urlscan.io logo urlscan.io
SecurityTrails logo

bv.com.do Open in urlscan Pro
179.51.77.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bv.com.do/
Effective URL: https://bv.com.do/onlinebanking
Submission: On November 22 via manual from DO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 179.51.77.203, located in Santo Domingo Este, Dominican Republic and belongs to Columbus Networks Dominicana, DO. The main domain is bv.com.do.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 11th 2018. Valid for: 2 years.
This is the only time bv.com.do was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 179.51.77.203 52471 (Columbus ...)
2 2a00:1450:400... 15169 (GOOGLE)
16 2
Apex Domain
Subdomains		 Transfer
15 bv.com.do
bv.com.do
1 MB
2 google-analytics.com
www.google-analytics.com
18 KB
16 2
Domain Requested by
15 bv.com.do 1 redirects bv.com.do
2 www.google-analytics.com bv.com.do
16 2
Subject Issuer Validity Valid
*.bv.com.do
DigiCert SHA2 Secure Server CA		 2018-09-11 -
2020-09-15		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bv.com.do/onlinebanking
Frame ID: 27D4524B2FE678B301028D6ABCABF549
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bv.com.do/ HTTP 302
    https://bv.com.do/ Page URL
  2. https://bv.com.do/onlinebanking Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1289 kB
Transfer

2355 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bv.com.do/ HTTP 302
    https://bv.com.do/ Page URL
  2. https://bv.com.do/onlinebanking Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bv.com.do/ HTTP 302
  • https://bv.com.do/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bv.com.do/
Redirect Chain
  • http://bv.com.do/
  • https://bv.com.do/
513 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0a1f59bcc0515b5df5858d6c296b38aaf894ab389b805c4605071f5826fd8c00

Request headers

:method
GET
:authority
bv.com.do
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
content-type
text/html
content-encoding
gzip
last-modified
Tue, 30 Oct 2018 00:39:04 GMT
accept-ranges
bytes
etag
"6833dcf5e86fd41:0"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
date
Fri, 22 Nov 2019 15:47:15 GMT
content-length
477

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://bv.com.do/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Fri, 22 Nov 2019 15:47:15 GMT
Content-Length
141
Primary Request onlinebanking
bv.com.do/ 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking
Requested by
Host: bv.com.do
URL: https://bv.com.do/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
ad56b2ece080cf7838d73330340f4942a16a9482472fd4496eb18d1322b456f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
bv.com.do
:scheme
https
:path
/onlinebanking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://bv.com.do/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://bv.com.do/

Response headers

status
200
cache-control
no-cache, no-store, must-revalidate,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=z1kqo0zl3rttcpi0iw4blhkf; path=/; secure; HttpOnly; SameSite=lax ASP.NET_SessionId=z1kqo0zl3rttcpi0iw4blhkf; path=/; secure; HttpOnly; SameSite=lax IB.GUEST=l8sJladKvWEfiwhBBSOjT13MWGoUkH8hghjLrK6difbgToqAVhuOZw_2__2_; expires=Fri, 22-Nov-2019 15:57:17 GMT; path=/; secure; HttpOnly; SameSite=lax __RequestVerificationToken_L29ubGluZWJhbmtpbmc1=GpKTgU89hJbYb7f6eznAeOPgbBq_tItlUuaCCkh5yzdbETF-OKFkk78vgOnRm-gyaI5j_dWPKieCWq1x0gBsUwwYwVy4aZ30ccuMwNQ0kvXwZCL9HHMC_mUhmRJfEnDTORTO9XKVNe6GRMGxkbZ29A2; path=/; secure; HttpOnly; SameSite=lax
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=157680000; includeSubDomains;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
x-xss-protection
1
date
Fri, 22 Nov 2019 15:47:17 GMT
content-length
8289
all.css
bv.com.do/onlinebanking/Content/css/ 		284 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Content/css/all.css?v=uk03ltGGCk2VrV25cgAwiThFzM9BHzF74ER7B7O4RGA1
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
1f09c87cfbb3a9702c7174967a163e97c284b853dd36d107d630213752a84d8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Nov 2019 15:47:17 GMT
date
Fri, 22 Nov 2019 15:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
x-xss-protection
1
cache-control
public,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
vary
User-Agent,Accept-Encoding
x-content-type-options
nosniff
expires
Sat, 21 Nov 2020 15:47:17 GMT
top.js
bv.com.do/onlinebanking/Scripts/js/ 		205 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Scripts/js/top.js?v=h8FfwavPaX4v-07JtlanQh-6mSd_lQz758I5TdZjf3o1
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
1b5fb9993e95737099b7d914a9388d0975ace5db98ee08e3cb2cd8a238ac419e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
date
Fri, 22 Nov 2019 15:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1
cache-control
no-cache,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
content-length
210053
x-content-type-options
nosniff
logo.png
bv.com.do/onlinebanking/Content/css/VIMENCA/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bv.com.do/onlinebanking/Content/css/VIMENCA/img/logo.png
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
9c9738c0e74ecd6d582f4d2057f8d94731268646866b17aea74c38dc15b55457
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:46 GMT
etag
"03f126a635d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-cache,max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
date
Fri, 22 Nov 2019 15:47:17 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
content-length
4369
x-xss-protection
1
google_play.png
bv.com.do/onlinebanking/Content/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bv.com.do/onlinebanking/Content/img/google_play.png
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
889a6a54fb1d27fcdc6133a1c94b70759181ee34ca4f34c3b3b788e823a88ec9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:48 GMT
etag
"06c437a635d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-cache,max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
date
Fri, 22 Nov 2019 15:47:17 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
content-length
7783
x-xss-protection
1
appstore.png
bv.com.do/onlinebanking/Content/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bv.com.do/onlinebanking/Content/img/appstore.png
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
e8cb82cee50926743564fd45c5f2904f43bb12ea7b56a19b53f56da12eccd918
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:48 GMT
etag
"06c437a635d51:0"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-cache,max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
date
Fri, 22 Nov 2019 15:47:17 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
content-length
4383
x-xss-protection
1
footer.js
bv.com.do/onlinebanking/Scripts/js/ 		1 MB
448 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Scripts/js/footer.js?v=Ix-nu2xx4nCegHBV4aWR-3BrpAecabVuZcKXMS3JjkY1
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
3d617aa4ed7a379a5b98c7916b089e5b25cfb325acd046ee42e0778263b71eb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Nov 2019 15:47:18 GMT
date
Fri, 22 Nov 2019 15:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1
cache-control
public,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
vary
User-Agent,Accept-Encoding
x-content-type-options
nosniff
expires
Sat, 21 Nov 2020 15:47:18 GMT
grid.locale-es-DO.js
bv.com.do/onlinebanking/Scripts/jqGrid-4.4.1/js/i18n/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Scripts/jqGrid-4.4.1/js/i18n/grid.locale-es-DO.js
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
815e6f13227ea94a27143209df9f9abc81718870efe686ff80366aaa8f1c78f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
1910
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:40 GMT
date
Fri, 22 Nov 2019 15:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
etag
"0b87e2a635d51:0"
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
jqueryui-datepicker-es-DO.js
bv.com.do/onlinebanking/Scripts/jquery/ 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Scripts/jquery/jqueryui-datepicker-es-DO.js
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
b3270d6a573fffb10d7d1437af9a80caaf6a46eedf2f72d6321860e0d4a9df69
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
700
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:40 GMT
date
Fri, 22 Nov 2019 15:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache,max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
etag
"0b87e2a635d51:0"
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
login-bg.jpeg
bv.com.do/onlinebanking/Content/css/VIMENCA/img/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bv.com.do/onlinebanking/Content/css/VIMENCA/img/login-bg.jpeg
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
42b20c0d956b7faefdde8884765a0977305bbd262df6e10a157689e9066ca679
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://bv.com.do/onlinebanking/Content/css/all.css?v=uk03ltGGCk2VrV25cgAwiThFzM9BHzF74ER7B7O4RGA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:46 GMT
etag
"03f126a635d51:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
date
Fri, 22 Nov 2019 15:47:17 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
content-length
95346
x-xss-protection
1
bv-icomoon.ttf
bv.com.do/onlinebanking/Content/css/VIMENCA/iconsVimenca/fonts/ 		179 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/Content/css/VIMENCA/iconsVimenca/fonts/bv-icomoon.ttf?annogo
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
c20f2d86bd386f85c84f02217c2a51cdcae50119da4a9dd40bbca61ee71c3dd0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://bv.com.do/onlinebanking/Content/css/all.css?v=uk03ltGGCk2VrV25cgAwiThFzM9BHzF74ER7B7O4RGA1
Origin
https://bv.com.do

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jul 2019 15:58:48 GMT
etag
"06c437a635d51:0"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
status
200
cache-control
max-age=86400,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
date
Fri, 22 Nov 2019 15:47:17 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
accept-ranges
bytes
content-length
183564
x-xss-protection
1
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4406
date
Fri, 22 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 22 Nov 2019 16:33:37 GMT
GetProfilePhoto
bv.com.do/onlinebanking/UserProfile/ 		21 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bv.com.do/onlinebanking/UserProfile/GetProfilePhoto
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking/Scripts/js/top.js?v=h8FfwavPaX4v-07JtlanQh-6mSd_lQz758I5TdZjf3o1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
/
Resource Hash
42684800e21346a0d131e682da273738d4efcb338b674c2f0533531b328b169c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
Strict-Transport-Security max-age=157680000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Referer
https://bv.com.do/onlinebanking
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security
max-age=157680000; includeSubDomains;
referrer-policy
no-referrer-when-downgrade
date
Fri, 22 Nov 2019 15:47:18 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
200
cache-control
private,private, no-store, no-cache, must-revalidate,proxy-revalidate, no- transform, max-age=0, post-check=0, pre-check=0
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; default-src 'self' 'unsafe-inline' 'unsafe-eval' http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://www.google-analytics.com https://cdn.jsdelivr.net; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: http://seal.globalsign.com https://www.instantssl.com/wildcard-ssl.html http://ssif1.globalsign.com https://cdn.jsdelivr.net https://www.google-analytics.com;
content-length
21
x-xss-protection
1
Seguridadalaalturadetusexigencias.png
bv.com.do/HelpImages/Banners/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bv.com.do/HelpImages/Banners/Seguridadalaalturadetusexigencias.png
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
179.51.77.203 Santo Domingo Este, Dominican Republic, ASN52471 (Columbus Networks Dominicana, DO),
Reverse DNS
bv.com.do
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ed92c0c60a728c2d364dc6db0310803ea07a8f2bfcb99e48f23e0de8c49c4e9

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 15:47:18 GMT
etag
"b9ee8cffa71d41:0"
last-modified
Thu, 01 Nov 2018 15:46:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
status
200
accept-ranges
bytes
content-length
249558
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1702606123&t=pageview&_s=1&dl=https%3A%2F%2Fbv.com.do%2Fonlinebanking&dp=%2Fonlinebanking&ul=en-us&de=UTF-8&dt=Banco%20M%C3%BAltiple%20Vimenca%2C%20S.%20A.%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABC~&jid=1287195268&gjid=1242234311&cid=346982808.1574437624&tid=UA-69118104-13&_gid=1743786115.1574437624&_r=1&z=293119348
Requested by
Host: bv.com.do
URL: https://bv.com.do/onlinebanking
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bv.com.do/onlinebanking
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Nov 2019 15:47:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| lastViewDressed boolean| supportsStorage function| BannerMe2 function| DrawBanners function| GetScreenName function| loadProfilePhoto function| parsePhotoData object| SII function| isHome function| createGraph function| floatValue function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| LogOnClearForm object| banner function| setOwlBanners object| xmlJsonClass function| tableToGrid object| SIIColor object| Highcharts object| HighchartsAdapter function| lazyload function| LazyLoad function| md5 string| txt function| Color function| Chart string| _page number| _n string| GoogleAnalyticsObject function| sii_ga function| openHelp string| content object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.bv.com.do/ Name: _gat
Value: 1
.bv.com.do/ Name: _ga
Value: GA1.3.346982808.1574437624
bv.com.do/ Name: __RequestVerificationToken_L29ubGluZWJhbmtpbmc1
Value: GpKTgU89hJbYb7f6eznAeOPgbBq_tItlUuaCCkh5yzdbETF-OKFkk78vgOnRm-gyaI5j_dWPKieCWq1x0gBsUwwYwVy4aZ30ccuMwNQ0kvXwZCL9HHMC_mUhmRJfEnDTORTO9XKVNe6GRMGxkbZ29A2
.bv.com.do/ Name: _gid
Value: GA1.3.1743786115.1574437624
bv.com.do/ Name: IB.GUEST
Value: l8sJladKvWEfiwhBBSOjT13MWGoUkH8hghjLrK6difbgToqAVhuOZw_2__2_
bv.com.do/ Name: ASP.NET_SessionId
Value: z1kqo0zl3rttcpi0iw4blhkf