urlscan.io logo urlscan.io
SecurityTrails logo

www.jetim.app Open in urlscan Pro
46.20.146.44  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.jetim.app/wp-includes/css/dist/editor/liber
Effective URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147...
Submission: On April 22 via manual from RS — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 32 HTTP transactions. The main IP is 46.20.146.44, located in Turkey and belongs to DORATELEKOM, TR. The main domain is www.jetim.app.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.
This is the only time www.jetim.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicaja Banco (Banking)

Domain & IP information

IP Address AS Autonomous System
1 23 46.20.146.44 48737 (DORATELEKOM)
2 104.20.65.194 13335 (CLOUDFLAR...)
7 45.60.46.138 19551 (INCAPSULA)
32 4
Apex Domain
Subdomains		 Transfer
23 jetim.app
www.jetim.app
1021 KB
7 liberbank.es
www.liberbank.es
openbanking.liberbank.es
api-glbk.liberbank.es Failed
17 KB
2 browseranalytic.com
static.browseranalytic.com — Cisco Umbrella Rank: 183921
browseranalytic.com — Cisco Umbrella Rank: 147389
44 KB
32 3
Domain Requested by
23 www.jetim.app 1 redirects www.jetim.app
5 www.liberbank.es www.jetim.app
www.liberbank.es
1 api-glbk.liberbank.es www.liberbank.es
1 browseranalytic.com static.browseranalytic.com
1 openbanking.liberbank.es www.liberbank.es
1 static.browseranalytic.com www.jetim.app
32 6

This site contains links to these domains. Also see Links.

Domain
bonline.liberbank.es
Subject Issuer Validity Valid
jetim.app
R3		 2022-04-01 -
2022-06-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
www.liberbank.es
GeoTrust EV RSA CA 2018		 2021-11-08 -
2022-11-08		 a year crt.sh
www.openbanking.liberbank.es
GeoTrust EV RSA CA 2018		 2021-11-08 -
2022-11-08		 a year crt.sh
*.liberbank.es
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-04 -
2022-12-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Frame ID: 95FD8D2CC182592F40BC48D1CFF7782E
Requests: 31 HTTP requests in this frame

Frame: https://openbanking.liberbank.es//externals/crossLocalStorage/crssls.html
Frame ID: BE0A5A2F3D815CB5F68F39EF2070E308
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Liberbank - Banca a distancia Login

Page URL History Show full URLs

  1. https://www.jetim.app/wp-includes/css/dist/editor/liber HTTP 301
    https://www.jetim.app/wp-includes/css/dist/editor/liber/ Page URL
  2. https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

4
IPs

3
Countries

1082 kB
Transfer

1168 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jetim.app/wp-includes/css/dist/editor/liber HTTP 301
    https://www.jetim.app/wp-includes/css/dist/editor/liber/ Page URL
  2. https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.jetim.app/wp-includes/css/dist/editor/liber HTTP 301
  • https://www.jetim.app/wp-includes/css/dist/editor/liber/

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.jetim.app/wp-includes/css/dist/editor/liber/
Redirect Chain
  • https://www.jetim.app/wp-includes/css/dist/editor/liber
  • https://www.jetim.app/wp-includes/css/dist/editor/liber/
271 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29 PleskLin
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset-UTF-8;charset=UTF-8
Date
Fri, 22 Apr 2022 10:19:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.29 PleskLin

Redirect headers

Connection
Keep-Alive
Content-Length
264
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Apr 2022 10:19:49 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.jetim.app/wp-includes/css/dist/editor/liber/
Server
Apache
Primary Request tarjeta.php
www.jetim.app/wp-includes/css/dist/editor/liber/ 		15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29 PleskLin
Resource Hash
0845766b51b5090172dc8a8820703ed5ac537c2d3d106393fb826b949f0e2fb8

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Apr 2022 10:19:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.29 PleskLin
comunBEWEB.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		269 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/comunBEWEB.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
f4d9abe6e32b6036941da232e0a9ac66cbd6385eba641dc6218b56994093e30e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"10d-5dae0e1fc3ccd"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
269
bootstrap.min.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ 		152 KB
152 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/bootstrap.min.css
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"26074-5dae0e1fc831d"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
155764
fontliberbank.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ 		42 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fontliberbank.css
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
fec0ba217617567768cf19836d8d232ae6367b004601a95e02157f02b683896a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"a9bc-5dae0e1fc8ed5"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43452
login2.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
912c6078ded7261aff68cb283701e2c48cd4df8a8018ef36fa1ae04a429047d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2341-5dae0e1fcc19d"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9025
fingerTouch.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fingerTouch.css
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
8f7839d5e901ee2c037075a68df9d4842ab1fd568c0260a953506d8335fdd782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"1a09-5dae0e1fc8aed"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6665
notificacion-instantanea.css
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/notificacion-instantanea.css
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
967ea61805db509cba410edf41ebde992257126c0ce7325b91b6970056c5d06a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"415-5dae0e1fcc96d"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1045
jquery.bd.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/jquery.bd.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
3b1843bec7c7e4ac73c12bae641613aa8d0d9929c8e22c2071636e00742aa139

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"15d98-5dae0e1fc4885"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89496
notificacion-instantanea.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/notificacion-instantanea.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
374107df898e5eb08c8890ad18a8238cf801fec5ae4e91f02d3cbcd754916d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"511-5dae0e1fc5825"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1297
t_scrolltextvertical.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/t_scrolltextvertical.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
d8fc860a81de6871da24f9eb748c2e7147593856e9eff8962d042a587d96ef5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"1192-5dae0e1fc5ff5"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4498
MOD3.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/MOD3.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
2357e34b199e2f309e45f58124eddb1073afbe96ce34933910f2f816e4191f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"3eee-5dae0e1fc5825"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
16110
funAjax.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/funAjax.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
02f3c7cb3c8e61cc3bcc5346aeb2467514c2c948ade392ed0f7be601bfdd9d7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"c6d-5dae0e1fc40b5"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3181
placeholder-min.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/placeholder-min.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
c75160fe66803906a5e28e4a600138c685fc474cc70a132a578be319d9d50721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"10ab-5dae0e1fc5c0d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4267
media_analyticsv2.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		997 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/media_analyticsv2.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
3bc5dbc23602ccba9316cda0bb1c4d972d5e9195b8758d9cefe7d6ad4f84bd9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"3e5-5dae0e1fc5055"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
997
cross-config.js
www.jetim.app/wp-includes/css/dist/editor/liber/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/js/cross-config.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
7edaf7b4715af2f38503af82a50f64a97b84a0727954a629367250cf71e2bd8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"1854-5dae0e1fc3ccd"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6228
bcaptcha.js
static.browseranalytic.com/js/d3d3LmpldGltLmFwcA==/596b2381/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.browseranalytic.com/js/d3d3LmpldGltLmFwcA==/596b2381/bcaptcha.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/js/media_analyticsv2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.65.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7253adf3b3de95c12a032768c9ad39b71027ad52cbef57e4786697187bf088d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:46 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amzn-remapped-content-length
111496
x-amzn-requestid
4cf79ae1-3fe6-4576-b126-e6f088c10cf6
cf-cache-status
EXPIRED
x-amz-apigw-id
Q-kGMHVKjoEFzLg=
content-length
37683
last-modified
Thu, 21 Apr 2022 19:30:09 GMT
server
cloudflare
x-amzn-trace-id
Root=1-6262808d-0c28903679d97cdf0af7e2d9;Sampled=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6ffd9b15eee05c7a-FRA
cross-domain.js
www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/js/cross-config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
31f751e8a661364752adbca62a1a1b0d5cae8d751aebfc4c6a424f03a936fa4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:45 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 11:04:28 GMT
x-cdn
Imperva
etag
W/"619f6dbc-1f01"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-iinfo
11-31397488-0 0CNN RT(1650622605273 56) q(0 -1 -1 1) r(0 -1)
cache-control
max-age=0
content-length
1959
notifications.json
www.liberbank.es/api/ 		2 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.liberbank.es/api/notifications.json
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/js/jquery.bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://www.google.com https://bancaadistancia.liberbank.es https://www.facebook.com/tr/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://sc-static.net https://static.ads-twitter.com https://*.twitter.com https://storage.googleapis.com https://*.google.com https://www.gstatic.com https://use.fontawesome.com https://use.typekit.net/lzp0kbu.js https://maps.googleapis.com https://bedesa-liberbank.ceca.es https://cse.google.com https://www.googletagmanager.com https://www.google-analytics.com *.hotjar.com https://www.googleadservices.com https://bat.bing.com https://track.adform.net https://bonline.liberbank.es *.browseranalytic.com browseranalytic.com https://player.vimeo.com/api/player.js https://piwik.lander.net/piwik.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/ https://bancaadistancia.liberbank.es https://connect.facebook.net https://www.facebook.com/tr/ https://tagmanager.google.com/debug https://service.force.com https://liberbankit.my.salesforce.com https://d.la1-c1-frf.salesforceliveagent.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v3_playstation/ https://tagmanager.google.com https://*.liberbank.es https://s2.adform.net https://www.tarjetaplaystation.com/system/wilson_cms/files_store/cookies_v5_playstation/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://p.typekit.net https://*.google.com https://service.force.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v3_playstation/ https://www.liberbank.es/system/wilson_cms/files_store/cookies_v5_wp/ https://tagmanager.google.com;img-src 'self' https://t.co https://www.norbolsa.es data: https://p.typekit.net https://maps.gstatic.com/ https://maps.googleapis.com/ https://www.googleapis.com https://www.google.com https://clients1.google.com https://ssl.gstatic.com https://www.google-analytics.com https://bat.bing.com https://www.google.es https://www.googletagmanager.com *.browseranalytic.com browseranalytic.com https://www.facebook.com/tr/ https://clean.tracksacai.com https://tbl.tradedoubler.com https://afinia.uinterbox.com https://openlead.bankimia.com https://atrapacredito.go2cloud.org https://liberbankit--devcc2--c.cs84.visual.force.com https://liberbankit--devcc2.cs84.my.salesforce.com https://www.liberbank.es https://www.gstatic.com;connect-src 'self' https://stats.g.doubleclick.net https://*.google.com https://bat.bing.com https://api.liberbank.es https://api.liberbank.es:80 https://lbkapi-pre.vorago.es https://in.hotjar.com https://sentry.hotjar.com/ *.browseranalytic.com browseranalytic.com https://www.facebook.com/tr/ https://cse.google.com https://api-glbk.liberbank.es https://devcc4-onboardinglbk.cs109.force.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v4_playstation/ https://www.liberbank.es/system/wilson_cms/files_store/cookies_v5_wp/ https://ws1.premiumnumbers.es/C2M/C2M/NLL/pgXrgNiYWTnjRyy03oavuViq1osOt96N/ https://www.google-analytics.com wss://*.hotjar.com https://maps.googleapis.com;font-src 'self' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://www.facebook.com/tr/ data:;object-src 'self';media-src 'self' https://www.liberbank.es;sandbox allow-forms allow-scripts allow-modals allow-popups allow-presentation allow-same-origin allow-popups-to-escape-sandbox allow-top-navigation allow-downloads;report-uri /some-report-uri;child-src 'self' https://*.snapchat.com https://www.facebook.com https://*.google.com https://bancaadistancia.liberbank.es https://portalprov.liberbank.es/ https://bedesa-liberbank.ceca.es https://cse.google.com https://vars.hotjar.com https://bonline.liberbank.es https://www.youtube.com https://track.adform.net https://player.vimeo.com https://vimeo.com https://service.force.com https://*.liberbank.es https://web.unicajabanco.es/ https://openbanking.liberbank.es;form-action 'self' https://*.snapchat.com https://bancaadistancia.liberbank.es https://api.liberbank.es https://www.facebook.com/tr/;frame-ancestors 'self' https://openbanking.liberbank.es;plugin-types application/pdf;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.jetim.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-iinfo
4-32208467-32197808 pNYN RT(1650622605388 56) q(0 0 0 0) r(4 5) U2
x-xss-protection
1; mode=block
x-request-id
f036d12c-79a6-4c98-b2ed-e16f18d75fe6
x-runtime
0.031153
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade
x-frame-options
SAMEORIGIN, SAMEORIGIN
etag
W/"4f53cda18c2baa0c0354bb5f9a3ecbe5"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src 'self' https://www.google.com https://bancaadistancia.liberbank.es https://www.facebook.com/tr/;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://sc-static.net https://static.ads-twitter.com https://*.twitter.com https://storage.googleapis.com https://*.google.com https://www.gstatic.com https://use.fontawesome.com https://use.typekit.net/lzp0kbu.js https://maps.googleapis.com https://bedesa-liberbank.ceca.es https://cse.google.com https://www.googletagmanager.com https://www.google-analytics.com *.hotjar.com https://www.googleadservices.com https://bat.bing.com https://track.adform.net https://bonline.liberbank.es *.browseranalytic.com browseranalytic.com https://player.vimeo.com/api/player.js https://piwik.lander.net/piwik.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/ https://bancaadistancia.liberbank.es https://connect.facebook.net https://www.facebook.com/tr/ https://tagmanager.google.com/debug https://service.force.com https://liberbankit.my.salesforce.com https://d.la1-c1-frf.salesforceliveagent.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v3_playstation/ https://tagmanager.google.com https://*.liberbank.es https://s2.adform.net https://www.tarjetaplaystation.com/system/wilson_cms/files_store/cookies_v5_playstation/;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://p.typekit.net https://*.google.com https://service.force.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v3_playstation/ https://www.liberbank.es/system/wilson_cms/files_store/cookies_v5_wp/ https://tagmanager.google.com;img-src 'self' https://t.co https://www.norbolsa.es data: https://p.typekit.net https://maps.gstatic.com/ https://maps.googleapis.com/ https://www.googleapis.com https://www.google.com https://clients1.google.com https://ssl.gstatic.com https://www.google-analytics.com https://bat.bing.com https://www.google.es https://www.googletagmanager.com *.browseranalytic.com browseranalytic.com https://www.facebook.com/tr/ https://clean.tracksacai.com https://tbl.tradedoubler.com https://afinia.uinterbox.com https://openlead.bankimia.com https://atrapacredito.go2cloud.org https://liberbankit--devcc2--c.cs84.visual.force.com https://liberbankit--devcc2.cs84.my.salesforce.com https://www.liberbank.es https://www.gstatic.com;connect-src 'self' https://stats.g.doubleclick.net https://*.google.com https://bat.bing.com https://api.liberbank.es https://api.liberbank.es:80 https://lbkapi-pre.vorago.es https://in.hotjar.com https://sentry.hotjar.com/ *.browseranalytic.com browseranalytic.com https://www.facebook.com/tr/ https://cse.google.com https://api-glbk.liberbank.es https://devcc4-onboardinglbk.cs109.force.com https://onboardinglbk.secure.force.com https://www.liberbank.es/system/wilson_cms/files_store/cookies_v4_playstation/ https://www.liberbank.es/system/wilson_cms/files_store/cookies_v5_wp/ https://ws1.premiumnumbers.es/C2M/C2M/NLL/pgXrgNiYWTnjRyy03oavuViq1osOt96N/ https://www.google-analytics.com wss://*.hotjar.com https://maps.googleapis.com;font-src 'self' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://www.facebook.com/tr/ data:;object-src 'self';media-src 'self' https://www.liberbank.es;sandbox allow-forms allow-scripts allow-modals allow-popups allow-presentation allow-same-origin allow-popups-to-escape-sandbox allow-top-navigation allow-downloads;report-uri /some-report-uri;child-src 'self' https://*.snapchat.com https://www.facebook.com https://*.google.com https://bancaadistancia.liberbank.es https://portalprov.liberbank.es/ https://bedesa-liberbank.ceca.es https://cse.google.com https://vars.hotjar.com https://bonline.liberbank.es https://www.youtube.com https://track.adform.net https://player.vimeo.com https://vimeo.com https://service.force.com https://*.liberbank.es https://web.unicajabanco.es/ https://openbanking.liberbank.es;form-action 'self' https://*.snapchat.com https://bancaadistancia.liberbank.es https://api.liberbank.es https://www.facebook.com/tr/;frame-ancestors 'self' https://openbanking.liberbank.es;plugin-types application/pdf;
fontliberbank.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		446 KB
446 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/fontliberbank.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fontliberbank.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
fb995b5802ee7c3b4160d8f2addbe92d8defc8c80c86bec9fe7ab8a5bd2bdd36

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fontliberbank.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"6f8a8-5dae0e1fcae15"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
456872
OpenSans-Bold.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		219 KB
220 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-Bold.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PleskLin
Resource Hash
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Last-Modified
Wed, 23 Mar 2022 11:18:02 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"36d50-5dae0e1fcbdb5"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
224592
OpenSans-SemiBold.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-SemiBold.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29, PleskLin
Resource Hash

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Server
Apache
X-Powered-By
PHP/7.4.29, PleskLin
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.jetim.app/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=97
Expires
Wed, 11 Jan 1984 05:00:00 GMT
OpenSans-Regular.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-Regular.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29, PleskLin
Resource Hash

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Server
Apache
X-Powered-By
PHP/7.4.29, PleskLin
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.jetim.app/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=97
Expires
Wed, 11 Jan 1984 05:00:00 GMT
OpenSans-SemiBoldItalic.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-SemiBoldItalic.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29, PleskLin
Resource Hash

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Server
Apache
X-Powered-By
PHP/7.4.29, PleskLin
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.jetim.app/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
OpenSans-Italic.ttf
www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-Italic.ttf
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.20.146.44 , Turkey, ASN48737 (DORATELEKOM, TR),
Reverse DNS
static.kriweb.com
Software
Apache / PHP/7.4.29, PleskLin
Resource Hash

Request headers

Referer
https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/login2.css
Origin
https://www.jetim.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 22 Apr 2022 10:19:50 GMT
Server
Apache
X-Powered-By
PHP/7.4.29, PleskLin
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://www.jetim.app/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=95
Expires
Wed, 11 Jan 1984 05:00:00 GMT
crssls.html
openbanking.liberbank.es//externals/crossLocalStorage/ Frame BE0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://openbanking.liberbank.es//externals/crossLocalStorage/crssls.html
Requested by
Host: www.liberbank.es
URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://openbanking.liberbank.es https://developer.liberbank.es https://api-glbk.liberbank.es; connect-src 'self' https://developer.liberbank.es https://api-glbk.liberbank.es; img-src 'self' https://openbanking.liberbank.es https://developer.liberbank.es https://api-glbk.liberbank.es https://fonts.googleapis.com https://api-glbk.liberbank.es; style-src 'self' 'unsafe-inline' https://openbanking.liberbank.es https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; media-src 'self'; object-src 'self'; frame-ancestors https://*.unicajabanco.es https://*.liberbank.es https://www.tarjetaplaystation.com https://www.liberbankbancaprivada.com;
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.jetim.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://openbanking.liberbank.es https://developer.liberbank.es https://api-glbk.liberbank.es; connect-src 'self' https://developer.liberbank.es https://api-glbk.liberbank.es; img-src 'self' https://openbanking.liberbank.es https://developer.liberbank.es https://api-glbk.liberbank.es https://fonts.googleapis.com https://api-glbk.liberbank.es; style-src 'self' 'unsafe-inline' https://openbanking.liberbank.es https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; media-src 'self'; object-src 'self'; frame-ancestors https://*.unicajabanco.es https://*.liberbank.es https://www.tarjetaplaystation.com https://www.liberbankbancaprivada.com;
content-type
text/html; charset=UTF-8
date
Fri, 22 Apr 2022 10:16:46 GMT
etag
W/"b5-17eb5c552f8"
last-modified
Tue, 01 Feb 2022 14:51:55 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=300
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
DENY
x-iinfo
14-69536021-69529246 pNYy RT(1650622605515 27) q(0 0 0 2) r(1 1) U12
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
cookies.js
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies/cookies.js?v=
Requested by
Host: www.jetim.app
URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/js/cross-config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e76034bcf950755c9756aac114cbc579a8a3199eddcb9edbebc2302c37f39fdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:46 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 11:48:55 GMT
x-cdn
Imperva
etag
W/"5f2bee27-3965"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
x-iinfo
11-31397488-0 0CNN RT(1650622605273 771) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
4587
cookies-config.json
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies// 		419 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies//cookies-config.json
Requested by
Host: www.liberbank.es
URL: https://www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies/cookies.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8d56d9d38e59acc091c855d8cb7cb4fd4ece6176dd9300829c0d1d53969f69c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:47 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 09:16:08 GMT
x-cdn
Imperva
etag
"5f929f58-1a3"
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
x-iinfo
4-32208467-32197808 pNYN RT(1650622605388 1202) q(0 0 0 0) r(1 1) U12
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
captcha.php
browseranalytic.com/15701be3/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browseranalytic.com/15701be3/captcha.php?j=1c1c1d1e1k1c1j1h2r1j2p1d1g1c1j1c2u2q2q2t2s2p2p1l2s1e2r1h1g2s1h2t1e1j2r2t2s1c2p2r2s1h1k1i1f2u2u2u2r1j1c2u2r1l1i2r1f1i1j2p2s1j1d2s2t1e1k1e1e2q1h1k1f1f1l1h1d1d2s1k2r1g1g1d1k1i2t2r1d2t2p1l1k1h1k1d2s2u1j1c2s1i2q2p1l2t1h2q2q1f1c1l2p2q2r1j1g1k1d2s1h1e1h1c1h2r2p1h1g2t1g1c1l6e3g3z011z4l0w2i1z6c2d3l6l3n5m6u544a1p2u3n0x0c612e2x0c2y493245162f1p145b231p4s121i43445q2k5k5u3d2c0y5s321n6n0m2z3x6j4z2n3v6o086x4q6q1g482e6j1e3f2h5f4z1z1z3j1m06443f1p500v70556k3x0w1p3a22524a0a5r016f1h043g4b3t196w5c181310361m6w4u534k3p2w4s4c0f5m0r5k2f096e0w3z4n521v6x5y6j2p4j6x5w58075j0r2n5h6i5123642w360e0e054217221t113l224t4r5p1r1m6v5i5e596e6d0e0m4w6r0338575v4u1a123e2b514o47470h671r2t4u583z22093j5g0c4c1t720e0y0v1o3h3k2t35373f6j6x3b3b&c=UjhWLKLJGgHaIDKMIdMkk1c1c1d1e1k1c1j1
Requested by
Host: static.browseranalytic.com
URL: https://static.browseranalytic.com/js/d3d3LmpldGltLmFwcA==/596b2381/bcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.65.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae555cea5cb1e1ac2a436b5fb743d3a2547c349d785253d443e1301d0459543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-credentials
true
cf-ray
6ffd9b1e1cc15c7a-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Accept-Encoding
cookies.css
www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies// 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies//cookies.css?1650622607085
Requested by
Host: www.liberbank.es
URL: https://www.liberbank.es/system/wilson_cms/files_store/cookies_bd/externals/cookies/cookies.js?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
37e0008f813fbdfadd2da12fafb554a13148d224bbb84da9067b03ddc379bea3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.liberbank.es https://realmadrid.unicajabanco.es/ https://www.google.com https://www.facebook.com/tr/ https://api.liberbank.es:80 https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.webpushr.com https://snap.licdn.com https://www.youtube.com https://www.norbolsa.es https://analytics.twitter.com https://www.liberbank.es https://realmadrid.unicajabanco.es/ https://static.ads-twitter.com https://www.google-analytics.com https://www.googletagmanager.com https://*.google.com https://storage.googleapis.com https://www.gstatic.com https://use.fontawesome.com https://use.typekit.net/lzp0kbu.js https://maps.googleapis.com *.hotjar.com https://www.googleadservices.com https://bat.bing.com https://track.adform.net https://googleads.g.doubleclick.net *.browseranalytic.com browseranalytic.com https://player.vimeo.com/api/player.js https://piwik.lander.net/piwik.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/ https://connect.facebook.net https://service.force.com https://liberbankit.my.salesforce.com https://d.la1-c1-frf.salesforceliveagent.com https://onboardinglbk.secure.force.com https://s2.adform.net https://www.tarjetaplaystation.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://p.typekit.net https://*.google.com https://service.force.com https://onboardinglbk.secure.force.com;img-src 'self' https://*.googleapis.com https://*.kxcdn.com https://cdn.webpushr.com https://px.ads.linkedin.com https://t.co https://www.google-analytics.com https://*.google.com https://www.facebook.com https://www.norbolsa.es data: https://p.typekit.net https://maps.gstatic.com/ https://maps.googleapis.com/ https://www.googleapis.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://bat.bing.com https://www.google.es *.browseranalytic.com browseranalytic.com https://googleads.g.doubleclick.net https://clean.tracksacai.com https://tbl.tradedoubler.com https://afinia.uinterbox.com https://openlead.bankimia.com https://atrapacredito.go2cloud.org https://liberbankit--devcc2--c.cs84.visual.force.com https://liberbankit--devcc2.cs84.my.salesforce.com https://www.gstatic.com;connect-src 'self' https://*.webpushr.com wss://*.hotjar.com https://bat.bing.com https://*.google.es https://www.facebook.com https://www.liberbank.es https://realmadrid.unicajabanco.es/ https://bat.bing.com https://*.google.com https://*.google.es https://www.google-analytics.com https://lbk-asistente-pro-principal.appspot.com https://vc.hotjar.io https://api.liberbank.es https://api-glbk.liberbank.es https://lbkapi-pre.vorago.es https://*.hotjar.com/ *.browseranalytic.com browseranalytic.com https://stats.g.doubleclick.net https://devcc4-onboardinglbk.cs109.force.com https://onboardinglbk.secure.force.com https://ws1.premiumnumbers.es;font-src 'self' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://www.facebook.com/tr/;object-src 'self';media-src 'self';sandbox allow-forms allow-scripts allow-modals allow-popups allow-presentation allow-same-origin allow-popups-to-escape-sandbox allow-top-navigation;child-src 'self' https://portalprov.liberbank.es https://www.facebook.com https://openbanking.liberbank.es https://bedesa-liberbank.ceca.es https://*.google.com https://vars.hotjar.com https://www.youtube.com https://track.adform.net https://player.vimeo.com https://*.fls.doubleclick.net https://vimeo.com https://service.force.com;form-action 'self' https://www.facebook.com/tr/;frame-ancestors 'self';plugin-types application/pdf;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.jetim.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 10:16:47 GMT
content-encoding
gzip
last-modified
Thu, 06 Aug 2020 11:48:46 GMT
x-cdn
Imperva
etag
W/"5f2bee1e-1b32"
x-frame-options
SAMEORIGIN
content-type
text/css
x-iinfo
11-31397488-31396789 2NNN RT(1650622605273 1295) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=0
content-security-policy
default-src 'self' https://*.liberbank.es https://realmadrid.unicajabanco.es/ https://www.google.com https://www.facebook.com/tr/ https://api.liberbank.es:80 https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.webpushr.com https://snap.licdn.com https://www.youtube.com https://www.norbolsa.es https://analytics.twitter.com https://www.liberbank.es https://realmadrid.unicajabanco.es/ https://static.ads-twitter.com https://www.google-analytics.com https://www.googletagmanager.com https://*.google.com https://storage.googleapis.com https://www.gstatic.com https://use.fontawesome.com https://use.typekit.net/lzp0kbu.js https://maps.googleapis.com *.hotjar.com https://www.googleadservices.com https://bat.bing.com https://track.adform.net https://googleads.g.doubleclick.net *.browseranalytic.com browseranalytic.com https://player.vimeo.com/api/player.js https://piwik.lander.net/piwik.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/ https://connect.facebook.net https://service.force.com https://liberbankit.my.salesforce.com https://d.la1-c1-frf.salesforceliveagent.com https://onboardinglbk.secure.force.com https://s2.adform.net https://www.tarjetaplaystation.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://p.typekit.net https://*.google.com https://service.force.com https://onboardinglbk.secure.force.com;img-src 'self' https://*.googleapis.com https://*.kxcdn.com https://cdn.webpushr.com https://px.ads.linkedin.com https://t.co https://www.google-analytics.com https://*.google.com https://www.facebook.com https://www.norbolsa.es data: https://p.typekit.net https://maps.gstatic.com/ https://maps.googleapis.com/ https://www.googleapis.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://bat.bing.com https://www.google.es *.browseranalytic.com browseranalytic.com https://googleads.g.doubleclick.net https://clean.tracksacai.com https://tbl.tradedoubler.com https://afinia.uinterbox.com https://openlead.bankimia.com https://atrapacredito.go2cloud.org https://liberbankit--devcc2--c.cs84.visual.force.com https://liberbankit--devcc2.cs84.my.salesforce.com https://www.gstatic.com;connect-src 'self' https://*.webpushr.com wss://*.hotjar.com https://bat.bing.com https://*.google.es https://www.facebook.com https://www.liberbank.es https://realmadrid.unicajabanco.es/ https://bat.bing.com https://*.google.com https://*.google.es https://www.google-analytics.com https://lbk-asistente-pro-principal.appspot.com https://vc.hotjar.io https://api.liberbank.es https://api-glbk.liberbank.es https://lbkapi-pre.vorago.es https://*.hotjar.com/ *.browseranalytic.com browseranalytic.com https://stats.g.doubleclick.net https://devcc4-onboardinglbk.cs109.force.com https://onboardinglbk.secure.force.com https://ws1.premiumnumbers.es;font-src 'self' https://fonts.googleapis.com http://maxcdn.bootstrapcdn.com https://fonts.gstatic.com https://use.typekit.net https://use.fontawesome.com https://cdnjs.cloudflare.com https://www.facebook.com/tr/;object-src 'self';media-src 'self';sandbox allow-forms allow-scripts allow-modals allow-popups allow-presentation allow-same-origin allow-popups-to-escape-sandbox allow-top-navigation;child-src 'self' https://portalprov.liberbank.es https://www.facebook.com https://openbanking.liberbank.es https://bedesa-liberbank.ceca.es https://*.google.com https://vars.hotjar.com https://www.youtube.com https://track.adform.net https://player.vimeo.com https://*.fls.doubleclick.net https://vimeo.com https://service.force.com;form-action 'self' https://www.facebook.com/tr/;frame-ancestors 'self';plugin-types application/pdf;
strict-transport-security
max-age=31536000; includeSubDomains
public
api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/ 		0
0
public
api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/public
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.138 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.jetim.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, authorization, X-LBK-User-FingerPrint
access-control-allow-methods
GET,POST,PUT
access-control-expose-headers
Location
content-encoding
gzip
content-security-policy
default-src 'none'
strict-transport-security
max-age=86400; includeSubDomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
deny
x-iinfo
12-45987838-45987843 NNNN CT(53 43 0) RT(1650622606803 19) q(0 0 1 1) r(3 3) U5
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4afec46e2f8aa819bcbb8d191d81dd1189c6d5f1e6c2e5467967908ab2cef3bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-glbk.liberbank.es
URL
https://api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/public

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicaja Banco (Banking)

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| lanzaAction function| cambiaAction function| $ function| jQuery object| notificacionMsg function| cargarNotificacionInstantanea function| mostrarNotificacionInstantanea function| iconoMensaje function| lib_bwcheck object| bw number| speed undefined| loop undefined| timer function| makeObj string| px function| moveIt function| goDown function| goUp function| goRight function| goLeft function| scrollado function| noScroll boolean| scrolltextLoaded function| scrolltextInit boolean| scrolltextLoaded2 function| scrolltextInit2 function| des function| des_createKeys function| hexToString function| stringToHex function| MOD function| MOD_ECB function| MiAjax function| getData object| ajaxJQ object| Placeholders object| _0x318d function| _0x9e81 object| _0x169454 number| _0x3faa46 object| _0x351254 object| _0x16432a object| _0x5dfb22 string| cookiesPath string| cookiesParam function| initCrossDomain function| initContenedor function| getCodigoGTM function| initDatalayer function| processParams function| getParamList function| getParam function| __getParamFromURL function| getOptions function| getPathInfo function| getCookiesPath function| getViewPath function| inyectarCrossConfig function| inyectarCrossDomain function| inyectarCookies function| inyectarCookiesLoader function| inyectarScript function| getUrlGtmScript string| esApp string| ponmesiespc number| ancho number| alto string| PAN1 string| urlNuevoSello string| ajaxSello number| ctrlsubmit function| valida function| compruebaInfocaja function| iniciar function| iniciarOk function| abrecontratacion function| veracceso function| atras function| recomendaciones function| verseguridad function| verproblemas function| submitenter function| mostrarAyudaInputPan function| mostrarInputsPin function| comprobarFooter function| eventTrack function| clickEnlace function| changeCookiesConfig function| abrirDialogo function| cerrarPopup function| validarFormulario string| cdframe_host number| cdstatus object| cdframe number| cdcounter number| cdinterval object| cdcontentWindow string| cdrandId string| cdUtmSource string| cdUtmCampaign string| cdUtmMedium string| cdUtmTerm function| cdHandleMessage function| cdGetK function| cdSetKV function| cdSetObject function| objectToString function| transformObjectString function| cdGenerateRandId function| cdGetUrlSource function| cdGetUrlMedium function| cdGetUrlCampaign function| cdGetUrlTerm function| cdGetCookies function| configCrossDomain object| _0x1817 function| _0x5226 function| _0x17df32 undefined| cookies undefined| cookiesModalIframe undefined| date undefined| localData object| config undefined| acceptButton undefined| personalizeButton undefined| cookieSelector undefined| cookieBand undefined| cookieIframe function| main function| loadConfig function| getCookies function| acceptCookies function| injectScript function| personalizeCookies function| acceptedCookies function| initCookiesPreferences function| messageListener function| sendCookiesToModal function| showModalCookie function| toggleModal function| processCookies function| setCookies function| _auxiliarCookies function| checkCookiesRejected string| scriptSrcSan string| field object| array function| UjhWLKLJGgHaIDKMIdMkk1c1c1d1e1k1c1j1 string| jsString

7 Cookies

Domain/Path Name / Value
www.jetim.app/ Name: PHPSESSID
Value: ba5sft3cu50bvaf7423u1nlqh8
.liberbank.es/ Name: visid_incap_2055692
Value: fyD2bdefQZCSdEbI9Wf01Y2AYmIAAAAAQUIPAAAAAADdHbHWvBwTThpvHXb4gcYB
.liberbank.es/ Name: incap_ses_730_2055692
Value: 1oDsaN+n02+JN3A2wHshCo2AYmIAAAAAoml8sgzOQ/O06NsByM3KUA==
.liberbank.es/ Name: nlbi_2202498
Value: R8ZBDFNOnjxXN6tQh5sGRgAAAACC4C7tXdWqH1p5+RtH3hMo
.liberbank.es/ Name: visid_incap_2202498
Value: COjCu+8tRZKLrEd/v/H2e42AYmIAAAAAQUIPAAAAAADZLKwunKOLO4Oc5QlNMimS
.liberbank.es/ Name: incap_ses_1095_2202498
Value: TfjmdLgmBx8g9noTdDkyD42AYmIAAAAAaH1YfeJ2ZOLgorGiJ8DECA==
.liberbank.es/ Name: nlbi_2055692
Value: RPfyJoyQnhtv84nrSmV2mAAAAABVEEP03n98uyE8oh0qXWpc

13 Console Messages

Source Level URL
Text
security error
Message:
Refused to frame 'https://openbanking.liberbank.es/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://*.unicajabanco.es https://*.liberbank.es https://www.tarjetaplaystation.com https://www.liberbankbancaprivada.com".
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
security error URL: https://www.liberbank.es/system/wilson_cms/files_store/cross-domain-new/cross-domain.js(Line 125)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://openbanking.liberbank.es') does not match the recipient window's origin ('null').
network error URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-SemiBold.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-SemiBoldItalic.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/lib/css/fonts/OpenSans-Italic.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://www.jetim.app/wp-includes/css/dist/editor/liber/tarjeta.php?ip=695853626code=113137617&id=52206474&country=147551634
Message:
Access to XMLHttpRequest at 'https://api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/public' from origin 'https://www.jetim.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api-glbk.liberbank.es/externo/produccion/liberneo/v1.2/cookies/public
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-glbk.liberbank.es
browseranalytic.com
openbanking.liberbank.es
static.browseranalytic.com
www.jetim.app
www.liberbank.es
api-glbk.liberbank.es
104.20.65.194
45.60.46.138
46.20.146.44
02f3c7cb3c8e61cc3bcc5346aeb2467514c2c948ade392ed0f7be601bfdd9d7a
0845766b51b5090172dc8a8820703ed5ac537c2d3d106393fb826b949f0e2fb8
0ae555cea5cb1e1ac2a436b5fb743d3a2547c349d785253d443e1301d0459543
2357e34b199e2f309e45f58124eddb1073afbe96ce34933910f2f816e4191f88
31f751e8a661364752adbca62a1a1b0d5cae8d751aebfc4c6a424f03a936fa4f
374107df898e5eb08c8890ad18a8238cf801fec5ae4e91f02d3cbcd754916d86
37e0008f813fbdfadd2da12fafb554a13148d224bbb84da9067b03ddc379bea3
3b1843bec7c7e4ac73c12bae641613aa8d0d9929c8e22c2071636e00742aa139
3bc5dbc23602ccba9316cda0bb1c4d972d5e9195b8758d9cefe7d6ad4f84bd9b
4afec46e2f8aa819bcbb8d191d81dd1189c6d5f1e6c2e5467967908ab2cef3bb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
7edaf7b4715af2f38503af82a50f64a97b84a0727954a629367250cf71e2bd8a
8d56d9d38e59acc091c855d8cb7cb4fd4ece6176dd9300829c0d1d53969f69c6
8f7839d5e901ee2c037075a68df9d4842ab1fd568c0260a953506d8335fdd782
912c6078ded7261aff68cb283701e2c48cd4df8a8018ef36fa1ae04a429047d4
967ea61805db509cba410edf41ebde992257126c0ce7325b91b6970056c5d06a
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
b7253adf3b3de95c12a032768c9ad39b71027ad52cbef57e4786697187bf088d
c75160fe66803906a5e28e4a600138c685fc474cc70a132a578be319d9d50721
d8fc860a81de6871da24f9eb748c2e7147593856e9eff8962d042a587d96ef5c
e76034bcf950755c9756aac114cbc579a8a3199eddcb9edbebc2302c37f39fdc
f4d9abe6e32b6036941da232e0a9ac66cbd6385eba641dc6218b56994093e30e
fb995b5802ee7c3b4160d8f2addbe92d8defc8c80c86bec9fe7ab8a5bd2bdd36
fec0ba217617567768cf19836d8d232ae6367b004601a95e02157f02b683896a