kavak-bbva-staging.kikoya.mx Open in urlscan Pro
3.226.107.193  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set sign_in Show response kavak-bbva-staging.kikoya.mx/users/	8 KB 9 KB	665ms 415ms	Document text/html	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash a02a747f8ea9c2751d04a5b9700134d8da94ae6abb89af857dc1ffabd1cf9c0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host kavak-bbva-staging.kikoya.mx Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server Cowboy Date Tue, 12 Jan 2021 14:47:19 GMT Connection keep-alive X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none Referrer-Policy strict-origin-when-cross-origin Content-Type text/html; charset=utf-8 Etag W/"a02a747f8ea9c2751d04a5b9700134d8" Cache-Control max-age=0, private, must-revalidate Set-Cookie _creditos_session=74pIZ%2B%2BXOPAXvmAfsnieqxPkIc3KtcOXV%2FcibgCEUZ0L3l9PhIFWfH4uKUBdD9ArjUiiBMNarTZ1BZqfaL7LWIdqS%2BdG2HR3EBWcN%2FYvJQl7hjUSdINQnn3Ye5ll3dlwLkU8HX4InL3MmXe4xadPUvlEFjH2rWXhDnoukS21jynZqGFCiTMhnChb8hTJ8fPuNZ8hnekK6uhBSpQUeNiYqApiaJi8MPfby2EpBkV5YJ2YF301gMYToLUmzCVj1izupeiTCeMFdCqqlqj4RJN%2F9hSuvGU0hONkdw%3D%3D--x7rRHG7Pb5Ydvt6t--OobaQveuidyWqXxbu%2F4%2B1w%3D%3D; path=/; secure; HttpOnly X-Request-Id cce29d8a-6909-479e-80ab-e5d80a81d204 X-Runtime 0.295873 Strict-Transport-Security max-age=31536000; includeSubDomains Vary Origin Transfer-Encoding chunked Via 1.1 vegur
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	17ms 15ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id= Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b6a3f26316ab588b728d5ecb0575bd5736a274f7595ac31689acdb6cc571b55d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 12 Jan 2021 14:47:19 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38724 x-xss-protection 0 last-modified Tue, 12 Jan 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 12 Jan 2021 14:47:19 GMT
GET H/1.1	200 OK	application-736c3ed81a10e6e3249ce69edd0b1d38b3d25d61def26660504e021a0b1cae34.css kavak-bbva-staging.kikoya.mx/assets/	405 KB 59 KB	140ms 139ms	Stylesheet text/css	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/assets/application-736c3ed81a10e6e3249ce69edd0b1d38b3d25d61def26660504e021a0b1cae34.css Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash aaf44a12b81601d0569d22ee827386619dd9b59cee12994eb73afe1d507bb9b8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:19 GMT Content-Encoding gzip Last-Modified Fri, 08 Jan 2021 18:05:43 GMT Server Cowboy Vary Accept-Encoding, Origin Content-Type text/css Via 1.1 vegur Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Content-Length 60410
GET H/1.1	200 OK	subpages-2bf1e42af240d0d3d6e9e54f0e13a1b08c41510ab303be8682640736cc9dbb8f.js Show response kavak-bbva-staging.kikoya.mx/assets/	182 KB 55 KB	437ms 213ms	Script application/javascript	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/assets/subpages-2bf1e42af240d0d3d6e9e54f0e13a1b08c41510ab303be8682640736cc9dbb8f.js Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash 2bf1e42af240d0d3d6e9e54f0e13a1b08c41510ab303be8682640736cc9dbb8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:19 GMT Content-Encoding gzip Last-Modified Fri, 18 Sep 2020 23:32:23 GMT Server Cowboy Vary Accept-Encoding, Origin Content-Type application/javascript Via 1.1 vegur Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Content-Length 55700
GET H/1.1	200 OK	password_validator-5659a9d4fb64e68d14491b4051ff2f00d5be94a3cdb39fa7aa6fa17eb1811bab.js Show response kavak-bbva-staging.kikoya.mx/assets/	3 KB 1 KB	344ms 119ms	Script application/javascript	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/assets/password_validator-5659a9d4fb64e68d14491b4051ff2f00d5be94a3cdb39fa7aa6fa17eb1811bab.js Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash 5659a9d4fb64e68d14491b4051ff2f00d5be94a3cdb39fa7aa6fa17eb1811bab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:19 GMT Content-Encoding gzip Last-Modified Wed, 07 Oct 2020 16:53:52 GMT Server Cowboy Vary Accept-Encoding, Origin Content-Type application/javascript Via 1.1 vegur Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Content-Length 872
GET H/1.1	200 OK	sessions_encrypt_password-ac65473cb1d8a79393bf8ae756c75b52fc9d80f49f4ae682b5e78dd86611a41e.js Show response kavak-bbva-staging.kikoya.mx/assets/	1 KB 816 B	361ms 130ms	Script application/javascript	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/assets/sessions_encrypt_password-ac65473cb1d8a79393bf8ae756c75b52fc9d80f49f4ae682b5e78dd86611a41e.js Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash ac65473cb1d8a79393bf8ae756c75b52fc9d80f49f4ae682b5e78dd86611a41e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:19 GMT Content-Encoding gzip Last-Modified Tue, 08 Sep 2020 15:38:53 GMT Server Cowboy Vary Accept-Encoding, Origin Content-Type application/javascript Via 1.1 vegur Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Content-Length 480
GET H/1.1	200 OK	application-45fc4f31883d741c1a82.js Show response kavak-bbva-staging.kikoya.mx/packs/js/	1 MB 460 KB	361ms 124ms	Script application/javascript	3.226.107.193 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://kavak-bbva-staging.kikoya.mx/packs/js/application-45fc4f31883d741c1a82.js Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.107.193 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-107-193.compute-1.amazonaws.com Software Cowboy / Resource Hash f8b43581d51b6f840135c729a3b979d9599a89bf9e7ea92fc7f84f9fa54c382b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:20 GMT Content-Encoding gzip Last-Modified Fri, 08 Jan 2021 18:21:19 GMT Server Cowboy Vary Accept-Encoding, Origin Content-Type application/javascript Via 1.1 vegur Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Content-Length 470867
GET H2	200	aes.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/	13 KB 5 KB	15ms 14ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 12 Jan 2021 14:47:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 488913 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 4256 cf-request-id 0798a9dc700000c2a47e2ce000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-3430" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IqhQcL%2FtankMDsez1Xj0RRIozU94oR9gKDUqFQc6p5esatW4ZLLSGNEEMtW76j%2F%2Fcos5nnmyUmu42zoFpQZ7Uu%2FgSbFJ76rSBww4jHE0M6l3Ic4rYUCPnFtZj%2BHYweTU%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6107ac0d7962c2a4-FRA expires Sun, 02 Jan 2022 14:47:19 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 828 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Jaldi:400,700|Oswald:300,400,700 Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7e866d23ea8f86f0af2c579083a2b4ea122a64721c13a2a408de4418160fb801 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Jan 2021 14:47:19 GMT server ESF date Tue, 12 Jan 2021 14:47:19 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Jan 2021 14:47:19 GMT
GET H/1.1	200 OK	1atransparent-d535146ffc.png s3.amazonaws.com/arbol-financiero-staging/uploads/131/landing/	240 B 620 B	475ms 156ms	Image image/png	52.217.42.38 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.amazonaws.com/arbol-financiero-staging/uploads/131/landing/1atransparent-d535146ffc.png Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/users/sign_in?id_JIBBRSA=FO-5712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.42.38 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash d71e22a5151ceea2395c617f2c832d473fa7e983daf3d22529825b235945ff46 Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 12 Jan 2021 14:47:21 GMT Last-Modified Tue, 22 Sep 2020 21:27:12 GMT Server AmazonS3 x-amz-request-id 8006212508CAC042 ETag "b67c325a62f67e621d16750f488f9080" Content-Type image/png x-amz-version-id null Accept-Ranges bytes Content-Length 240 x-amz-id-2 f38cxygOstPschtGyky+Q1fzIjLn1nsxsfJjkY0o2/O1Q/vA8bCgK85JF0gtvl+BnF3RNLxaDa0=
GET H3-Q050	200	css fonts.googleapis.com/	12 KB 888 B	66ms 52ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/assets/application-736c3ed81a10e6e3249ce69edd0b1d38b3d25d61def26660504e021a0b1cae34.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fbf2eb84a14814a2b4cf0ddbabf2b033616f3f20ac8672bed14b93031bafe2f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Jan 2021 14:47:20 GMT server ESF date Tue, 12 Jan 2021 14:47:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Jan 2021 14:47:20 GMT
GET H3-Q050	200	css fonts.googleapis.com/	8 KB 1 KB	65ms 51ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300 Requested by Host: kavak-bbva-staging.kikoya.mx URL: https://kavak-bbva-staging.kikoya.mx/assets/application-736c3ed81a10e6e3249ce69edd0b1d38b3d25d61def26660504e021a0b1cae34.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 281b107cc0f1e797876406dfcf259deabd3b85bf601738fd6e8d8e3fcfc6ae7c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://kavak-bbva-staging.kikoya.mx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Jan 2021 14:47:20 GMT server ESF date Tue, 12 Jan 2021 14:47:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Jan 2021 14:47:20 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	12ms 11ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://kavak-bbva-staging.kikoya.mx Referer https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 07 Jan 2021 16:12:05 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 426915 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Fri, 07 Jan 2022 16:12:05 GMT
GET H2	200	TK3iWkUHHAIjg752GT8Gl-1PKw.woff2 fonts.gstatic.com/s/oswald/v35/	25 KB 25 KB	11ms 10ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Jaldi:400,700|Oswald:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://kavak-bbva-staging.kikoya.mx Referer https://fonts.googleapis.com/css?family=Jaldi:400,700|Oswald:300,400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 08 Jan 2021 18:09:46 GMT x-content-type-options nosniff last-modified Mon, 13 Jul 2020 19:17:26 GMT server sffe age 333454 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25376 x-xss-protection 0 expires Sat, 08 Jan 2022 18:09:46 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://kavak-bbva-staging.kikoya.mx Referer https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 06 Jan 2021 06:19:46 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:52 GMT server sffe age 548854 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11180 x-xss-protection 0 expires Thu, 06 Jan 2022 06:19:46 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://kavak-bbva-staging.kikoya.mx Referer https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 07 Jan 2021 15:35:33 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 429107 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11020 x-xss-protection 0 expires Fri, 07 Jan 2022 15:35:33 GMT
GET H3-Q050	200	KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2 fonts.gstatic.com/s/roboto/v20/	12 KB 12 KB	7ms 5ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://kavak-bbva-staging.kikoya.mx Referer https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,700italic User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 07 Jan 2021 05:35:06 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:19:00 GMT server sffe age 465134 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12680 x-xss-protection 0 expires Fri, 07 Jan 2022 05:35:06 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer string| googleAnalyticsTrackingId object| google_tag_manager function| $ function| jQuery object| jQuery1124009520536915177114 object| Turbolinks function| PasswordValidator object| _0x71d7 function| setImmediate function| clearImmediate object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| Routes object| CryptoJS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kavak-bbva-staging.kikoya.mx/	1969-12-31 23:59:59	Name: _creditos_session Value: 74pIZ%2B%2BXOPAXvmAfsnieqxPkIc3KtcOXV%2FcibgCEUZ0L3l9PhIFWfH4uKUBdD9ArjUiiBMNarTZ1BZqfaL7LWIdqS%2BdG2HR3EBWcN%2FYvJQl7hjUSdINQnn3Ye5ll3dlwLkU8HX4InL3MmXe4xadPUvlEFjH2rWXhDnoukS21jynZqGFCiTMhnChb8hTJ8fPuNZ8hnekK6uhBSpQUeNiYqApiaJi8MPfby2EpBkV5YJ2YF301gMYToLUmzCVj1izupeiTCeMFdCqqlqj4RJN%2F9hSuvGU0hONkdw%3D%3D--x7rRHG7Pb5Ydvt6t--OobaQveuidyWqXxbu%2F4%2B1w%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
kavak-bbva-staging.kikoya.mx
s3.amazonaws.com
www.googletagmanager.com
2606:4700::6810:135e
2a00:1450:4001:800::200a
2a00:1450:4001:808::2008
2a00:1450:4001:818::2003
2a00:1450:4001:81e::200a
3.226.107.193
52.217.42.38
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
281b107cc0f1e797876406dfcf259deabd3b85bf601738fd6e8d8e3fcfc6ae7c
2bf1e42af240d0d3d6e9e54f0e13a1b08c41510ab303be8682640736cc9dbb8f
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
5659a9d4fb64e68d14491b4051ff2f00d5be94a3cdb39fa7aa6fa17eb1811bab
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7e866d23ea8f86f0af2c579083a2b4ea122a64721c13a2a408de4418160fb801
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a02a747f8ea9c2751d04a5b9700134d8da94ae6abb89af857dc1ffabd1cf9c0f
aaf44a12b81601d0569d22ee827386619dd9b59cee12994eb73afe1d507bb9b8
ac65473cb1d8a79393bf8ae756c75b52fc9d80f49f4ae682b5e78dd86611a41e
b6a3f26316ab588b728d5ecb0575bd5736a274f7595ac31689acdb6cc571b55d
d71e22a5151ceea2395c617f2c832d473fa7e983daf3d22529825b235945ff46
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
f8b43581d51b6f840135c729a3b979d9599a89bf9e7ea92fc7f84f9fa54c382b
fbf2eb84a14814a2b4cf0ddbabf2b033616f3f20ac8672bed14b93031bafe2f1
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a