urlscan.io logo urlscan.io
SecurityTrails logo

santander-mx.us.nexthink.cloud Open in urlscan Pro
3.21.9.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://santander-mx-login.us.nexthink.cloud/
Effective URL: https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
Submission Tags: phishing
Submission: On July 28 via api from ES — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 28 HTTP transactions. The main IP is 3.21.9.51, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is santander-mx.us.nexthink.cloud.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 27th 2023. Valid for: a year.
This is the only time santander-mx.us.nexthink.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 15.197.195.200 16509 (AMAZON-02)
4 108.139.29.19 16509 (AMAZON-02)
1 21 3.21.9.51 16509 (AMAZON-02)
1 34.102.158.97 396982 (GOOGLE-CL...)
28 5
3    15.197.195.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac4b547508e00da8e.awsglobalaccelerator.com
santander-mx-login.us.nexthink.cloud
4    108.139.29.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-19.jfk50.r.cloudfront.net
ok9static.oktacdn.com
21    3.21.9.51 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-9-51.us-east-2.compute.amazonaws.com
santander-mx.us.nexthink.cloud
1    34.102.158.97 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.158.102.34.bc.googleusercontent.com
content.insights.nexthink.com
Apex Domain
Subdomains		 Transfer
24 nexthink.cloud
santander-mx-login.us.nexthink.cloud
santander-mx.us.nexthink.cloud
1 MB
4 oktacdn.com
ok9static.oktacdn.com — Cisco Umbrella Rank: 35745
591 KB
1 nexthink.com
content.insights.nexthink.com — Cisco Umbrella Rank: 474729
0 okta.com Failed
login.okta.com Failed
28 4
Domain Requested by
21 santander-mx.us.nexthink.cloud 1 redirects santander-mx-login.us.nexthink.cloud
santander-mx.us.nexthink.cloud
4 ok9static.oktacdn.com santander-mx-login.us.nexthink.cloud
3 santander-mx-login.us.nexthink.cloud 1 redirects santander-mx-login.us.nexthink.cloud
1 content.insights.nexthink.com santander-mx.us.nexthink.cloud
0 login.okta.com Failed ok9static.oktacdn.com
28 5

This site contains no links.

Subject Issuer Validity Valid
santander-mx-login.us.nexthink.cloud
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
*.us.nexthink.cloud
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
content.insights.nexthink.com
GTS CA 1D4		 2023-06-03 -
2023-09-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
Frame ID: A868DC4ABBC310595E979B21D81E443C
Requests: 27 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 9DD96C697074D7C5C7BDB137787721B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://santander-mx-login.us.nexthink.cloud/ HTTP 302
    https://santander-mx-login.us.nexthink.cloud// Page URL
  2. https://santander-mx.us.nexthink.cloud/ Page URL
  3. https://santander-mx.us.nexthink.cloud/hierarchy?redirectTo=%2F HTTP 302
    https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • highcharts.*\.js

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1972 kB
Transfer

5608 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://santander-mx-login.us.nexthink.cloud/ HTTP 302
    https://santander-mx-login.us.nexthink.cloud// Page URL
  2. https://santander-mx.us.nexthink.cloud/ Page URL
  3. https://santander-mx.us.nexthink.cloud/hierarchy?redirectTo=%2F HTTP 302
    https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://santander-mx-login.us.nexthink.cloud/ HTTP 302
  • https://santander-mx-login.us.nexthink.cloud//

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
santander-mx-login.us.nexthink.cloud//
Redirect Chain
  • http://santander-mx-login.us.nexthink.cloud/
  • https://santander-mx-login.us.nexthink.cloud//
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://santander-mx-login.us.nexthink.cloud//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f3c41f182733fcab9ca40c6de8dfcc615677d776da0d846ef51f61707821be41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Fri, 28 Jul 2023 03:57:47 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
en
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZMM8u59WP8a5j8mcLBpjzQAADSo
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1690516727
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

Connection
Keep-Alive
Content-Length
230
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 28 Jul 2023 03:57:47 GMT
Keep-Alive
timeout=5, max=100
Location
https://santander-mx-login.us.nexthink.cloud//
Server
Apache
style-sheet
santander-mx-login.us.nexthink.cloud/api/internal/brand/theme/ 		556 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander-mx-login.us.nexthink.cloud/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=cc32bab7f9503f3f7fed663483b1c4b3b2208359593c7a01ab78d6fe44b43615929d08194364f5847ba64139827eac05
Requested by
Host: santander-mx-login.us.nexthink.cloud
URL: https://santander-mx-login.us.nexthink.cloud//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.195.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac4b547508e00da8e.awsglobalaccelerator.com
Software
nginx /
Resource Hash
def1bb171895402e944395a139202730ce78b7c2ce8ebfeb3d79f4150ee2236b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://santander-mx-login.us.nexthink.cloud//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-okta-request-id
ZMM8u59WP8a5j8mcLBpj0QAADSo
Date
Fri, 28 Jul 2023 03:57:47 GMT
content-security-policy
frame-ancestors 'self'
x-rate-limit-limit
2400
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2399
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy-report-only
default-src 'self' nx-santander-mx.okta.com santander-mx-login.us.nexthink.cloud *.oktacdn.com; connect-src 'self' nx-santander-mx.okta.com nx-santander-mx-admin.okta.com santander-mx-login.us.nexthink.cloud *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nx-santander-mx.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nx-santander-mx.okta.com santander-mx-login.us.nexthink.cloud *.oktacdn.com; style-src 'unsafe-inline' 'self' nx-santander-mx.okta.com santander-mx-login.us.nexthink.cloud *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nx-santander-mx.okta.com nx-santander-mx-admin.okta.com santander-mx-login.us.nexthink.cloud login.okta.com; img-src 'self' nx-santander-mx.okta.com santander-mx-login.us.nexthink.cloud *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nx-santander-mx.okta.com santander-mx-login.us.nexthink.cloud data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
x-rate-limit-reset
1690516727
cache-control
max-age=31536000, must-revalidate
Keep-Alive
timeout=5, max=99
expires
Sat, 27 Jul 2024 03:57:47 GMT
okta-sign-in.min.js
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.1/js/ 		2 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.1/js/okta-sign-in.min.js
Requested by
Host: santander-mx-login.us.nexthink.cloud
URL: https://santander-mx-login.us.nexthink.cloud//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
dab9e344553091451ee9dead9ca3bdf1413e1d96834a8b03cb3c664aa36428b0
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://santander-mx-login.us.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:58:34 GMT
x-amz-meta-sha1sum
dedb64a2f5ff681879aa2d41b1598e352c257fd7
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 fc527c9e0a8a22ce61e1580f7382bcf8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
813553
x-cache
Hit from cloudfront
last-modified
Tue, 18 Jul 2023 17:29:36 GMT
server
nginx
etag
W/"d309bc4de7fd459a9a2ff48c47789169"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
stsSMlqdbIxiCvLGeeQzGeSCBRd0lKlIJmuHhVmwX45jVBwpMps3UA==
expires
Wed, 17 Jul 2024 17:58:34 GMT
okta-sign-in.min.css
ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.1/css/ 		215 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.8.1/css/okta-sign-in.min.css
Requested by
Host: santander-mx-login.us.nexthink.cloud
URL: https://santander-mx-login.us.nexthink.cloud//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
ea8d801deb6776d5aaf273dfbc42d503fdaaa6f51c8934d0961e3f2a1ba13ceb
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://santander-mx-login.us.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:58:34 GMT
x-amz-meta-sha1sum
2db57e5601a30c7780b40f552a00caa8b9d2793b
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 fc527c9e0a8a22ce61e1580f7382bcf8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
813553
x-cache
Hit from cloudfront
last-modified
Tue, 18 Jul 2023 17:28:42 GMT
server
nginx
etag
W/"3f2139d29624833001c9b781419b2fa3"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
pkRn2t6wZHSe6zNZvjZ-bzaaCjoJNseBrnzmM0_zLJP_4Yf2Uc0GTw==
expires
Wed, 17 Jul 2024 17:58:34 GMT
custom-signin.241e0fb439244dc50c5929c0513a6765.css
ok9static.oktacdn.com/assets/loginpage/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/loginpage/css/custom-signin.241e0fb439244dc50c5929c0513a6765.css
Requested by
Host: santander-mx-login.us.nexthink.cloud
URL: https://santander-mx-login.us.nexthink.cloud//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://santander-mx-login.us.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 07:40:49 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 fc527c9e0a8a22ce61e1580f7382bcf8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
1282618
x-cache
Hit from cloudfront
last-modified
Tue, 22 Mar 2022 17:34:30 GMT
server
nginx
etag
W/"241e0fb439244dc50c5929c0513a6765"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
6HvgEqTKN4TTBIT8DuE_ZlUGRaqoaZDyvZ1HvKYTtMRapICHfI-kfQ==
expires
Fri, 12 Jul 2024 07:40:49 GMT
initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
ok9static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok9static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.d05a8c2e6bdf6d212b92af4d6b9cfefe.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-19.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://santander-mx-login.us.nexthink.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:17:04 GMT
x-amz-meta-sha1sum
34f075e4d0f6b20eb712a2053d423869bb60771b
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 fc527c9e0a8a22ce61e1580f7382bcf8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
age
1413644
x-cache
Hit from cloudfront
last-modified
Tue, 11 Jul 2023 18:51:47 GMT
server
nginx
etag
W/"d05a8c2e6bdf6d212b92af4d6b9cfefe"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
TL5RXaNSBvV5U-_fmohteFZW4Nb4zLWMzwlA5UgeQCU-QOw9zy_ePw==
expires
Wed, 10 Jul 2024 19:17:04 GMT
/
santander-mx.us.nexthink.cloud/ 		32 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/
Requested by
Host: santander-mx-login.us.nexthink.cloud
URL: https://santander-mx-login.us.nexthink.cloud//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
524269362ddf8351b47e25fdfba45cfb4f5fbfd61f6d68c8a05d8c6fe76c09b2
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://santander-mx-login.us.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

allow
GET, POST, HEAD
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
content-type
text/html; charset=utf-8
date
Fri, 28 Jul 2023 03:57:48 GMT
etag
W/"64c250d9-8088"
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-xss-protection
1; mode=block
iframe.html
login.okta.com/discovery/ Frame 9DD9 		0
0
new-relic-browser-config.js
santander-mx.us.nexthink.cloud/nxaws/product-shell/ 		237 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/nxaws/product-shell/new-relic-browser-config.js?version=1.0.0
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
41007cca25365e6a00174b3f4a155e7ba866fce519287970c3261cbd7e35ac75
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
W/"ed-kpBT7cDuudInHeH30+5w6/xmxzg"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
text/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-envoy-upstream-service-time
5
content-length
237
x-xss-protection
1; mode=block
react.production.min-16.9.0.js
santander-mx.us.nexthink.cloud/ps/lib/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/lib/react.production.min-16.9.0.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
391cd178cdf171d1ffbaee2a203d3bdae7851b9d4939ba10f5b54210cd039882
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
etag
W/"64c250d9-33b8"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
react-dom.production.min-16.9.0.js
santander-mx.us.nexthink.cloud/ps/lib/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/lib/react-dom.production.min-16.9.0.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ab11bcb142c336d213ee6e9c574db61880e421a9a82ac1a5c37fe7f4f721d32e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
etag
W/"64c250d9-1b6ce"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
highcharts-9.2.2.js
santander-mx.us.nexthink.cloud/ps/lib/highcharts/ 		291 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/lib/highcharts/highcharts-9.2.2.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
32500251349a69f3281061abc9ba20a6231151499e209b11c2a4de603ec6ffe5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:13:39 GMT
etag
W/"64c25163-48d52"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
accessibility-9.2.2.js
santander-mx.us.nexthink.cloud/ps/lib/highcharts/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/lib/highcharts/accessibility-9.2.2.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
772b077603d928097e004440afc64d75bbc23a97e0ef7dd4d0d1948dddd8b89d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
etag
W/"64c250d9-1baeb"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
runtime.7fc6e0ee2a7f826c496f.js
santander-mx.us.nexthink.cloud/ps/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/runtime.7fc6e0ee2a7f826c496f.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
eaf19e99f3717c6a96a22bafb2b52eb1c0177ac035012cb187346b143730f27a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:13:39 GMT
etag
W/"64c25163-6af"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
nxVendor.a8da449069c3ab5908e1.js
santander-mx.us.nexthink.cloud/ps/ 		1 MB
392 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/nxVendor.a8da449069c3ab5908e1.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
90b1a5f59fdf925609000aac9693eea2612c2e62bd84804ad1da395cef67658b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
etag
W/"64c250d9-1342ef"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
vendor.74b558e397a0212db604.js
santander-mx.us.nexthink.cloud/ps/ 		402 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/vendor.74b558e397a0212db604.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
35333a6ae8caf8d43fd0ced892900123516440bd2bf2740ea976cfed147c6ec0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:11:21 GMT
etag
W/"64c250d9-649c5"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
productShell.8eb36c1392bab55ce452.js
santander-mx.us.nexthink.cloud/ps/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/productShell.8eb36c1392bab55ce452.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
458a39a61c8f8303f37986cb6e69ec250a587c22285e4db459d5f138a052b887
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:13:39 GMT
etag
W/"64c25163-31f72"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
pendo.js
content.insights.nexthink.com/agent/static/1a612c3e-c872-4dbb-4aba-3a4830d1951a/ 		417 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.insights.nexthink.com/agent/static/1a612c3e-c872-4dbb-4aba-3a4830d1951a/pendo.js
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.158.97 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.158.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdsgO9Obx3-bFpVhWqnQWcZ4hA3TDXwAZ7NZWIvXZOu33BvyhWh-HB0GcTERTf1mSxuW18pRh3hr-AXkLliFiK1ztO59kyRO
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141287
last-modified
Thu, 27 Jul 2023 18:09:09 GMT
server
UploadServer
etag
"a643e89217ce8c0344d30cf5eaee595c"
vary
Accept-Encoding
x-goog-generation
1690481349012403
x-goog-hash
crc32c=ukUtKQ==, md5=pkPokhfOjANE0wz16u5ZXA==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=450,public
x-goog-stored-content-length
141287
accept-ranges
bytes
content-type
application/javascript
PortalServlet
santander-mx.us.nexthink.cloud/ 		73 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/PortalServlet
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

tracestate
2729005@nr=0-1-2820182-Trusted key for NR Browser app-8147cf2945cf6f79----1690516669114
traceparent
00-97dd184b6d486ae2c80479990f0da676-8147cf2945cf6f79-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4MjAxODIiLCJhcCI6IlRydXN0ZWQga2V5IGZvciBOUiBCcm93c2VyIGFwcCIsImlkIjoiODE0N2NmMjk0NWNmNmY3OSIsInRyIjoiOTdkZDE4NGI2ZDQ4NmFlMmM4MDQ3OTk5MGYwZGE2NzYiLCJ0aSI6MTY5MDUxNjY2OTExNCwidGsiOiIyNzI5MDA1In19
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Accept
application/json, text/plain, */*
Referer

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/json
cache-control
must-revalidate,no-cache,no-store, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
73
x-xss-protection
1; mode=block
2505c0d4b34ffca98f8f.woff2
santander-mx.us.nexthink.cloud/ps/assets/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/ps/assets/2505c0d4b34ffca98f8f.woff2
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d795ce313707aebcfb524454b1a7b99c7094d6f5e075801ab5f3ddf92452c2d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://santander-mx.us.nexthink.cloud/
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time
2
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 27 Jul 2023 11:13:39 GMT
etag
W/"64c25163-18810"
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
text/plain; charset=utf-8
cache-control
public, immutable, max-age=31536000
x-webkit-csp
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
x-content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
logout
santander-mx.us.nexthink.cloud/login/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/login/logout
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
tracestate
2729005@nr=0-1-2820182-Trusted key for NR Browser app-d41b8a1b616f49b4----1690516669538
traceparent
00-ef8064b17822fd7497d5a5a31bd39fad-d41b8a1b616f49b4-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4MjAxODIiLCJhcCI6IlRydXN0ZWQga2V5IGZvciBOUiBCcm93c2VyIGFwcCIsImlkIjoiZDQxYjhhMWI2MTZmNDliNCIsInRyIjoiZWY4MDY0YjE3ODIyZmQ3NDk3ZDVhNWEzMWJkMzlmYWQiLCJ0aSI6MTY5MDUxNjY2OTUzOCwidGsiOiIyNzI5MDA1In19

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
etag
"64b743fb-6b2"
content-length
1714
allow
GET, POST, HEAD
content-type
text/html
Primary Request login
santander-mx.us.nexthink.cloud/
Redirect Chain
  • https://santander-mx.us.nexthink.cloud/hierarchy?redirectTo=%2F
  • https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/ps/productShell.8eb36c1392bab55ce452.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
81cd2373b06c10e047c3a682ad572e07d3b411e77df6e200e2afe20ab7940a89
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://santander-mx.us.nexthink.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

allow
GET, POST, HEAD
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
content-type
text/html;charset=utf-8
date
Fri, 28 Jul 2023 03:57:49 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

allow
GET, POST, HEAD
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
date
Fri, 28 Jul 2023 03:57:49 GMT
location
https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
portal.css
santander-mx.us.nexthink.cloud/login/ 		166 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/login/portal.css?6.30.16.0
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
fd58229db45a7d82ac8dc04e7564b38f78172fb98e2140c118046a8d9da62ac4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
text/css;charset=utf-8
cache-control
public, immutable, max-age=31536000
x-xss-protection
1; mode=block
logo
santander-mx.us.nexthink.cloud/login/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-mx.us.nexthink.cloud/login/logo
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login?redirectTo=%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
3958ad8693980542aa5ea92ffdea55adb2edeadc8d280240141b37ed0dfd30f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-xss-protection
1; mode=block
login-bg.jpg
santander-mx.us.nexthink.cloud/login/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://santander-mx.us.nexthink.cloud/login/login-bg.jpg?6.30.16.0
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login/portal.css?6.30.16.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
33c2e4624d6bd52438f9c3f7d93897826e8503ed7cd7a14136cb437fda473e93
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
image/jpeg
cache-control
public, immutable, max-age=31536000
x-xss-protection
1; mode=block
Inter-Regular.woff2
santander-mx.us.nexthink.cloud/fonts/Inter/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/fonts/Inter/Inter-Regular.woff2
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login/portal.css?6.30.16.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/octet-stream
cache-control
public, immutable, max-age=31536000
x-xss-protection
1; mode=block
Inter-SemiBold.woff2
santander-mx.us.nexthink.cloud/fonts/Inter/ 		104 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/fonts/Inter/Inter-SemiBold.woff2
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login/portal.css?6.30.16.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/octet-stream
cache-control
public, immutable, max-age=31536000
x-xss-protection
1; mode=block
Inter-Medium.woff2
santander-mx.us.nexthink.cloud/fonts/Inter/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://santander-mx.us.nexthink.cloud/fonts/Inter/Inter-Medium.woff2
Requested by
Host: santander-mx.us.nexthink.cloud
URL: https://santander-mx.us.nexthink.cloud/login/portal.css?6.30.16.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.9.51 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-9-51.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://santander-mx.us.nexthink.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 03:57:49 GMT
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://js-agent.newrelic.com https://data.insights.nexthink.com https://content.insights.nexthink.com https://app.eu.pendo.io https://pendo-eu-static.storage.googleapis.com https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; style-src 'self' 'unsafe-inline' https://content.insights.nexthink.com https://app.eu.pendo.io https://cdn.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; img-src 'self' blob: data: https://content.insights.nexthink.com https://data.insights.nexthink.com https://cdn.eu.pendo.io https://app.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com https://data.eu.pendo.io; connect-src 'self' https://bam.eu01.nr-data.net/ https://bam-cell.eu01.nr-data.net/ https://data.insights.nexthink.com https://app.eu.pendo.io https://data.eu.pendo.io https://pendo-eu-static-5731518632820736.storage.googleapis.com; frame-ancestors 'self' https://app.eu.pendo.io; child-src 'self' https://app.eu.pendo.io blob:; font-src 'self' data:; worker-src 'self' blob:;
x-content-type-options
nosniff
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
application/octet-stream
cache-control
public, immutable, max-age=31536000
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.okta.com
URL
https://login.okta.com/discovery/iframe.html

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LOGIN_COOKIE_NAME string| ERROR_CODE_UNAUTHORIZED string| ERROR_CODE_UNAUTHORIZED_LOGIN string| ERROR_CODE_SSO_CONFIG_PROBLEM string| ERROR_CODE_SSO_NONEXISTENT_USER string| ERROR_CODE_SAML_UNAUTHORIZED function| ssoLogin function| getElementById function| forEach function| getUrlParam function| inputUpdated function| getRedirectTo function| getErrorText function| updateCookie function| getLoginFromCookie function| saveLoginInCookie function| eraseLoginFromCookie object| translations

3 Cookies

Domain/Path Name / Value
santander-mx-login.us.nexthink.cloud/ Name: t
Value: default
santander-mx-login.us.nexthink.cloud/ Name: DT
Value: DI1WC-3JIaTSBub4W4ga4I-Fg
santander-mx-login.us.nexthink.cloud/ Name: JSESSIONID
Value: DC859353C44E9B32C6BF96DD113A196C

2 Console Messages

Source Level URL
Text
network error URL: https://santander-mx.us.nexthink.cloud/PortalServlet
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://santander-mx.us.nexthink.cloud/login/logout
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.insights.nexthink.com
login.okta.com
ok9static.oktacdn.com
santander-mx-login.us.nexthink.cloud
santander-mx.us.nexthink.cloud
login.okta.com
108.139.29.19
15.197.195.200
3.21.9.51
34.102.158.97
32500251349a69f3281061abc9ba20a6231151499e209b11c2a4de603ec6ffe5
33c2e4624d6bd52438f9c3f7d93897826e8503ed7cd7a14136cb437fda473e93
35333a6ae8caf8d43fd0ced892900123516440bd2bf2740ea976cfed147c6ec0
391cd178cdf171d1ffbaee2a203d3bdae7851b9d4939ba10f5b54210cd039882
3958ad8693980542aa5ea92ffdea55adb2edeadc8d280240141b37ed0dfd30f7
41007cca25365e6a00174b3f4a155e7ba866fce519287970c3261cbd7e35ac75
458a39a61c8f8303f37986cb6e69ec250a587c22285e4db459d5f138a052b887
524269362ddf8351b47e25fdfba45cfb4f5fbfd61f6d68c8a05d8c6fe76c09b2
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
772b077603d928097e004440afc64d75bbc23a97e0ef7dd4d0d1948dddd8b89d
81cd2373b06c10e047c3a682ad572e07d3b411e77df6e200e2afe20ab7940a89
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
90b1a5f59fdf925609000aac9693eea2612c2e62bd84804ad1da395cef67658b
ab11bcb142c336d213ee6e9c574db61880e421a9a82ac1a5c37fe7f4f721d32e
c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78
d795ce313707aebcfb524454b1a7b99c7094d6f5e075801ab5f3ddf92452c2d6
dab9e344553091451ee9dead9ca3bdf1413e1d96834a8b03cb3c664aa36428b0
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
def1bb171895402e944395a139202730ce78b7c2ce8ebfeb3d79f4150ee2236b
ea8d801deb6776d5aaf273dfbc42d503fdaaa6f51c8934d0961e3f2a1ba13ceb
eaf19e99f3717c6a96a22bafb2b52eb1c0177ac035012cb187346b143730f27a
f3c41f182733fcab9ca40c6de8dfcc615677d776da0d846ef51f61707821be41
fd58229db45a7d82ac8dc04e7564b38f78172fb98e2140c118046a8d9da62ac4