www.daviplata.com Open in urlscan Pro
45.60.243.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cancelaciones.securesreddavi00.go.yj.fr/pws.php
Effective URL:
https://www.daviplata.com/
Submission Tags: @phish_report
Submission: On August 23 via api (August 23rd 2023, 5:44:45 pm UTC) from FI — Scanned from FR

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 45.60.243.138, located in United States and belongs to INCAPSULA, US. The main domain is www.daviplata.com. The Cisco Umbrella rank of the primary domain is 719488.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 16th 2023. Valid for: a year.

This is the only time www.daviplata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.16.129.199 199.16.129.199	53589 (PLANETHOS...) (PLANETHOSTER-8)
1 1	45.60.241.138 45.60.241.138	19551 (INCAPSULA) (INCAPSULA)
7	45.60.243.138 45.60.243.138	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	45.60.197.231 45.60.197.231	19551 (INCAPSULA) (INCAPSULA)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
25	7

1 199.16.129.199 (Canada) 1 redirects

ASN53589 (PLANETHOSTER-8, CA)
PTR: node17-ca.n0c.com

cancelaciones.securesreddavi00.go.yj.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.241.138 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

daviplata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.243.138 (United States)

ASN19551 (INCAPSULA, US)

www.daviplata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.197.231 (United States)

ASN19551 (INCAPSULA, US)

www.davivienda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gstatic.com fonts.gstatic.com www.gstatic.com	645 KB
8	daviplata.com 1 redirects daviplata.com — Cisco Umbrella Rank: 596172 www.daviplata.com — Cisco Umbrella Rank: 719488	101 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	34 KB
1	davivienda.com www.davivienda.com — Cisco Umbrella Rank: 191906
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	1 KB
1	yj.fr 1 redirects cancelaciones.securesreddavi00.go.yj.fr	146 B
25	6

	Domain	Requested by
7	www.daviplata.com	www.daviplata.com
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.daviplata.com www.gstatic.com www.google.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
1	www.davivienda.com	www.daviplata.com
1	fonts.googleapis.com	www.daviplata.com
1	daviplata.com	1 redirects
1	cancelaciones.securesreddavi00.go.yj.fr	1 redirects
25	8

This site contains no links.

Subject Issuer	Validity	Valid
www.daviplata.com GlobalSign RSA OV SSL CA 2018	`2023-03-16` - `2024-04-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.davivienda.com DigiCert EV RSA CA G2	`2022-10-06` - `2023-10-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.daviplata.com/
Frame ID: EBF1BD5DD61D599067332440F818087D
Requests: 7 HTTP requests in this frame

Frame: https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET
Frame ID: 7751CE9AD6A59D336377370E856F3993
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuZGF2aXBsYXRhLmNvbTo0NDM.&hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rk2kwecuf97j
Frame ID: 3A2E9EC4C0CCA014ABCC71D005B6658B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62
Frame ID: BBAC4822A29AA50B9EDF5767EF684097
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cancelaciones.securesreddavi00.go.yj.fr/pws.php HTTP 302
https://daviplata.com/ HTTP 301
https://www.daviplata.com/ Page URL

Detected technologies

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

25
Requests

88 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

780 kB
Transfer

2009 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cancelaciones.securesreddavi00.go.yj.fr/pws.php HTTP 302
https://daviplata.com/ HTTP 301
https://www.daviplata.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.daviplata.com/
Redirect Chain

https://cancelaciones.securesreddavi00.go.yj.fr/pws.php
https://daviplata.com/
https://www.daviplata.com/

1017 B
2 KB

74ms
29ms

Document
text/html

45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fefc0d28fb281e72ed59d680eafa99bc7a3856322853121578d5b19b41df0e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache
content-length: 1017
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 5-52489721-0 NNNN RT(1692812679331 26) q(0 -1 -1 1) r(0 -1) B12(14,0,0) U18

Redirect headers

content-length: 0
location: https://www.daviplata.com/
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 _Incapsula_Resource Show response
www.daviplata.com/ 138 KB
20 KB 30ms
30ms Script
application/javascript 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e6efc06b33e30886f839e844faabf9183f0945b99c841cbe72e545c61d483d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19988
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript

GET
H2 200 Mercifull-is-so-Trum-alone-to-faire-dothen-fough Show response
www.daviplata.com/ 237 KB
76 KB 74ms
73ms Script
text/javascript 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/Mercifull-is-so-Trum-alone-to-faire-dothen-fough

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

bon /

Resource Hash

186e00e3e2776d89d6a22bd01cf16259108813c5d38ad9feec16f165b7a6d48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:44:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: bon
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 5-52489721-52489734 NNNN CT(11 10 0) RT(1692812679331 69) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
server-timing: bon, total;dur=12.997433
content-length: 77931

GET
H2 200 _Incapsula_Resource
www.daviplata.com/ 1 B
37 B 22ms
22ms Image
text/plain 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.daviplata.com/_Incapsula_Resource?SWKMTFSR=1&e=0.24926780741857968

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/plain

GET
H2 200 _Incapsula_Resource Show response
www.daviplata.com/ Frame 7751 5 KB
2 KB 20ms
19ms Document
text/html 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aad48850d57230a0bf60e953ad65b8e23eb6d01d08696c56358b7057541930ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.daviplata.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 1944
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex

GET
H2 200 css
fonts.googleapis.com/ Frame 7751 7 KB
1 KB 104ms
33ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11b8776d0e99221a9cea315566e7599938ff94dbf8b48f18fe21e1ae34e7f60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 17:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 17:07:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 17:44:40 GMT

GET
H2 403 logo-davivienda.png
www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/ Frame 7751 0
0 90ms
34ms Image
text/html 45.60.197.231
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/logo-davivienda.png
Requested by: Host: www.daviplata.com
URL: https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.197.231 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET AlertaIcon.png
www.davivienda.com/wps/wcm/connect/personas/e44fbb15-5c15-49f5-8e9d-922f108ee6b7/ Frame 7751 0
0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 7751 1 KB
1 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd3cd15fa62254645d8d3e9960e04fb6d2a2da36c398865d884fe1a8c9271a38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.daviplata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 836
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 17:44:40 GMT

GET vigilado.png
www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/ Frame 7751 0
0

GET logo-davivienda-footer.png
www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/ Frame 7751 0
0

POST
H2 200 csp_report
www.daviplata.com/ Frame 7751 0
28 B 18ms
17ms Other
text/plain 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/csp_report

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 0
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/plain

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc798131096684be5441feb2411a608938f2d6eedcd98bd4bbe678007eedfb2b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 7751 15 KB
16 KB 83ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.daviplata.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 86580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 17:41:40 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 7751 454 KB
183 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46874b78156e098977e847df23e81bb197f3923358b416f6c291f2bc6cda572c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.daviplata.com/
Origin: https://www.daviplata.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186762
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 17:23:40 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 7751 15 KB
15 KB 60ms
31ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.daviplata.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:46:14 GMT
x-content-type-options: nosniff
age: 568706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:46:14 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385a8794916319b7234888f8deaa7ffcb9c1c1bc48e0b394e01876db078be5e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 Mercifull-is-so-Trum-alone-to-faire-dothen-fough Show response
www.daviplata.com/ 773 B
885 B 841ms
741ms Fetch
application/json 45.60.243.138
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.daviplata.com/Mercifull-is-so-Trum-alone-to-faire-dothen-fough?d=www.daviplata.com

Requested by

Host: www.daviplata.com
URL: https://www.daviplata.com/Mercifull-is-so-Trum-alone-to-faire-dothen-fough

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.243.138 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

bon /

Resource Hash

b60f53f5901cbc7c067c0bc0ee8940d31a530b4b742bd925205dddd30b009ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json; charset=utf-8
Referer: https://www.daviplata.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 23 Aug 2023 17:44:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: bon
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com *.davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com *.facebook.com use.typekit.net analytics.google.com *.gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/json
access-control-allow-origin: *
x-iinfo: 5-52489721-52489734 PNYN RT(1692812679331 633) q(0 0 0 -1) r(8 8) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=750.621023

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3A2E 55 KB
31 KB 49ms
49ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuZGF2aXBsYXRhLmNvbTo0NDM.&hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rk2kwecuf97j

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__fr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

787df508aad0ad06eb6dfb04c55ef6e92576e163248ef1524fc60279a687d67a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MvBMUYAh8QYg3D3cPppTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.daviplata.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31375
content-security-policy: script-src 'report-sample' 'nonce-MvBMUYAh8QYg3D3cPppTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:44:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 3A2E 55 KB
24 KB 77ms
27ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuZGF2aXBsYXRhLmNvbTo0NDM.&hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rk2kwecuf97j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 17:40:43 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 3A2E 454 KB
182 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__fr.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46874b78156e098977e847df23e81bb197f3923358b416f6c291f2bc6cda572c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186762
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 17:23:40 GMT

GET
DATA 200
OK truncated
/ Frame 3A2E 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3A2E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3A2E 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:02:48 GMT
x-content-type-options: nosniff
age: 387712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 26 Aug 2023 06:02:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3A2E 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 378522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:35:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3A2E 102 B
134 B 35ms
35ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20dd873a754dde6cce748c5e09ec99fc212d84559dd71bb1505b9a2dfd8ffda1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62&co=aHR0cHM6Ly93d3cuZGF2aXBsYXRhLmNvbTo0NDM.&hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=rk2kwecuf97j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 17:44:40 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame BBAC 7 KB
1 KB 35ms
35ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__fr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ef81466e3270ac753b30be1020362bdd09bb94277d024a760638a99462d85a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VwaJV6vJbeqK7zc0KqvOgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.daviplata.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1158
content-security-policy: script-src 'report-sample' 'nonce-VwaJV6vJbeqK7zc0KqvOgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:44:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame BBAC 55 KB
24 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 17:40:43 GMT

GET
H3 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame BBAC 454 KB
182 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld38BkUAAAAAPATwit3FXvga1PI6iVTb6zgXw62

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46874b78156e098977e847df23e81bb197f3923358b416f6c291f2bc6cda572c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 17:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186762
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 17:23:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.davivienda.com
URL: https://www.davivienda.com/wps/wcm/connect/personas/e44fbb15-5c15-49f5-8e9d-922f108ee6b7/AlertaIcon.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE.Z18_GIL0H840OO7LD0Q8IFBEF1QIF4-e44fbb15-5c15-49f5-8e9d-922f108ee6b7-o2XpE6G%60

Domain: www.davivienda.com
URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/vigilado.png

Domain: www.davivienda.com
URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/logo-davivienda-footer.png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.daviplata.com/	1970-01-20 22:57:58	Name: visid_incap_2776320 Value: ghVWb7J4T6iqFDlBCh+atIdF5mQAAAAAQUIPAAAAAABN5LwKVx2oA0yvZJ/CabZ1
.daviplata.com/	1969-12-31 23:59:59	Name: incap_ses_1176_2776320 Value: T+Aif4ibgSrg6TmUev5REIdF5mQAAAAAXWOuIWHrts+dXzK6To89zw==
.davivienda.com/	1970-01-20 22:58:01	Name: visid_incap_2645207 Value: aSI7DDU/RQCanY5kSGNQuYdF5mQAAAAAQUIPAAAAAACr4OZU+8hdw7m4RHR+OAuk
.davivienda.com/	1969-12-31 23:59:59	Name: incap_ses_390_2645207 Value: qQZANc15LxEd7wGMcZBpBYdF5mQAAAAAzqow1iFVnJjrCKMsiZWUfQ==
.daviplata.com/	1969-12-31 23:59:59	Name: nlbi_2776320_2147483392 Value: IDuYECdyVkOe8d/Jg5EnIwAAAAAWVnxLEdiXjBZD9HHkWY55
.daviplata.com/	1970-01-20 14:56:44	Name: reese84 Value: 3:JyrzgmMMPcWFCjQ7865ovA==:4pZDaudXsoHyWpwKTVteKqA4LtDWznDewmn3Ycj8U5Aj/kDYY98CwWELt69HILIFyaSRJ1j1HAxaLBspHXF+hRTW+dIDDZZR6tpr+FG0Ng+2gdIRA0YqoZ8IgNdHWfCHb3ytr00ODxw/pymVZ/iXYOj2Bd9JSy1idn9FPQS3NmdAbKs6qqn6x77WrG/1sw29gZrJjZZe49vpocAcaht2iy2OUOX4yisNpPjjl6K0hCQCum85BJe2Fhf5e/3xEp+XYirvY8XAcMLeA009tch/ywmaWyfUu1rpkUXBNtuta7u44czGGjqkfS02pBgs1kztDCJBf76ts8OzqhidME+rvZ3hEt/rYf5BpzlwFHkJT56TExvjLOr3bxERSkJqwcQGymf0HiOpZGG0fxycQXh5jDMd1wPdIuuYJ3G4ny7RjqiChi3KdE18UzZ8XE57nm+OMMRngZXwUBoc46OrLDNyZB9NsDfvLR9WnVLBbqTz1J70mzyvcVmSHgYXmMzXaFu0NbmN3NGyxvDv1r+Z9JWMvNhYQiTENZgNRB/rSMZaWYLSYlSFsBFbdzrEF4eWU9JwKn+a5P0khoyxLiS2v1Ildt44ptgNXVE5CMJOxVxI7FZcTlz/C5yaSiI7JkTO8+/C:i4l7Y7hlkqjS7I2zXVdrMlLzJWh8wYADmrJgalBBbQU=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.daviplata.com/_Incapsula_Resource?SWUDNSAI=31&xinfo=5-52489721-0%20NNNN%20RT%281692812679331%2026%29%20q%280%20-1%20-1%201%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U18&incident_id=1176000780146698720-239686959337313157&edet=12&cinfo=0e000000b60d&rpinfo=0&cts=rsVLdE%2fbELLkL%2b4SbeAALxrt8SnZwcshGxnD1lRpfriqiqUnk6PgkaFJYBf7xhZ4&mth=GET(Line 4) Message: [Report Only] Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: .doubleclick.net www.daviplata.com 1.c81358859121583b7adf2ace89cb39f44.com www.youtube.com www.googletagmanager.com region1.analytics.google.com .davivienda.com www.google-analytics.com www.google.com.co adservice.google.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com eloqua.code-labs.com .facebook.com use.typekit.net analytics.google.com .gstatic.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.google.com". Note that 'style-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
network	error	URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/logo-davivienda.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.davivienda.com/wps/wcm/connect/personas/e44fbb15-5c15-49f5-8e9d-922f108ee6b7/AlertaIcon.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE.Z18_GIL0H840OO7LD0Q8IFBEF1QIF4-e44fbb15-5c15-49f5-8e9d-922f108ee6b7-o2XpE6G%60 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/vigilado.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://www.davivienda.com/PersonasDaviviendaNewTheme/resources/img/logos/logo-davivienda-footer.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cancelaciones.securesreddavi00.go.yj.fr
daviplata.com
fonts.googleapis.com
fonts.gstatic.com
www.daviplata.com
www.davivienda.com
www.google.com
www.gstatic.com
www.davivienda.com
199.16.129.199
2a00:1450:4001:802::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
45.60.197.231
45.60.241.138
45.60.243.138
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
11b8776d0e99221a9cea315566e7599938ff94dbf8b48f18fe21e1ae34e7f60d
186e00e3e2776d89d6a22bd01cf16259108813c5d38ad9feec16f165b7a6d48c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20dd873a754dde6cce748c5e09ec99fc212d84559dd71bb1505b9a2dfd8ffda1
385a8794916319b7234888f8deaa7ffcb9c1c1bc48e0b394e01876db078be5e8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
46874b78156e098977e847df23e81bb197f3923358b416f6c291f2bc6cda572c
4ef81466e3270ac753b30be1020362bdd09bb94277d024a760638a99462d85a9
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
787df508aad0ad06eb6dfb04c55ef6e92576e163248ef1524fc60279a687d67a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
aad48850d57230a0bf60e953ad65b8e23eb6d01d08696c56358b7057541930ba
b60f53f5901cbc7c067c0bc0ee8940d31a530b4b742bd925205dddd30b009ddb
bc798131096684be5441feb2411a608938f2d6eedcd98bd4bbe678007eedfb2b
bd3cd15fa62254645d8d3e9960e04fb6d2a2da36c398865d884fe1a8c9271a38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6efc06b33e30886f839e844faabf9183f0945b99c841cbe72e545c61d483d72
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
fefc0d28fb281e72ed59d680eafa99bc7a3856322853121578d5b19b41df0e86

www.daviplata.com Open in urlscan Pro 45.60.243.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

780 kBTransfer

2009 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

6 Cookies

5 Console Messages

www.daviplata.com Open in urlscan Pro
45.60.243.138 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

780 kB
Transfer

2009 kB
Size

6
Cookies

25 HTTP transactions
4 data transactions