enrolamiento.sufi-temp-qa.apps.ambientesbc.com Open in urlscan Pro
54.192.51.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
Submission: On March 21 via api (March 21st 2024, 10:50:56 pm UTC) from US — Scanned from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 21 domains to perform 38 HTTP transactions. The main IP is 54.192.51.2, located in United States and belongs to AMAZON-02, US. The main domain is enrolamiento.sufi-temp-qa.apps.ambientesbc.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 20th 2024. Valid for: a year.

This is the only time enrolamiento.sufi-temp-qa.apps.ambientesbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	54.192.51.2 54.192.51.2	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::93	15169 (GOOGLE) (GOOGLE)
2	2600:9000:269... 2600:9000:269f:f200:17:4c3f:1b80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::8b	15169 (GOOGLE) (GOOGLE)
1	3.162.3.96 3.162.3.96	16509 (AMAZON-02) (AMAZON-02)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	23.14.156.209 23.14.156.209	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f08... 2a03:2880:f08e:219:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.162.3.117 3.162.3.117	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	23.197.109.53 23.197.109.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9d	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
38	19

5 54.192.51.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-2.yul62.r.cloudfront.net

enrolamiento.sufi-temp-qa.apps.ambientesbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:269f:f200:17:4c3f:1b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.glia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-96.yul62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.14.156.209 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-14-156-209.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f08e:219:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-117.yul62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.109.53 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-109-53.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ambientesbc.com enrolamiento.sufi-temp-qa.apps.ambientesbc.com	30 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	92 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	396 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1239 script.hotjar.com — Cisco Umbrella Rank: 1662	64 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	220 KB
2	glia.com api.glia.com — Cisco Umbrella Rank: 28744	10 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	1 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	368 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1737	303 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1224	395 B
1	t.co t.co — Cisco Umbrella Rank: 766	376 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 8455	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1208	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	14 KB
1	gstatic.com www.gstatic.com	197 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 3990	53 KB
0	hotjar.io Failed vc.hotjar.io Failed
0	skaduks.com Failed api.skaduks.com Failed
0	segment.com Failed cdn.segment.com Failed
0	creativecdn.com Failed tags.creativecdn.com Failed
38	21

	Domain	Requested by
5	enrolamiento.sufi-temp-qa.apps.ambientesbc.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
4	connect.facebook.net	enrolamiento.sufi-temp-qa.apps.ambientesbc.com connect.facebook.net
3	www.facebook.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
2	api.glia.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com api.glia.com
2	www.google.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	stags.bluekai.com	tags.bkrtx.com
1	analytics.twitter.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
1	t.co	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
1	script.hotjar.com	static.hotjar.com
1	tags.bkrtx.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googleoptimize.com	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
0	vc.hotjar.io Failed	script.hotjar.com
0	api.skaduks.com Failed	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
0	cdn.segment.com Failed	enrolamiento.sufi-temp-qa.apps.ambientesbc.com
0	tags.creativecdn.com Failed	www.googletagmanager.com
38	22

This site contains no links.

Subject Issuer	Validity	Valid
enrolamiento.sufi-temp-qa.apps.ambientesbc.com Amazon RSA 2048 M02	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.glia.com Amazon RSA 2048 M01	`2023-06-18` - `2024-07-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-30` - `2024-03-29`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-04` - `2025-01-02`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
Frame ID: 364C3237176A8A91FF5696C14A726D93
Requests: 35 HTTP requests in this frame

Frame: https://api.skaduks.com/cookie/cookie?a=
Frame ID: 02E42303740ADBAC20E4FAD8DEBD1A72
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DEnrolamiento%20SUFI&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=65499884
Frame ID: EAC98A025403F28E621DCB66DA2C336E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enrolamiento SUFI

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

38
Requests

82 %
HTTPS

56 %
IPv6

21
Domains

22
Subdomains

19
IPs

2
Countries

735 kB
Transfer

2426 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 12 KB
6 KB 210ms
114ms Document
text/html 54.192.51.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-2.yul62.r.cloudfront.net

Software

bco /

Resource Hash

beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache; must-revalidate; pre-check= 0; post-check= 0; max-age= 0; s-maxage= 0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://*.salemove.com https://*.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://*.salemove.com https://*.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.salemove.com https://*.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.glia.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.salemove.com https://*.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://*.salemove.com https://*.glia.com; connect-src 'self' 'unsafe-inline' https://*.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://*.salemove.com https://*.salemove.com wss://*.glia.com https://*.glia.com https://*.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
content-type: text/html
date: Thu, 21 Mar 2024 22:50:52 GMT
etag: W/"d7accf5fcdf68047de2b0ad4b684a0e0"
expires: 0
last-modified: Wed, 20 Mar 2024 19:30:54 GMT
pragma: no-cache
referrer-policy: same-origin
server: bco
strict-transport-security: max-age= 86400; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-id: vlNGhU7pt9dj4uWxhO8PcGNIxxts7UBpVJuo-Tm4iW1EZYN6bQlOtQ==
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: eC9F_q44hKntDX.noQ4PTXAbNgZFZ5Cg
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 138 KB
53 KB 151ms
58ms Script
application/javascript 2607:f8b0:4004:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PMWTTHH

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54acb5d6bad588964a315c62f28abd7f58f45b2aabc39953f79d98e62d22e4d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54181
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 22:50:51 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 135ms
55ms Script
text/javascript 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8274175d96212541f3445e21c0a8ab63930110be676b47bce779c4119cf8323

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Mar 2024 22:50:51 GMT

GET
H2 200 runtime.js Show response
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 12 KB
6 KB 96ms
95ms Script
text/html 54.192.51.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/runtime.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-2.yul62.r.cloudfront.net

Software

bco /

Resource Hash

beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
Origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: eC9F_q44hKntDX.noQ4PTXAbNgZFZ5Cg
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://*.salemove.com https://*.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://*.salemove.com https://*.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.salemove.com https://*.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.glia.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.salemove.com https://*.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://*.salemove.com https://*.glia.com; connect-src 'self' 'unsafe-inline' https://*.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://*.salemove.com https://*.salemove.com wss://*.glia.com https://*.glia.com https://*.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
x-content-type-options: nosniff
strict-transport-security: max-age= 86400; includeSubdomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
date: Thu, 21 Mar 2024 22:50:52 GMT
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 19:30:54 GMT
server: bco
etag: W/"d7accf5fcdf68047de2b0ad4b684a0e0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache; must-revalidate; pre-check= 0; post-check= 0; max-age= 0; s-maxage= 0
access-control-allow-credentials: false
x-amz-cf-id: zD9R8BtQRRU1xYwPfG6VZqrOtXYjI0xcq3U78UneGALRASGUECLeEQ==
expires: 0

GET
H2 200 polyfills.js Show response
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 12 KB
6 KB 194ms
193ms Script
text/html 54.192.51.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/polyfills.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-2.yul62.r.cloudfront.net

Software

bco /

Resource Hash

beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
Origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: eC9F_q44hKntDX.noQ4PTXAbNgZFZ5Cg
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://*.salemove.com https://*.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://*.salemove.com https://*.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.salemove.com https://*.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.glia.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.salemove.com https://*.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://*.salemove.com https://*.glia.com; connect-src 'self' 'unsafe-inline' https://*.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://*.salemove.com https://*.salemove.com wss://*.glia.com https://*.glia.com https://*.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
x-content-type-options: nosniff
strict-transport-security: max-age= 86400; includeSubdomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
date: Thu, 21 Mar 2024 22:50:52 GMT
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 19:30:54 GMT
server: bco
etag: W/"d7accf5fcdf68047de2b0ad4b684a0e0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache; must-revalidate; pre-check= 0; post-check= 0; max-age= 0; s-maxage= 0
access-control-allow-credentials: false
x-amz-cf-id: cnmE87qxJ212XNCOvUk_segBmo4bo4FKMyYMGq47rJTb48GKFdltXA==
expires: 0

GET
H2 200 scripts.js Show response
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 12 KB
6 KB 142ms
142ms Script
text/html 54.192.51.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/scripts.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-2.yul62.r.cloudfront.net

Software

bco /

Resource Hash

beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: eC9F_q44hKntDX.noQ4PTXAbNgZFZ5Cg
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://*.salemove.com https://*.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://*.salemove.com https://*.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.salemove.com https://*.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.glia.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.salemove.com https://*.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://*.salemove.com https://*.glia.com; connect-src 'self' 'unsafe-inline' https://*.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://*.salemove.com https://*.salemove.com wss://*.glia.com https://*.glia.com https://*.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
x-content-type-options: nosniff
strict-transport-security: max-age= 86400; includeSubdomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
date: Thu, 21 Mar 2024 22:50:52 GMT
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 19:30:54 GMT
server: bco
etag: W/"d7accf5fcdf68047de2b0ad4b684a0e0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache; must-revalidate; pre-check= 0; post-check= 0; max-age= 0; s-maxage= 0
access-control-allow-credentials: false
x-amz-cf-id: UTrgI61GLV4gUHrWJychKyMYTb-aEsGKsvnkhxibLtGzU2as3cyzzQ==
expires: 0

GET
H2 200 main.js Show response
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 12 KB
6 KB 199ms
198ms Script
text/html 54.192.51.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/main.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-51-2.yul62.r.cloudfront.net

Software

bco /

Resource Hash

beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
Origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: eC9F_q44hKntDX.noQ4PTXAbNgZFZ5Cg
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://*.salemove.com https://*.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://*.salemove.com https://*.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://*.salemove.com https://*.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://*.glia.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.salemove.com https://*.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://*.salemove.com https://*.glia.com; connect-src 'self' 'unsafe-inline' https://*.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://*.salemove.com https://*.salemove.com wss://*.glia.com https://*.glia.com https://*.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
x-content-type-options: nosniff
strict-transport-security: max-age= 86400; includeSubdomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
date: Thu, 21 Mar 2024 22:50:52 GMT
via: 1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Wed, 20 Mar 2024 19:30:54 GMT
server: bco
etag: W/"d7accf5fcdf68047de2b0ad4b684a0e0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache; must-revalidate; pre-check= 0; post-check= 0; max-age= 0; s-maxage= 0
access-control-allow-credentials: false
x-amz-cf-id: g3g6jtFOrBrHARPM7YraFzekzl9tU3lUUT_n_8uoQZ4BaBx4nikIKg==
expires: 0

GET
H2 200 salemove_integration.js Show response
api.glia.com/ 9 KB
9 KB 160ms
38ms Script
application/javascript 2600:9000:269f:f200:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/salemove_integration.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:269f:f200:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97bbedba79079d363917a02a376ea5ffa618bd83aa29ae33e1448ac3a9a44181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 21 Mar 2024 22:21:10 GMT
via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 02:02:33 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 1787
x-amz-server-side-encryption: AES256
etag: "30169f9eedbd52cefb1b1cb2c827dafe"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9146
x-amz-cf-id: 3QRkA2dMgGRqUuNl46k_Q3ByrRtUkC8e4wHlqxKwIZrP2uuaxLCIkw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 375 KB
113 KB 220ms
141ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPMWN6

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ea105aecbeb19a96c5b44c02150b9b098ec0ac17abdc5cdf1716db2a35d591a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115466
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 22:50:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 476 KB
108 KB 165ms
86ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLKZKF9

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f087610bb8ebf1cc818c454763f8989f4abdebfd7d10b5919424d0b7bafca8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109727
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 22:50:51 GMT

GET styles.css
enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/ 492 KB
197 KB 119ms
40ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/YurWEBlMIwR4EqFPncmQTkxQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200837
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 21:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 21:33:27 GMT

POST
H2 200 visitor_config Show response
api.glia.com/ 125 B
697 B 65ms
64ms XHR
application/json 2600:9000:269f:f200:17:4c3f:1b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.glia.com/visitor_config?referrer=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&

Requested by

Host: api.glia.com
URL: https://api.glia.com/salemove_integration.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:269f:f200:17:4c3f:1b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cd85d11bf3f6c3e95041089c15553537fe322aaf2a71b943066c87c00960ad8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 e4319b693fea530a4675a1f616581394.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront
content-length: 125
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, OPTIONS, HEAD, DELETE
content-type: application/json
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
access-control-expose-headers
vary: Origin
access-control-allow-credentials: true
x-site-visitor-config: true
access-control-allow-headers: Content-Type, Accept, Authorization
x-amz-cf-id: 9SSlUi1lXXJ4ZeKLduI_BziJQzvj1c8tBi_pNCSi6jCgT39nAyHjMw==

GET DmSU3C096jBPZPSkOZpM.js
tags.creativecdn.com/ 0
0

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 47 KB
14 KB 289ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLKZKF9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 314422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13696
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-bb47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEdWVWbklEmfqqErIB6JWfuJTNbteZ054ufA6ni2LuVw%2BlB440i5jtrmnzxZv7UXD3kHvZTVMLqW8EC3CEHWMm87iChwoNksPSVFZ1jIvBdbxeZ6FZj3xMKGf2HAm2J4LxvxMwaC4Myv1Vm4l8T2X75j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 868180daec664bc3-BUF
expires: Tue, 11 Mar 2025 22:50:51 GMT

GET analytics.min.js
cdn.segment.com/analytics.js/v1/HATDusqjlaauqBWlKoqtL5lY06xe2Qmb/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 270ms
40ms Script
text/javascript 2607:f8b0:4004:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPMWN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 21:02:00 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6531
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Mar 2024 23:02:00 GMT

GET
H2 200 hotjar-373418.js Show response
static.hotjar.com/c/ 62 KB
9 KB 265ms
37ms Script
application/javascript 3.162.3.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-373418.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPMWN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-96.yul62.r.cloudfront.net

Software

Resource Hash

c71471614bcc8ae0939961fcf1cbd722b59fdd4eb5df7ff0bf377758b729b75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 22:50:15 GMT
via: 1.1 b46ea00af935bf6290d93c76c66e0c8e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 44
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d5d90eb1860183af9347ac1dbcb69010
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: e07sxd88VXPe4Jzv_eOwrqoNR1-eIyvDvNX7zlzu7bhhJirBcu0MNw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 263ms
36ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPMWN6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:50:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000046-IAD

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 264ms
41ms Script
application/javascript 23.14.156.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPMWN6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.14.156.209 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-14-156-209.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 21 Mar 2024 22:50:51 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Thu, 28 Mar 2024 22:50:51 GMT

GET cookie
api.skaduks.com/cookie/ Frame 02E4 0
0

POST notify-event
api.skaduks.com/ingestion/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 322ms
102ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=100, rtx=0, c=12, mss=1294, tbw=2807, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: clqHXPI9aLfEdIK1gYAJj9lrK+VutNtFpnTOYFz9CykbYZHCTYLHywBgckSSFrrFWHEmBly1nC+0x88VrTOTGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS notify-event
api.skaduks.com/ingestion/ Frame 0
0

GET
H2 200 modules.0ce9b654b0ac7fef3cf0.js Show response
script.hotjar.com/ 220 KB
55 KB 95ms
33ms Script
application/javascript 3.162.3.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-373418.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-117.yul62.r.cloudfront.net

Software

Resource Hash

a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 15:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 99442e301c9543d48067e4e142e03290.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 27346
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55498
last-modified: Thu, 21 Mar 2024 15:14:32 GMT
etag: "115ac93274d69bd2c455fda9dea090c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: VZzXoicSLg4zAf4IMseXZ0d4rOwyLCkNBoUeRmNV56UVf7cc0JFusQ==

GET
H2 200 adsct
t.co/i/ 43 B
376 B 242ms
131ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=81ed78c0-44ab-438f-b2b0-94eedb643115&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1d7a49ab-7ec1-4dd4-8583-d0f7c8eb509d&tw_document_href=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8a0r&type=javascript&version=2.3.29

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 81
date: Thu, 21 Mar 2024 22:50:52 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 60f3eefd01017ea9
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: cfee48f607ac3538b2d0d1afbf31c0dbe9f73ee99f8d0cb5506b84341c9c7cf1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 230ms
126ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=81ed78c0-44ab-438f-b2b0-94eedb643115&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1d7a49ab-7ec1-4dd4-8583-d0f7c8eb509d&tw_document_href=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8a0r&type=javascript&version=2.3.29

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 76
date: Thu, 21 Mar 2024 22:50:51 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 48267f646757fce3
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: b89c30d1e96376c8712ff33828e03c02a3fa3052b8ffd783163982da8a480550
content-length: 43

GET
H2 200 71145 Show response
stags.bluekai.com/site/ Frame EAC9 71 B
303 B 220ms
129ms Document
text/html 23.197.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DEnrolamiento%20SUFI&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=65499884
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.109.53 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-109-53.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

bk-server: b87d
cache-control: max-age=0, no-cache, no-store
content-length: 71
content-type: text/html
date: Thu, 21 Mar 2024 22:50:52 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
229 B 49ms
48ms XHR
text/plain 2607:f8b0:4004:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=524921969&t=pageview&_s=1&dl=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&ul=en-us&de=UTF-8&dt=Enrolamiento%20SUFI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAEK~&jid=2086460914&gjid=710810874&cid=1680339818.1711061452&tid=UA-63776265-20&_gid=1140032363.1711061452&_slc=1&gtm=45He43k0n71KPMWN6v72536163za200&gcd=13l3l3l3l1&dma=0&cd3=1680339818.1711061452&z=582404531

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:50:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
368 B 132ms
49ms XHR
text/plain 2607:f8b0:4004:c19::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-63776265-20&cid=1680339818.1711061452&jid=2086460914&gjid=710810874&_gid=1140032363.1711061452&_u=YGBAiEABBAAAAGAEK~&z=1775863935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Mar 2024 22:50:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 373418
vc.hotjar.io/sessions/ 0
0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 99ms
99ms Image
image/gif 2607:f8b0:4004:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-63776265-20&cid=1680339818.1711061452&jid=2086460914&_u=YGBAiEABBAAAAGAEK~&z=301135013

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 22:50:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1057072597705880 Show response
connect.facebook.net/signals/config/ 122 KB
25 KB 184ms
184ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1057072597705880?v=2.9.150&r=stable&domain=enrolamiento.sufi-temp-qa.apps.ambientesbc.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b961f486b0ac04fddc7d509b9d601ad01a7a9b7050a4c18eaec8c469e53b4fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=102, rtx=0, c=64, mss=1294, tbw=62816, tp=-1, tpl=-1, uplat=82, ullat=0
pragma: public
x-fb-debug: dtuc9Bjar6T0Tr7czV3MxXukVrT4HyvPjbPufBXGbvWgBPA4izYN+KZ22r3nen0QjmygXn4iWBajfOk6bjYUZA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1566681760515101 Show response
connect.facebook.net/signals/config/ 30 KB
5 KB 155ms
155ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1566681760515101?v=2.9.150&r=stable&domain=enrolamiento.sufi-temp-qa.apps.ambientesbc.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C119%2C173%2C175%2C108%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C174%2C112%2C113%2C131%2C154%2C141%2C105%2C210%2C147%2C106%2C128%2C121%2C109

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc3afa16fbb592e105c86dffd7246b92ee9430c4ef740f9cdbac3bdc778c74fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=100, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=52, ullat=0
pragma: public
x-fb-debug: e0fIHLbmrjuFoVHzD9xnbzP6KVX93QcqVMgEc4eD2FO4K8kgu3OSZOEn0e3duZBVsqVtAySyzZ05ERHrE7KYPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 110ms
36ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1057072597705880&ev=PageView&dl=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com&rl=&if=false&ts=1711061452561&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4124&fbp=fb.1.1711061452556.1646528072&cs_est=true&pm=1&hrl=64d230&ler=empty&cdl=API_unavailable&it=1711061452330&coo=false&cs_cc=1&cas=6932369953502550%2C4024941637629596%2C5750090398397568%2C4401970613159944%2C3207921265913678%2C4621278281282586%2C4182855438444142%2C5078763058884783%2C3544488785658075%2C3336949699726310%2C3265765356869722%2C5009259465765835%2C3617413605018695%2C2674656215989768&rqm=GET

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 1951355481885807 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 164ms
163ms Script
application/x-javascript 2a03:2880:f08e:219:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1951355481885807?v=2.9.150&r=stable&domain=enrolamiento.sufi-temp-qa.apps.ambientesbc.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C119%2C173%2C175%2C108%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C174%2C112%2C113%2C131%2C154%2C141%2C105%2C210%2C147%2C106%2C128%2C121%2C109%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C117%2C139

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d93bc35f48d3ce90dcf2ac3536b3e2858204d96072bf880bb5b60c2e3f15e06c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=100, rtx=0, c=29, mss=1232, tbw=11883, tp=17, tpl=0, uplat=52, ullat=0
pragma: public
x-fb-debug: 2MQjm63S3WRHVdlOVtxtf1wVmLVLe58sHFrtkdwCrxS/M4JP6jER/vxUfLls6EmrSt90oIGYtJ+5AH2eewPqlg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 38ms
37ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1566681760515101&ev=PageView&dl=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&rl=&if=false&ts=1711061452727&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711061452556.1646528072&ler=empty&cdl=API_unavailable&it=1711061452330&coo=false&rqm=GET

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=3129, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 37ms
37ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1951355481885807&ev=PageView&dl=https%3A%2F%2Fenrolamiento.sufi-temp-qa.apps.ambientesbc.com%2F&rl=&if=false&ts=1711061452907&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711061452556.1646528072&ler=empty&cdl=API_unavailable&it=1711061452330&coo=false&rqm=GET

Requested by

Host: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 21 Mar 2024 22:50:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: enrolamiento.sufi-temp-qa.apps.ambientesbc.com
URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/styles.css

Domain: tags.creativecdn.com
URL: https://tags.creativecdn.com/DmSU3C096jBPZPSkOZpM.js

Domain: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HATDusqjlaauqBWlKoqtL5lY06xe2Qmb/analytics.min.js

Domain: api.skaduks.com
URL: https://api.skaduks.com/cookie/cookie?a=

Domain: api.skaduks.com
URL: https://api.skaduks.com/ingestion/notify-event

Domain: api.skaduks.com
URL: https://api.skaduks.com/ingestion/notify-event

Domain: vc.hotjar.io
URL: https://vc.hotjar.io/sessions/373418?s=0.25&r=0.11624576299905587

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ambientesbc.com/	1970-01-20 21:27:17	Name: _gcl_au Value: 1.1.1652098766.1711061452
.ambientesbc.com/	1970-01-21 04:53:41	Name: _ga Value: GA1.2.1680339818.1711061452
.ambientesbc.com/	1970-01-20 19:19:07	Name: _gid Value: GA1.2.1140032363.1711061452
.ambientesbc.com/	1970-01-20 19:17:41	Name: _dc_gtm_UA-63776265-20 Value: 1
.ambientesbc.com/	1970-01-21 04:03:17	Name: _hjSessionUser_373418 Value: eyJpZCI6IjE3YTkzNWVlLWNkZmQtNTQ5Ny1hMjk5LTMyNmFhNjFlZjk4NiIsImNyZWF0ZWQiOjE3MTEwNjE0NTIxODksImV4aXN0aW5nIjpmYWxzZX0=
.ambientesbc.com/	1970-01-20 19:17:43	Name: _hjSession_373418 Value: eyJpZCI6IjNmNWE2YzFlLTU3MWYtNDMwOC1iNGMwLWJiMGE1YjM3MGExMyIsImMiOjE3MTEwNjE0NTIxOTAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.twitter.com/	1970-01-21 04:53:41	Name: personalization_id Value: "v1_Rw7vr49L3n7VBEhluF1Cpg=="
.t.co/	1970-01-21 04:53:41	Name: muc_ads Value: 6186bf66-7d4d-4235-8190-9cb01d9728d1
.ambientesbc.com/	1970-01-20 21:27:17	Name: _fbp Value: fb.1.1711061452556.1646528072

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/runtime.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript	error	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/polyfills.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript	error	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/main.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
security	error	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ Message: Refused to apply style from 'https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/styles.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ Message: Refused to execute script from 'https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/scripts.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLKZKF9(Line 89) Message: Refused to load the script 'https://tags.creativecdn.com/DmSU3C096jBPZPSkOZpM.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com".
security	error	(Line 1) Message: Refused to load the script 'https://cdn.segment.com/analytics.js/v1/HATDusqjlaauqBWlKoqtL5lY06xe2Qmb/analytics.min.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://*.salemove.com".
security	error	URL: https://script.hotjar.com/modules.0ce9b654b0ac7fef3cf0.js(Line 1) Message: Refused to connect to 'https://vc.hotjar.io/sessions/373418?s=0.25&r=0.11624576299905587' because it violates the following Content Security Policy directive: "connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://*.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com".
other	warning	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://enrolamiento.sufi-temp-qa.apps.ambientesbc.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1057072597705880?v=2.9.150&r=stable&domain=enrolamiento.sufi-temp-qa.apps.ambientesbc.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' wss://.salemove.com https://.salemove.com https://fonts.gstatic.com https://vars.hotjar.com; img-src 'self' blob: data: https://.salemove.com https://.glia.com https://www.facebook.com https://www.google.com.co/ads/ https://gtm.grupobancolombia.com/ https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://t.co https://analytics.twitter.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googleoptimize.com/ https://script.hotjar.com https://www.gstatic.com https://www.google.com https://static.hotjar.com https://connect.facebook.net https://tags.bkrtx.com https://ajax.googleapis.com https://fonts.googleapis.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://.salemove.com https://.glia.com; script-src-elem 'self' 'unsafe-eval' 'unsafe-inline' https://.glia.com/ https://.hotjar.com/ https://connect.facebook.net/ https://www.googleoptimize.com https://www.google-analytics.com/ https://static.ads-twitter.com/ https://tags.bkrtx.com/ https://www.gstatic.com/ https://ajax.googleapis.com https://www.googletagmanager.com https://www.google.com https://cdnjs.cloudflare.com https://.salemove.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://.salemove.com https://.glia.com https://fonts.googleapis.com; object-src 'none'; font-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://fonts.gstatic.com; media-src 'self' https://.salemove.com https://.glia.com; connect-src 'self' 'unsafe-inline' https://.hotjar.com https://api.skaduks.com/ https://analytics.google.com/ https://www.google-analytics.com https://stats.g.doubleclick.net https://api.ipify.org wss://.salemove.com https://.salemove.com wss://.glia.com https://.glia.com https://.twilio.com wss://.twilio.com https://www.facebook.com/ https://sufi-ext-dev.apps.ambientesbc.com https://sufi-ext-qa.apps.ambientesbc.com https://sufi-ext-pdn.apps.bancolombia.com; frame-src 'self' blob: data: https://stags.bluekai.com https://api.skaduks.com/ https://*.hotjar.com https://www.google.com/;
Strict-Transport-Security	max-age= 86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.glia.com
api.skaduks.com
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
enrolamiento.sufi-temp-qa.apps.ambientesbc.com
script.hotjar.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.bkrtx.com
tags.creativecdn.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
api.skaduks.com
cdn.segment.com
enrolamiento.sufi-temp-qa.apps.ambientesbc.com
tags.creativecdn.com
vc.hotjar.io
104.244.42.195
104.244.42.69
146.75.28.157
23.14.156.209
23.197.109.53
2600:9000:269f:f200:17:4c3f:1b80:93a1
2606:4700::6811:190e
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::8b
2607:f8b0:4004:c06::93
2607:f8b0:4004:c08::61
2607:f8b0:4004:c19::9d
2607:f8b0:4004:c1d::8b
2a03:2880:f08e:219:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.162.3.117
3.162.3.96
54.192.51.2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b961f486b0ac04fddc7d509b9d601ad01a7a9b7050a4c18eaec8c469e53b4fe
3f087610bb8ebf1cc818c454763f8989f4abdebfd7d10b5919424d0b7bafca8a
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54acb5d6bad588964a315c62f28abd7f58f45b2aabc39953f79d98e62d22e4d6
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8ea105aecbeb19a96c5b44c02150b9b098ec0ac17abdc5cdf1716db2a35d591a
926d6123e0e95e1576a0ed9668e524d25a69b41a29c11228d2d7149656b34f7c
97bbedba79079d363917a02a376ea5ffa618bd83aa29ae33e1448ac3a9a44181
a4273a4627dee7cb7316462117406296f7ac0602a76c101e5c0ca8dfa6686cbd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
bc3afa16fbb592e105c86dffd7246b92ee9430c4ef740f9cdbac3bdc778c74fc
beb5b836440d75fdc01bc461623a4ed85e2c0e9f68e5fd21fa9c54e863dbca25
c71471614bcc8ae0939961fcf1cbd722b59fdd4eb5df7ff0bf377758b729b75a
cd85d11bf3f6c3e95041089c15553537fe322aaf2a71b943066c87c00960ad8e
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d93bc35f48d3ce90dcf2ac3536b3e2858204d96072bf880bb5b60c2e3f15e06c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8274175d96212541f3445e21c0a8ab63930110be676b47bce779c4119cf8323

enrolamiento.sufi-temp-qa.apps.ambientesbc.com Open in urlscan Pro 54.192.51.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

82 %HTTPS

56 %IPv6

21 Domains

22 Subdomains

19 IPs

2 Countries

735 kBTransfer

2426 kBSize

9 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

enrolamiento.sufi-temp-qa.apps.ambientesbc.com Open in urlscan Pro
54.192.51.2 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

82 %
HTTPS

56 %
IPv6

21
Domains

22
Subdomains

19
IPs

2
Countries

735 kB
Transfer

2426 kB
Size

9
Cookies

38 HTTP transactions
0 data transactions