
www.google.com
flexopus.com
help.flexopus.com
Subject Issuer Validity Valid
*.flexopus.com
R3		 2023-05-05 -
2023-08-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://santander.flexopus.com/
Frame ID: 7ECD5013F54B23AC56083BE8E1C0E8D4
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flexopus - The Desk Sharing Solution

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

1036 kB
Transfer

3312 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
santander.flexopus.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
a61e0bff30770235f43429dbe105b9ac816db15aeab89dc7f14a154aca56f529
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-length
3126
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-type
text/html
date
Mon, 08 May 2023 20:56:09 GMT
etag
"470d3ccc3c2cee4902269fb31f8a5aac"
last-modified
Wed, 26 Apr 2023 18:47:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Origin Accept-Encoding
x-amz-request-id
175D468458675C0B
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runtime~app.a77716ae535f347f.js
santander.flexopus.com/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
25a2f3911a3fbbdd665aa2411654ba38677e00c76463ca2341f054a28515d548
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845AB685BB
etag
"b4155c651c3e0919fac79cba2a95ea20"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
node_vendors.1aefc480ca68d5d8.js
santander.flexopus.com/dist/ 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/dist/node_vendors.1aefc480ca68d5d8.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
49cb0b282e8d3df6e1b02129bb543d6bd044c79a85f73244c1bb4c2f5d508745
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:58 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845AB9A0AA
etag
"58f791259cb8cc3dae9625910e282abb"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
3324.509f73aa3aec8297.js
santander.flexopus.com/dist/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/dist/3324.509f73aa3aec8297.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
b788b1fda58d9070e52a6b350dc0e8c192ef8af733ca128d6af26042f2115527
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845AF90520
etag
"266e67e83f0acad4d22f1382b62a2212"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
app.941196d39ad47f18.js
santander.flexopus.com/dist/ 		960 KB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/dist/app.941196d39ad47f18.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
dfe7cf3642c857b63afeb4ab13c29003c473ebfa5bce02c909dac27231bdfb47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:58 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845AF358A1
etag
"85ba62db31ae1d7093e21c3b5da47a42"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
node_vendors.927f766213d41f87.css
santander.flexopus.com/css/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/node_vendors.927f766213d41f87.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
6bdee65ef36657bfbe9c0ce3e5edb8a4748f5dd7e400b8eb3b026e96eb463f82
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845AF260FA
etag
"389f64277ec2f3b60b88e342476b0093"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
3324.7edbfae7408f7d19.css
santander.flexopus.com/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/3324.7edbfae7408f7d19.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
ca4ddd62ae2f79c828af701d8dc86cca48a67d7e8aaa26541945d7fee890411d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845B06512D
etag
"7820c964995801601e715251c66abffd"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2540
x-xss-protection
1; mode=block
app.f377ef07207a1cc2.css
santander.flexopus.com/css/ 		379 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/app.f377ef07207a1cc2.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
94cefd73cc24325c078c35a440dc8ae3d354fce5e65b14b05b8c38b2c874df70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:09 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46845B2F6BB9
etag
"9e5ccfb50f8ecc81773efbe1ad5ed676"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
cordova.js
santander.flexopus.com/ 		0
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/cordova.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
date
Mon, 08 May 2023 20:56:10 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
x-amz-request-id
175D46846600A705
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
/
sentry.flexopus.com/api/23/envelope/ 		0
0
poppins-v15-latin-ext_latin_devanagari-regular.9fb0bd94.woff2
santander.flexopus.com/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/fonts/poppins-v15-latin-ext_latin_devanagari-regular.9fb0bd94.woff2
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/css/app.f377ef07207a1cc2.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://santander.flexopus.com/css/app.f377ef07207a1cc2.css
Origin
https://santander.flexopus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D468474FA215E
x-xss-protection
1; mode=block
last-modified
Wed, 26 Apr 2023 18:46:58 GMT
server
nginx
etag
"c1b18d958fe3324db9f7e197faf0e0c8"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://santander.flexopus.com
access-control-expose-headers
Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
check
santander.flexopus.com/internal-api/auth/ 		45 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/internal-api/auth/check?version=2.22.9&buildDate=2023-04-26T20:43:46%2B02:00
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/node_vendors.1aefc480ca68d5d8.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
Apache /
Resource Hash
a5409f52bca0a75addaa99477932ed6bb1d14a808d69ee64f8290c4cb9ca4cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://santander.flexopus.com/
X-App-Version
2.22.9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 20:56:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000; preload
server
Apache
content-length
45
vary
Accept-Encoding
content-type
application/json
check
santander.flexopus.com/internal-api/auth/ 		45 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/internal-api/auth/check?version=2.22.9&buildDate=2023-04-26T20:43:46%2B02:00
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/node_vendors.1aefc480ca68d5d8.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
Apache /
Resource Hash
a5409f52bca0a75addaa99477932ed6bb1d14a808d69ee64f8290c4cb9ca4cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://santander.flexopus.com/
X-App-Version
2.22.9
X-XSRF-TOKEN
eyJpdiI6Im1Gbk5ReWZTVTlhTjBONmRjZk04aWc9PSIsInZhbHVlIjoiWUVoR0ZUTGsvMjhtZDlpRzRxY2pyc1JJRmlSV1VacDVUZHVGUlhuUDZuTTZLMm53NFRTYlZPbkFrTHltOHMwSGFvMWFhdkRRNzIyWEZUaWVoSUs5Ty9GeHBzaWFwZlAzYjNCYmJ2ZjUyZmRMQVJrYVdmcWNqZXNaRmcwNTgweTIiLCJtYWMiOiJlYjI5ODRiMzM5ODYyYTc2NjI0NTYyNjVlZDgxZDFmNTdjNjg1YjdjZTRhYmZlZGMwMDdjMjY3MDc1ZmRiZDUyIiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 20:56:10 GMT
cache-control
no-cache, private
strict-transport-security
max-age=31536000; preload
server
Apache
content-length
45
vary
Accept-Encoding
content-type
application/json
settings
santander.flexopus.com/internal-api/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/internal-api/settings
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/node_vendors.1aefc480ca68d5d8.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4061e2b1d00ccf794fd0ebf27ca6570ba8a7525ff27cde9bb0bc1e380a7482f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://santander.flexopus.com/
X-App-Version
2.22.9
X-XSRF-TOKEN
eyJpdiI6Im8zbEUyWjM0dFRaM00rVUtKR0tLOHc9PSIsInZhbHVlIjoiZkJPT1dKSUZNVmdObWdram5YcWlmckJqbUpkUjVHcDhtTzFyUFVQYzhkWnYzRWlFU1R6MjNsS0tiTk1LWmJMOFdGVU0zVVJnWk44azc1UmpLTWVJUTlFb1FBUjVUOVdCcE9pelJQS1g2d0duaUJtOVN2bE5lbjlYQ1AyQXdXWXIiLCJtYWMiOiJkMWM2Nzg5ZjZkNDZlYzA1NWMyMzJkMzM3YTdjYmI2YjgxOTdmNzU1ZDliNjk1ZWE0NThjMTk3OWJmOTJkNTEzIiwidGFnIjoiIn0=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 20:56:10 GMT
cache-control
no-cache, private
content-encoding
gzip
strict-transport-security
max-age=31536000; preload
server
Apache
vary
Accept-Encoding
content-type
application/json
8877.fe1767ce.css
santander.flexopus.com/css/ 		1 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/8877.fe1767ce.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
8d7c944a5bc77e1c92d81fc06948bc53962ed748a7b9ab1664db4efd6fd48858
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D4684835D5DE9
etag
"b6ac4b02c3657e75ae50d095641634e2"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
510
x-xss-protection
1; mode=block
8877.507ab85f.js
santander.flexopus.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/js/8877.507ab85f.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
b376081fec653ac99d6faf63d4cded16cfc83855d7a78dce827cb5d584db2f0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:47:01 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D4684838FE0F7
etag
"023298c1af7c5884abb9870f0d0c46d4"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2016
x-xss-protection
1; mode=block
8001.8f02a473.css
santander.flexopus.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/8001.8f02a473.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
57f5a15aa0027828901dcdae1b0db9da7a5d99e5378e64fb605f13789f6daf29
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46848391E9CA
etag
"7dc0adcb2081c3d82d648f602ff8b35d"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1221
x-xss-protection
1; mode=block
8001.11c31f98.js
santander.flexopus.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/js/8001.11c31f98.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
9d558aa398e4ca31617913a42efbffb8dde7857b40685007625f09ce104fe26c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:47:01 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D468483A1265C
etag
"58a3d53e1600c0d895d5afb9a9899608"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1232
x-xss-protection
1; mode=block
1955.a10ffe36.css
santander.flexopus.com/css/ 		99 B
178 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/css/1955.a10ffe36.css
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
f6af80ec027e6f7579651c59c03f10be4dd43ec595a5ffabbc734e221d9077af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
date
Mon, 08 May 2023 20:56:10 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 26 Apr 2023 18:46:57 GMT
server
nginx
x-amz-request-id
175D468483A50900
etag
"800b2cef73674a83baf788da5c217956"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
text/css
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
99
x-xss-protection
1; mode=block
1955.667a8dd3.js
santander.flexopus.com/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/js/1955.667a8dd3.js
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/dist/runtime~app.a77716ae535f347f.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
8ffa522649b28ab97d69504881069fd49c084d029b2326ae861f49e4ffb1cc17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:47:01 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D4684839B23A5
etag
"fe0fdd555deddd0095f13a089e3a9612"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
3801
x-xss-protection
1; mode=block
modern-cool-meeting-room.92a1eb85.webp
santander.flexopus.com/img/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander.flexopus.com/img/modern-cool-meeting-room.92a1eb85.webp
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
0e331bb92bd50ab1a6cf4c4450d053839736ac4c56ccb1f59a40a9471c738006
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
last-modified
Wed, 26 Apr 2023 18:47:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D4684864323C1
etag
"b93f64c347416b1ef11d57a10a8ba4ae"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
image/webp
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
uOR1g2NML4xdXVvgaJCAbq6in0hX8F8kf9cHwozl.svg
santander.flexopus.com/storage/tenant-38/1/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander.flexopus.com/storage/tenant-38/1/uOR1g2NML4xdXVvgaJCAbq6in0hX8F8kf9cHwozl.svg
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
Apache /
Resource Hash
73f5c23c6b6cd3ccd2c576c315e6a233dfeac83bcb05dca37b56f7929068eef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://santander.flexopus.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 20:56:10 GMT
strict-transport-security
max-age=31536000; preload
last-modified
Wed, 23 Jun 2021 13:08:22 GMT
server
Apache
etag
"423-5c56e99e4930c"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
1059
poppins-v15-latin-ext_latin_devanagari-500.34d62939.woff2
santander.flexopus.com/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander.flexopus.com/fonts/poppins-v15-latin-ext_latin_devanagari-500.34d62939.woff2
Requested by
Host: santander.flexopus.com
URL: https://santander.flexopus.com/css/app.f377ef07207a1cc2.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
94.130.119.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.99.119.130.94.clients.your-server.de
Software
nginx /
Resource Hash
c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://santander.flexopus.com/css/app.f377ef07207a1cc2.css
Origin
https://santander.flexopus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 20:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
175D46848666F7B8
x-xss-protection
1; mode=block
last-modified
Wed, 26 Apr 2023 18:46:58 GMT
server
nginx
etag
"43da4ab730e546177318024b9bdb66c4"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
font/woff2
access-control-allow-origin
https://santander.flexopus.com
access-control-expose-headers
Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sentry.flexopus.com
URL
https://sentry.flexopus.com/api/23/envelope/?sentry_key=72811aac7d704166a6f97d858e929fd3&sentry_version=7

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| internetExplorerVersionValue function| internetExplorerVersion object| webpackChunkflexopus_frontend function| clearImmediate function| setImmediate object| __SENTRY__ object| displayDevice function| Hammer

2 Cookies

Domain/Path Name / Value
santander.flexopus.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkMzUzdMNGJ2ME9zTkdxY2F0SlZTcGc9PSIsInZhbHVlIjoiY1AxZUQyaGd0QVRQTy9vUDI5NGlmWFJtMnUyNmJycnk3YjJZMjdITnFmTlJBaWpLN0s2RFJxWTkvOHcxMG5aQWlJTm5ORHdZVlY1b2hRUEptMlRYL3UvL1N1blBhMFNWcXFCb2pqeFpKWE9zZkRwL1RjNFVyaUxwemFEcXFqRjUiLCJtYWMiOiJmZmRjNTRjY2UyOWZhNTU1ZmYxNjExODhmNDIzYjIzYmY1Mjg0YWY5OGRjM2RlOTVjZjIxYmE2YWFhMmJmZGJlIiwidGFnIjoiIn0%3D
santander.flexopus.com/ Name: flexopus_session
Value: eyJpdiI6IkFZUnlhRHpDODRSZHI3S2hvSWdRWlE9PSIsInZhbHVlIjoiOFh1WTA5NDNSY0VsaityT1JoTnBEaEwwanh5TDZ1bm8yNERWNU1wMkpjWEplelV5R2VPNzg2NTdQaTA3My8xQkF2ZW15SlpXcDJ1WkVLbkp6dVEwRHZuTjVCNXlLNjE2UXNHZ3pXb1dON000Yklaa0dzWkpoM1VRSUl0aVppMnoiLCJtYWMiOiJhMDVjYzE3OGMwNTA1ZWY0MTE4YmFkZmE1ZTBmN2Y5MzMwMTlmYWI5NjQwNTA2ZTdiMDc0ZDY2YjlmOTRjNTU4IiwidGFnIjoiIn0%3D

2 Console Messages

Source Level URL
Text
javascript error URL: https://santander.flexopus.com/
Message:
Access to fetch at 'https://sentry.flexopus.com/api/23/envelope/?sentry_key=72811aac7d704166a6f97d858e929fd3&sentry_version=7' from origin 'https://santander.flexopus.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://sentry.flexopus.com/api/23/envelope/?sentry_key=72811aac7d704166a6f97d858e929fd3&sentry_version=7
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.microsoft365.com *.office.com *.office365.com outlook.live.com outlook.office.com outlook.office365.com outlook-sdf.office.com outlook-sdf.office365.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

santander.flexopus.com
sentry.flexopus.com
sentry.flexopus.com
94.130.119.99
0e331bb92bd50ab1a6cf4c4450d053839736ac4c56ccb1f59a40a9471c738006
25a2f3911a3fbbdd665aa2411654ba38677e00c76463ca2341f054a28515d548
4061e2b1d00ccf794fd0ebf27ca6570ba8a7525ff27cde9bb0bc1e380a7482f1
49cb0b282e8d3df6e1b02129bb543d6bd044c79a85f73244c1bb4c2f5d508745
57f5a15aa0027828901dcdae1b0db9da7a5d99e5378e64fb605f13789f6daf29
6bdee65ef36657bfbe9c0ce3e5edb8a4748f5dd7e400b8eb3b026e96eb463f82
73f5c23c6b6cd3ccd2c576c315e6a233dfeac83bcb05dca37b56f7929068eef8
8d7c944a5bc77e1c92d81fc06948bc53962ed748a7b9ab1664db4efd6fd48858
8ffa522649b28ab97d69504881069fd49c084d029b2326ae861f49e4ffb1cc17
94cefd73cc24325c078c35a440dc8ae3d354fce5e65b14b05b8c38b2c874df70
9d558aa398e4ca31617913a42efbffb8dde7857b40685007625f09ce104fe26c
a5409f52bca0a75addaa99477932ed6bb1d14a808d69ee64f8290c4cb9ca4cd9
a61e0bff30770235f43429dbe105b9ac816db15aeab89dc7f14a154aca56f529
b376081fec653ac99d6faf63d4cded16cfc83855d7a78dce827cb5d584db2f0b
b788b1fda58d9070e52a6b350dc0e8c192ef8af733ca128d6af26042f2115527
bca0cbef4d9a1480419d2e87f92f86f2b04237f91c1a36800ff4929370b931a4
c293b3aeb4898d08cc511c812408a728d6c707c464078342d9af91adcb3adc8a
ca4ddd62ae2f79c828af701d8dc86cca48a67d7e8aaa26541945d7fee890411d
dfe7cf3642c857b63afeb4ab13c29003c473ebfa5bce02c909dac27231bdfb47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6af80ec027e6f7579651c59c03f10be4dd43ec595a5ffabbc734e221d9077af