pse.todo1.com Open in urlscan Pro
162.159.255.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pse.todo1.com/
Effective URL:
https://pse.todo1.com/index.jsp
Submission: On June 14 via manual (June 14th 2024, 7:30:17 pm UTC) from CO — Scanned from ES

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 162.159.255.111, located in and belongs to CLOUDFLARENET, US. The main domain is pse.todo1.com. The Cisco Umbrella rank of the primary domain is 519486.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 25th 2023. Valid for: a year.

This is the only time pse.todo1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	162.159.255.111 162.159.255.111		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	1

10 162.159.255.111 (None, )

ASN13335 (CLOUDFLARENET, US)

pse.todo1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	todo1.com pse.todo1.com — Cisco Umbrella Rank: 519486	201 KB
10	1

	Domain	Requested by
10	pse.todo1.com	pse.todo1.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid
pse.todo1.com GlobalSign RSA OV SSL CA 2018	`2023-10-25` - `2024-11-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pse.todo1.com/index.jsp
Frame ID: B06592F9CED0116E0384159334D12A3E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bancolombia - Pagos PSE

Page URL History Show full URLs

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/ Page URL
https://pse.todo1.com/index.jsp Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

201 kB
Transfer

482 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/ Page URL
https://pse.todo1.com/index.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
pse.todo1.com/
Redirect Chain

http://pse.todo1.com/
https://pse.todo1.com/

175 B
920 B

677ms
221ms

Document
text/html

162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: pse.todo1.com
cf-cache-status: DYNAMIC
cf-ray: 893cbbc7499070ea-MRS
content-encoding: gzip
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-type: text/html; charset=iso-8859-1
date: Fri, 14 Jun 2024 19:30:11 GMT
last-modified: Mon, 08 Feb 2016 14:36:04 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

Location: https://pse.todo1.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 404 Primary Request index.jsp Show response
pse.todo1.com/ 5 KB
1 KB 225ms
225ms Document
text/html 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/index.jsp

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://pse.todo1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: pse.todo1.com
cf-cache-status: DYNAMIC
cf-ray: 893cbbc8cb4e70ea-MRS
content-encoding: gzip
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-type: text/html; charset=iso-8859-1
date: Fri, 14 Jun 2024 19:30:12 GMT
last-modified: Fri, 03 Nov 2017 00:26:45 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
pse.todo1.com/bancolombia/pse/css/ 32 KB
7 KB 92ms
90ms Stylesheet
text/css 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/styles.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab7af8bc8aa5996d0b2dbebdc56a548d447137df96533481dd99266713249fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
cf-cache-status: HIT
age: 5258
ntcoent-length: 32257
content-length: 6472
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 20 Jan 2023 03:01:38 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 893cbbca3d2470ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 bootstrap.css
pse.todo1.com/bancolombia/pse/css/ 98 KB
17 KB 115ms
114ms Stylesheet
text/css 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/bootstrap.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7dc0bf2d9c01efaf41a4aa46d0c551a4ba72d40ce7e0b3dff4b0c421f60b61d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 2622
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 14:00:50 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 893cbbca3d2570ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 bootstrap-ie7.css
pse.todo1.com/bancolombia/pse/css/ 19 KB
2 KB 215ms
215ms Stylesheet
text/css 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/bootstrap-ie7.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9349a4ed8222210551ccf5913821dc9bd16d539c7592f6739f3f9c7048fc952

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 14:00:50 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 893cbbca3d2770ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 logo.png
pse.todo1.com/bancolombia/images/ 2 KB
2 KB 89ms
89ms Image
image/png 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pse.todo1.com/bancolombia/images/logo.png

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a891bc3ebedf2ee3c61f7b1e08944a9976117bb1c546f8dfd9f5c8dd819f16f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 2577
content-length: 2397
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:44 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 893cbbcacdb170ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 icon-error.png
pse.todo1.com/bancolombia/images/ 861 B
960 B 95ms
95ms Image
image/png 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pse.todo1.com/bancolombia/images/icon-error.png

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457839b6033a9e6f927999269afa687d8419e05868de8fb7816466e23de1b604

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 2291
content-length: 861
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:46 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 893cbbcb9e7370ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 CIBFontSans-Light.ttf
pse.todo1.com/bancolombia/pse/fonts/cic-sans/ 108 KB
55 KB 165ms
156ms Font
application/font-sfnt 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/fonts/cic-sans/CIBFontSans-Light.ttf

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Origin: https://pse.todo1.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 7088
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:58 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/font-sfnt
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 893cbbcbdebc70ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 200 OpenSans-Regular.ttf
pse.todo1.com/bancolombia/pse/fonts/open-sans/ 212 KB
114 KB 107ms
99ms Font
application/font-sfnt 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/fonts/open-sans/OpenSans-Regular.ttf

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Origin: https://pse.todo1.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 4878
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:58 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/font-sfnt
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 893cbbcbdebf70ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

GET
H2 404 favicon.ico
pse.todo1.com/ 5 KB
1 KB 130ms
126ms Other
text/html 162.159.255.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.255.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 19:30:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 28
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 03 Nov 2017 00:26:45 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 893cbbcbdeb770ea-MRS
expires: Fri, 14 Jun 2024 20:30:12 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pse.todo1.com/	1969-12-31 23:59:59	Name: NSC_qtf.upep1.dpn443 Value*: 6bbea3d13a4ec7fc2e7afc447fc0de9636d81a997860ddcdc3f44a01b1b6ca8402be92f0
			pse.todo1.com/	1970-01-20 21:21:16	Name: __cflb Value: 02DiuDHypNmNMeGZ5QjWnFHHWGaVbrTDpCW43t55o1CjN

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pse.todo1.com/index.jsp Message: Failed to load resource: the server responded with a status of 404 ()
intervention	info	URL: https://pse.todo1.com/index.jsp Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://pse.todo1.com/bancolombia/pse/fonts/cic-sans/CIBFontSans-Light.ttf
intervention	info	URL: https://pse.todo1.com/index.jsp Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://pse.todo1.com/bancolombia/pse/fonts/open-sans/OpenSans-Regular.ttf
network	error	URL: https://pse.todo1.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pse.todo1.com
162.159.255.111
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3
457839b6033a9e6f927999269afa687d8419e05868de8fb7816466e23de1b604
5ab7af8bc8aa5996d0b2dbebdc56a548d447137df96533481dd99266713249fb
9a891bc3ebedf2ee3c61f7b1e08944a9976117bb1c546f8dfd9f5c8dd819f16f
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
e7dc0bf2d9c01efaf41a4aa46d0c551a4ba72d40ce7e0b3dff4b0c421f60b61d
f9349a4ed8222210551ccf5913821dc9bd16d539c7592f6739f3f9c7048fc952

pse.todo1.com Open in urlscan Pro 162.159.255.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

201 kBTransfer

482 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

4 Console Messages

Security Headers

Indicators

pse.todo1.com Open in urlscan Pro
162.159.255.111 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

201 kB
Transfer

482 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions