staging-app.creditogrupalia.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://staging-app.creditogrupalia.com/
Effective URL:
https://staging-app.creditogrupalia.com/users/sign_in
Submission: On January 09 via automatic, source certstream-suspicious (January 9th 2024, 7:51:11 pm UTC) — Scanned from NL

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is staging-app.creditogrupalia.com.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.

This is the only time staging-app.creditogrupalia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:223... 2600:9000:223f:f000:1d:be94:4b80:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2

10 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

staging-app.creditogrupalia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:f000:1d:be94:4b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	creditogrupalia.com 1 redirects staging-app.creditogrupalia.com	980 KB
4	posthog.com app.posthog.com — Cisco Umbrella Rank: 24140	33 KB
13	2

	Domain	Requested by
10	staging-app.creditogrupalia.com	1 redirects staging-app.creditogrupalia.com
4	app.posthog.com	staging-app.creditogrupalia.com
13	2

This site contains links to these domains. Also see Links.

Domain
web.facebook.com
www.instagram.com
wa.me

Subject Issuer	Validity	Valid
creditogrupalia.com GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.posthog.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://staging-app.creditogrupalia.com/users/sign_in
Frame ID: 24540E0DE65BDDF48D9CAB52B90EEBBC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grupalia | Iniciar sesión

Page URL History Show full URLs

https://staging-app.creditogrupalia.com/ HTTP 302
https://staging-app.creditogrupalia.com/users/sign_in Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1011 kB
Transfer

3491 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/people/Grupalia/61554161525665/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/grupalia.mx/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://wa.me/+5215514781650?text=Hola%2C%20me%20ayudarian%20con%3A%20

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://staging-app.creditogrupalia.com/ HTTP 302
https://staging-app.creditogrupalia.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign_in Show response
staging-app.creditogrupalia.com/users/
Redirect Chain

https://staging-app.creditogrupalia.com/
https://staging-app.creditogrupalia.com/users/sign_in

2 KB
2 KB

138ms
138ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac2b146d9b1097cb1108875afa6773017e834e869446bf623baf7864ae07cf34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 842f36863ab6b91e-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:51:06 GMT
link: </assets/application-d6621387afbaa9aeda81878a0cca16e410cbe7e45f668e6edc1a0d4750fca4e0.css>; rel=preload; as=style; nopush,</vite/assets/application-8b1336cd.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,</vite/assets/application-c875665f.css>; rel=preload; as=style; nopush
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 97d5cfb2-817a-427a-801a-49936f5dbb1e
x-runtime: 0.011921
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 842f36841e94b91e-AMS
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:51:05 GMT
location: https://staging-app.creditogrupalia.com/users/sign_in
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829865&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=R69T%2FQeQ9GBwmgVpLukIcVuEdfJikmRX9xzLZ7JuLmY%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829865&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=R69T%2FQeQ9GBwmgVpLukIcVuEdfJikmRX9xzLZ7JuLmY%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
x-request-id: 07a57f8b-1d20-46b0-9f86-f6556bef0612
x-runtime: 0.004974

GET
H3 200 application-d6621387afbaa9aeda81878a0cca16e410cbe7e45f668e6edc1a0d4750fca4e0.css
staging-app.creditogrupalia.com/assets/ 17 KB
5 KB 306ms
306ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/assets/application-d6621387afbaa9aeda81878a0cca16e410cbe7e45f668e6edc1a0d4750fca4e0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a5dcec05daeecd8995e171db0e493206945fd9b5e531348376ca639e559914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 18:53:33 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D"}]}
content-type: text/css
cache-control: max-age=14400
cf-ray: 842f36871cc76706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D

GET
H3 200 application-8b1336cd.js Show response
staging-app.creditogrupalia.com/vite/assets/ 3 MB
892 KB 771ms
771ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e020ec8666285bcb3c197e986584a206449bdc23c5ee94f7c8e9b9550a449e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer
Origin: https://staging-app.creditogrupalia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 842f36872cf46706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D

GET
H3 200 application-c875665f.css
staging-app.creditogrupalia.com/vite/assets/ 106 KB
19 KB 576ms
576ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/application-c875665f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c875665f61b2801ef4bbb9758f20edf52329aa27fdb7b6d704ecd62123c5ebfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D"}]}
content-type: text/css
cache-control: max-age=14400
cf-ray: 842f36872cf96706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D

GET
H3 200 base-form-answers-8c628dbb.js Show response
staging-app.creditogrupalia.com/vite/assets/ 136 KB
55 KB 630ms
630ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/base-form-answers-8c628dbb.js

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56da53a3b5c72457a981a27cc5c8950903e566e428477ce8c766cbcac665a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://staging-app.creditogrupalia.com/users/sign_in
Origin: https://staging-app.creditogrupalia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 842f36872d016706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829866&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=kBRLSVqZG5ewLW3riypw6ZUZZ5ybYua7RaYuSTVRahQ%3D

POST
H2 200 / Show response
app.posthog.com/e/ 13 B
442 B 206ms
128ms XHR
application/json 2600:9000:223f:f000:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/e/?ip=1&_=1704829867189&ver=1.92.1

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:f000:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging-app.creditogrupalia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://staging-app.creditogrupalia.com
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: CgAPH1dIC5QRVXgWzKBYjTJmVupbjxgTA0Vya0-gGjfVOpDoD17Htg==

POST
H2 200 / Show response
app.posthog.com/decide/ 626 B
1 KB 204ms
127ms XHR
application/json 2600:9000:223f:f000:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/decide/?v=3&ip=1&_=1704829867190&ver=1.92.1

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:f000:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fb116fd7531e725b0eb15e8a5c765ef6edf8d13bc744edd45b6d8e0e5977c19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging-app.creditogrupalia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://staging-app.creditogrupalia.com
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: y_uMVYTzrhcyh2KG_wjwRt_aTmfv4hf43qhUIWQL86Z9epAAPz9Lxw==

GET
H3 200 logo-2eace8de.svg Show response
staging-app.creditogrupalia.com/vite/assets/ 6 KB
3 KB 310ms
310ms XHR
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/logo-2eace8de.svg

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eace8deff345937adae9fcd1b1cd7695499b9cfbea07c7a59a1ec390b2f1fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 842f368e1d226706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D

GET
H3 200 whatsapp-9a1a5f9e.svg Show response
staging-app.creditogrupalia.com/vite/assets/ 2 KB
1 KB 328ms
327ms XHR
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/whatsapp-9a1a5f9e.svg

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a1a5f9ec30279ba22514ac6e49581b67041bd89edd3e7af5d2749cb41d722af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 842f368e1d256706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D

GET
H3 200 facebook-79d9613a.svg Show response
staging-app.creditogrupalia.com/vite/assets/ 324 B
838 B 307ms
307ms XHR
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/facebook-79d9613a.svg

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d9613a47bfaf74bd0584d7952a89d84c4f8303fb84c4c97148e9ba87a2121d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 842f368e1d276706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D

GET
H3 200 instagram-5f611792.svg Show response
staging-app.creditogrupalia.com/vite/assets/ 1 KB
1 KB 343ms
343ms XHR
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging-app.creditogrupalia.com/vite/assets/instagram-5f611792.svg

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f611792ba31994581609cdffb992da9ddbeba856ef2322e6c2d1d5e8f01c24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:51:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 09 Jan 2024 19:45:41 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 842f368e1d286706-AMS
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1704829867&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FbFpeOLt6tCYrmsFq%2BJUCWipddNuqBBcB6OdW4A16uE%3D

GET
H2 200 recorder-v2.js Show response
app.posthog.com/static/ 101 KB
31 KB 29ms
29ms Script
application/javascript 2600:9000:223f:f000:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.posthog.com/static/recorder-v2.js?v=1.92.1
Requested by: Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2731df5d36de8c6c5f2a52a1d98fd418cc92a78605ac8006c571f28bcc6c5b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://staging-app.creditogrupalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 03:25:53 GMT
x-amz-version-id: z1qvc1KXLYz4GQTrJtPfqanJIo1F1WeZ
content-encoding: br
last-modified: Mon, 08 Jan 2024 22:24:30 GMT
server: AmazonS3
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"58dafd97be3683ef488e9fc8d2a12cd7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
age: 59115
x-amz-cf-id: nLDZVIq60tMLg9GFBTn4WuYRjoY-1vgmAzw0pvd9fOixPR5q0F7BQQ==

POST
H2 200 / Show response
app.posthog.com/s/ 13 B
442 B 177ms
176ms XHR
application/json 2600:9000:223f:f000:1d:be94:4b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1704829870208&ver=1.92.1

Requested by

Host: staging-app.creditogrupalia.com
URL: https://staging-app.creditogrupalia.com/vite/assets/application-8b1336cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:f000:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://staging-app.creditogrupalia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 19:51:10 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://staging-app.creditogrupalia.com
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: Ao2-Rr7F5tZ4REBFWKrfHnRAC-DmQcV5Zjq6lq_ZKoupCF57jHg0Xg==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			staging-app.creditogrupalia.com/	1970-01-20 18:17:01	Name: _app_session Value: dbbb7d16bd694218e31c7a78ec825e48
			.creditogrupalia.com/	1970-01-21 02:19:25	Name: ph_phc_oRHzrD9BFMM8wfvoZhKGfRX0WljAH4PUXEKjBROhRZY_posthog Value: %7B%22distinct_id%22%3A%22018cefc7-54b2-7578-996e-4624be8627c5%22%2C%22%24device_id%22%3A%22018cefc7-54b2-7578-996e-4624be8627c5%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1704829867397%2C%22018cefc7-54b4-7d69-a033-8c22c8c79213%22%2C1704829867188%5D%2C%22%24client_session_props%22%3A%7B%22sessionId%22%3A%22018cefc7-54b4-7d69-a033-8c22c8c79213%22%2C%22props%22%3A%7B%22initialPathName%22%3A%22%2Fusers%2Fsign_in%22%2C%22referringDomain%22%3A%22%24direct%22%7D%7D%2C%22%24session_recording_enabled_server_side%22%3Atrue%2C%22%24console_log_recording_enabled_server_side%22%3Atrue%2C%22%24session_recording_recorder_version_server_side%22%3A%22v2%22%2C%22%24session_recording_network_payload_capture%22%3A%7B%22capturePerformance%22%3Atrue%7D%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
staging-app.creditogrupalia.com
2600:9000:223f:f000:1d:be94:4b80:93a1
2a06:98c1:3121::3
2eace8deff345937adae9fcd1b1cd7695499b9cfbea07c7a59a1ec390b2f1fbb
5f611792ba31994581609cdffb992da9ddbeba856ef2322e6c2d1d5e8f01c24f
77e020ec8666285bcb3c197e986584a206449bdc23c5ee94f7c8e9b9550a449e
79d9613a47bfaf74bd0584d7952a89d84c4f8303fb84c4c97148e9ba87a2121d
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
9a1a5f9ec30279ba22514ac6e49581b67041bd89edd3e7af5d2749cb41d722af
ac2b146d9b1097cb1108875afa6773017e834e869446bf623baf7864ae07cf34
b2a5dcec05daeecd8995e171db0e493206945fd9b5e531348376ca639e559914
c2731df5d36de8c6c5f2a52a1d98fd418cc92a78605ac8006c571f28bcc6c5b2
c56da53a3b5c72457a981a27cc5c8950903e566e428477ce8c766cbcac665a85
c875665f61b2801ef4bbb9758f20edf52329aa27fdb7b6d704ecd62123c5ebfc
fb116fd7531e725b0eb15e8a5c765ef6edf8d13bc744edd45b6d8e0e5977c19d

staging-app.creditogrupalia.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1011 kBTransfer

3491 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

staging-app.creditogrupalia.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1011 kB
Transfer

3491 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions