urlscan.io logo urlscan.io
SecurityTrails logo

compras.haya.es Open in urlscan Pro
217.116.5.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx
Effective URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Submission Tags: falconsandbox
Submission: On September 19 via api from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 217.116.5.188, located in San Fernando de Henares, Spain and belongs to ACENS_AS Spain Hosting, housing and VPN services, ES. The main domain is compras.haya.es.
TLS certificate: Issued by Thawte RSA CA 2018 on December 23rd 2021. Valid for: a year.
This is the only time compras.haya.es was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 23 217.116.5.188 16371 (ACENS_AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
20 2
Apex Domain
Subdomains		 Transfer
23 haya.es
compras.haya.es
739 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
31 KB
20 2
Domain Requested by
23 compras.haya.es 4 redirects compras.haya.es
1 ajax.googleapis.com compras.haya.es
20 2

This site contains links to these domains. Also see Links.

Domain
www.haya.es
www.fullstep.com
Subject Issuer Validity Valid
*.haya.es
Thawte RSA CA 2018		 2021-12-23 -
2023-01-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Frame ID: 643225435B68DB9A65D8E7A1A0C93D65
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

:: Portal de Proveedores ::

Page URL History Show full URLs

  1. http://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx HTTP 301
    https://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx HTTP 302
    https://compras.haya.es/ HTTP 302
    http://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA HTTP 307
    https://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA HTTP 302
    https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

767 kB
Transfer

964 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx HTTP 301
    https://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx HTTP 302
    https://compras.haya.es/ HTTP 302
    http://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA HTTP 307
    https://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA HTTP 302
    https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request default.asp
compras.haya.es/script/login/HRE/
Redirect Chain
  • http://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx
  • https://compras.haya.es/script/PMPortal/script/_common/guardarinstancia.aspx
  • https://compras.haya.es/
  • http://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA
  • https://compras.haya.es/custom/HRE/public/default.asp?Idioma=SPA
  • https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
21403957ec6416270787e729fb57356a2f1b3a77f2567cb3c22a036e850c9b75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-length
4653
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
content-type
text/html; Charset=UTF-8
date
Mon, 19 Sep 2022 10:07:45 GMT
expires
Mon, 19 Sep 2022 10:06:45 GMT
pragma
no-cache
strict-transport-security
max-age=16000000; preload;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
184
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
content-type
text/html
date
Mon, 19 Sep 2022 10:07:45 GMT
location
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
strict-transport-security
max-age=16000000; preload;
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
formatos.js
compras.haya.es/script/common/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/common/formatos.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
3c5a96af7548a9b63212cd64dd5d878e306a3d0ae36e518312690d7a0f510e86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 31 May 2019 07:58:22 GMT
etag
"063ee9d8617d51:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
13956
x-xss-protection
1; mode=block
jquery.min.js
compras.haya.es/script/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/js/jquery.min.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 19 Nov 2021 09:17:46 GMT
etag
"059835026ddd71:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
30982
x-xss-protection
1; mode=block
jquery-migrate-3.0.1.js
compras.haya.es//script/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es//script/js/jquery-migrate-3.0.1.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
1589fc7479100b06d2da4d7457313104228fb0403aa9129e269306667df52039
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 10 Apr 2019 14:02:22 GMT
etag
"0ab844a6efd41:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
4275
x-xss-protection
1; mode=block
politicacookies.js
compras.haya.es/script/politicacookies/js/ 		967 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/politicacookies/js/politicacookies.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
c4a53a7a41e4635c2a556c0f4ad641264b26ed088068703ba936f6569bdc1f21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 27 Feb 2019 14:08:32 GMT
etag
"0b0b4eba5ced41:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
585
x-xss-protection
1; mode=block
reset.css
compras.haya.es/script/login/HRE/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/css/reset.css
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
fd7ed07ae59f64a44f54c7466e6a8b48090f606f5b0117cff730c4c8db603a32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Feb 2018 14:14:24 GMT
etag
"02010ca549fd31:0"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
1000
x-xss-protection
1; mode=block
font-awesome.min.css
compras.haya.es/script/login/HRE/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/css/font-awesome.min.css
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
382b40894696653c2258b08a376f22727e41e4790b3810d2c4b5d352495d1904
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Feb 2018 14:14:24 GMT
etag
"02010ca549fd31:0"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
6214
x-xss-protection
1; mode=block
style.css
compras.haya.es/script/login/HRE/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/css/style.css
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
9a95da9b90beb14876770cff1d6588f57d2d6528bf5d9e5330199be47d9c1236
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 22 Jun 2018 07:41:12 GMT
etag
"09c5064fc9d41:0"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
5343
x-xss-protection
1; mode=block
responsive.css
compras.haya.es/script/login/HRE/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/css/responsive.css
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
76ab8cb0016d13b3f7fc2ea47a53f02c02424cd40115becb8b480144c0994736
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 06 Feb 2018 14:14:24 GMT
etag
"02010ca549fd31:0"
x-frame-options
SAMEORIGIN
content-type
text/css
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
1738
x-xss-protection
1; mode=block
logo_haya.png
compras.haya.es/script/login/HRE/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compras.haya.es/script/login/HRE/img/logo_haya.png
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
7ff22d8c88b7f0b94f58150224e03700b5f6633b69ce3c32d006fb495a998408
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Tue, 06 Feb 2018 14:14:26 GMT
etag
"04d41cb549fd31:0"
x-frame-options
SAMEORIGIN
content-type
image/png
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
5910
x-xss-protection
1; mode=block
logo_fullstep.png
compras.haya.es/script/login/HRE/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compras.haya.es/script/login/HRE/img/logo_fullstep.png
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
8771f1ccf73cd77c1e597205e5a0e181810d27d0f40f35cdcade87f03a58afcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Fri, 14 Jan 2022 09:46:08 GMT
etag
"0f01d8e2b9d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
2764
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 06:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 06:44:40 GMT
main.js
compras.haya.es//script/js/ 		248 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es//script/js/main.js
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
5c51b9e49d8f730e01094a9ffcddded0115a455aaa2b2518fb43159a4be01445
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/default.asp?Idioma=SPA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 10 Apr 2019 14:02:22 GMT
etag
"0ab844a6efd41:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
292
x-xss-protection
1; mode=block
bk-entrada.jpg
compras.haya.es/script/login/HRE/img/ 		510 KB
511 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://compras.haya.es/script/login/HRE/img/bk-entrada.jpg
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
b22bd3435fef7d9ce732ae720536a3737df254a70768d24180665e941074b9a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://compras.haya.es/script/login/HRE/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Tue, 06 Feb 2018 14:14:26 GMT
etag
"04d41cb549fd31:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
522525
x-xss-protection
1; mode=block
comfortaa-bold-webfont.woff2
compras.haya.es/script/login/HRE/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/comfortaa-bold-webfont.woff2
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/style.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
x-frame-options
SAMEORIGIN
date
Mon, 19 Sep 2022 10:07:45 GMT
content-length
1245
x-xss-protection
1; mode=block
content-type
text/html
fontawesome-webfont.woff2
compras.haya.es/script/login/HRE/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/font-awesome.min.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
x-frame-options
SAMEORIGIN
date
Mon, 19 Sep 2022 10:07:45 GMT
content-length
1245
x-xss-protection
1; mode=block
content-type
text/html
comfortaa-regular-webfont.woff2
compras.haya.es/script/login/HRE/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/comfortaa-regular-webfont.woff2
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/style.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
x-frame-options
SAMEORIGIN
date
Mon, 19 Sep 2022 10:07:45 GMT
content-length
1245
x-xss-protection
1; mode=block
content-type
text/html
fontawesome-webfont.woff
compras.haya.es/script/login/HRE/fonts/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/fontawesome-webfont.woff?v=4.4.0
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/font-awesome.min.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Tue, 06 Feb 2018 14:14:26 GMT
etag
"04d41cb549fd31:0"
x-frame-options
SAMEORIGIN
content-type
font/x-woff
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
81284
x-xss-protection
1; mode=block
comfortaa-bold-webfont.woff
compras.haya.es/script/login/HRE/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/comfortaa-bold-webfont.woff
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
aa550231ec5ee302a5bbf7214fbbe73598f53f9d30eb3af81eddf5695e988d30
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/style.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Tue, 06 Feb 2018 14:14:24 GMT
etag
"02010ca549fd31:0"
x-frame-options
SAMEORIGIN
content-type
font/x-woff
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
29356
x-xss-protection
1; mode=block
comfortaa-regular-webfont.woff
compras.haya.es/script/login/HRE/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://compras.haya.es/script/login/HRE/fonts/comfortaa-regular-webfont.woff
Requested by
Host: compras.haya.es
URL: https://compras.haya.es/script/login/HRE/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.116.5.188 San Fernando de Henares, Spain, ASN16371 (ACENS_AS Spain Hosting, housing and VPN services, ES),
Reverse DNS
217-116-5-188.redes.acens.net
Software
/
Resource Hash
28a89df6880ed5d6154c7a3111b2db62e8709526ff62c4756f21de45cb187ffd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://compras.haya.es/script/login/HRE/css/style.css
Origin
https://compras.haya.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:07:45 GMT
last-modified
Tue, 06 Feb 2018 14:14:24 GMT
etag
"02010ca549fd31:0"
x-frame-options
SAMEORIGIN
content-type
font/x-woff
content-security-policy
frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
strict-transport-security
max-age=16000000; preload;
accept-ranges
bytes
content-length
29156
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| validarText function| validarFecha function| get_full_year function| stripCharString function| allowInString function| validarNumero function| mascaraNumero function| redondea function| num2str function| str2num function| datehour2str function| date2str function| str2date function| devolverLocFecha function| devolverUTCFecha function| inputFecha function| inputFechaNoVacio function| trim function| replaceAll function| JS2HTML function| VALIDAR_CIF function| VALIDAR_NIF function| inputTexto function| inputNumero function| Var2Param function| validarKeyPress function| validarLength function| textArea string| digits string| phoneNumberDelimiters string| validWorldPhoneChars number| minDigitsInIPhoneNumber function| isInteger function| stripCharsInBag function| ValidarTelefono function| validarEmail function| devolverUTCFechaFSAL function| addZero function| devolverIdRegistroFSAL function| validarNIF_NIE function| $ function| jQuery function| createCookie function| readCookie function| eraseCookie function| areCookiesEnabled function| windowOpen function| windowopen function| windowopen_UsuNoValido function| Alta function| ventanaLogin function| ventanaSecundaria function| ventanaAyuda function| popup function| recuerdePWD function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_swapImgRestore

3 Cookies

Domain/Path Name / Value
compras.haya.es/ Name: ASP.NET_SessionId
Value: 5ghno5nqzvizurevbcp1zhs2
compras.haya.es/ Name: ASPSESSIONIDSCCSBTSQ
Value: LPOPDCBACHKODOCDHDECPAEG
compras.haya.es/ Name: USU_CADPASSWORD
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://compras.haya.es/script/login/HRE/fonts/fontawesome-webfont.woff2?v=4.4.0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://compras.haya.es/script/login/HRE/fonts/comfortaa-bold-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://compras.haya.es/script/login/HRE/fonts/comfortaa-regular-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.fullstep.net *.cruzroja.es *.elecnor.es *.biosearchlife.com *.mahou-sanmiguel.com *.cieautomotive.com *.juver.es *.gri.com.es *.deoleo.com *.rbiberia.com *.sidenor.com *.avanzagrupo.com *.abeienergy.com *.astara.com *.bergeauto.com *.nae.global *.cofares.es *.importaco.com *.gdels.com *.gocontact.es *.esteveteijin.com *.reale.es *.feda.ad *.delafruit.com *.cajarural.com *.fullstep.app *.fundacionlacaixa.org *.alianzasvmototalplayempresarial.com.mx
Strict-Transport-Security max-age=16000000; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block