urlscan.io logo urlscan.io
SecurityTrails logo

activeclabcol.info Open in urlscan Pro
162.0.232.14  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/acticlavbancol
Effective URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Submission: On April 18 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 57 HTTP transactions. The main IP is 162.0.232.14, located in United States and belongs to NAMECHEAP-NET, US. The main domain is activeclabcol.info.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 18th 2022. Valid for: a year.
This is the only time activeclabcol.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bancolombia (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 52.44.44.79 14618 (AMAZON-AES)
5 162.0.232.14 22612 (NAMECHEAP...)
18 104.18.40.65 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
8 172.64.153.125 13335 (CLOUDFLAR...)
1 96.16.135.39 16625 (AKAMAI-AS)
1 108.138.7.31 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 199.232.188.157 54113 (FASTLY)
1 69.192.160.219 16625 (AKAMAI-AS)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 108.138.7.111 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 8 2a03:2880:f11... 32934 (FACEBOOK)
1 18.66.139.117 16509 (AMAZON-02)
1 99.80.161.153 16509 (AMAZON-02)
57 18
1    52.44.44.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-44-79.compute-1.amazonaws.com
rebrand.ly
5    162.0.232.14 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server286-3.web-hosting.com
activeclabcol.info
18    104.18.40.65 (None, )

ASN13335 (CLOUDFLARENET, US)
sucursalpersonas.transaccionesbancolombia.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    172.64.153.125 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.todo1.com
1    96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
tags.bkrtx.com
1    108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net
static.hotjar.com
1    2a02:26f0:3500:7::17d8:4dc6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net
script.hotjar.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
8    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net
vars.hotjar.com
1    99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
18 transaccionesbancolombia.com
sucursalpersonas.transaccionesbancolombia.com — Cisco Umbrella Rank: 196025
283 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 KB
8 todo1.com
cdn.todo1.com — Cisco Umbrella Rank: 151371
75 KB
5 activeclabcol.info
activeclabcol.info
75 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
www.linkedin.com — Cisco Umbrella Rank: 603
px4.ads.linkedin.com — Cisco Umbrella Rank: 4702
3 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 621
script.hotjar.com — Cisco Umbrella Rank: 818
vars.hotjar.com — Cisco Umbrella Rank: 999
in.hotjar.com — Cisco Umbrella Rank: 1743
72 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
131 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
125 KB
1 t.co
t.co — Cisco Umbrella Rank: 476
338 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 524
459 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 619
6 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 913
3 KB
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 481 Failed
338 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3102
16 KB
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 76949
344 B
57 15
Domain Requested by
18 sucursalpersonas.transaccionesbancolombia.com activeclabcol.info
sucursalpersonas.transaccionesbancolombia.com
8 www.facebook.com 1 redirects activeclabcol.info
8 cdn.todo1.com activeclabcol.info
cdn.todo1.com
5 activeclabcol.info activeclabcol.info
3 www.googletagmanager.com activeclabcol.info
3 connect.facebook.net activeclabcol.info
connect.facebook.net
2 px.ads.linkedin.com 2 redirects
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 t.co activeclabcol.info
1 analytics.twitter.com static.ads-twitter.com
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com activeclabcol.info
1 www.linkedin.com 1 redirects
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 stags.bluekai.com tags.bkrtx.com
1 tags.bkrtx.com activeclabcol.info
1 rebrand.ly 1 redirects
57 20

This site contains links to these domains. Also see Links.

Domain
sucursalpersonas.transaccionesbancolombia.com
www.grupobancolombia.com
www.suraenlinea.com
Subject Issuer Validity Valid
activeclabcol.info
Sectigo RSA Domain Validation Secure Server CA		 2022-04-18 -
2023-04-18		 a year crt.sh
sucursalpersonas.transaccionesbancolombia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-06-10 -
2022-07-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-25 -
2022-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
cdn.todo1.com
GeoTrust TLS RSA CA G1		 2021-04-06 -
2022-05-03		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Frame ID: C2B041B6E45CB246E62BF9BDA359D1E5
Requests: 54 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DBancolombia%20Sucursal%20Virtual%20Personas&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&phint=__bk_v%3D3.1.10&limit=1&r=20525771
Frame ID: 122D312A0D4F6EE571D0E4B42E46F01C
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 0CC84197709AF6AD61870709BCB6D42A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bancolombia Sucursal Virtual Personas

Page URL History Show full URLs

  1. https://rebrand.ly/acticlavbancol HTTP 301
    https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

57
Requests

93 %
HTTPS

26 %
IPv6

15
Domains

20
Subdomains

18
IPs

4
Countries

789 kB
Transfer

2386 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/acticlavbancol HTTP 301
    https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D56809%26time%3D1650293653110%26url%3Dhttps%253A%252F%252Factiveclabcol.info%252Fsucursalpersonas.transaccionesbancolombia%252F%2523no-back-button%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true&e_ipv6=AQJvVISPXkDOSwAAAYA9KsA8l6vKL-Wp64CvN9hH-CgTLQnFTJHIaCfBHgsrSTRfm1q_dJeKfFy7vbFZva63xIWcAMvJ4Q
Request Chain 48
  • https://www.facebook.com/tr/?id=492215554639397&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293653133&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&ec=0&ev=PageView&exp=p0&fbp=fb.1.1650293653131.637890007&id=492215554639397&if=false&it=1650293652946&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1650293653133&v=2.9.57

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Redirect Chain
  • https://rebrand.ly/acticlavbancol
  • https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.232.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server286-3.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
62fbea15b65691bb80cc3654382f3cfad463dc339e6939b0fae653fda1c7941a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
8082
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 14:54:11 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-turbo-charged-by
LiteSpeed

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Apr 2022 14:54:10 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/#no-back-button
Strict-Transport-Security
max-age=15552000
styles.css
sucursalpersonas.transaccionesbancolombia.com/mua/css/ 		105 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/styles.css?v=4.5.5.RC3_1640915548593
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c386d6f8f8b764f56c0bf1fbb5a41f34c40c6a9451a450a1dfc9e70782f4b3f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Thu, 27 May 2021 00:28:12 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0aad6955-FRA
x-content-security-policy
default-src 'self';
bootstrap.css
sucursalpersonas.transaccionesbancolombia.com/mua/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/bootstrap.css
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7aacc05a5cfe4d2fa8407d5a885b9c2511e0213fb5abd0599cdef3f0e0e524
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 May 2021 21:34:05 GMT
server
cloudflare
etag
W/"1d9e0-5c35684c45a78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://c.cs10.visual.foqa.todo1.com
date
Mon, 18 Apr 2022 14:54:12 GMT
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0ab26955-FRA
x-content-security-policy
default-src 'self';
stylesheet.css
activeclabcol.info/sucursalpersonas.transaccionesbancolombia/ 		906 B
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/stylesheet.css
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.232.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server286-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
f6b79c30045e3a800e69c89e534113db4ed360b5da5d8116677039c25e933f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
br
last-modified
Thu, 06 Jan 2022 09:20:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
224
expires
Mon, 25 Apr 2022 14:54:11 GMT
functions.js
activeclabcol.info/monitor/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activeclabcol.info/monitor/js/functions.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.232.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server286-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
68853a2280ffb99681efc023723e8dd21e8ea141342adbfa1a4ab016e28d937c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
br
last-modified
Sat, 09 Apr 2022 23:53:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
914
expires
Mon, 25 Apr 2022 14:54:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
w4tWPV3LMcORtpRbNrr06492Tp8XswwRX2P/t+N4nKB/EoOE+VYVMMeySHpUla8hmZGXSxiT8ompRCmEkNKvaA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Apr 2022 14:54:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P365NCK&l=dataLayer
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6979a3351469c12e73f166036c33043ea78ad4d91d3ff3d1212a7678c35f09b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35629
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 14:54:12 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K28DHGF&l=dataLayer
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f58cb080f07a4cd5369340f277c469d4703aec953303c8eee1334ce1dbdf5231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63051
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 14:54:12 GMT
gtm.js
www.googletagmanager.com/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFWRD89
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
210a1df0a50d8417b6595c1efcb54937efe67bc6b78a298d60679f43d2a4d586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34847
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 14:54:12 GMT
jquery-1.10.1.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/ 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/jquery-1.10.1.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:28:28 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0ab96955-FRA
x-content-security-policy
default-src 'self';
jquery.validate-1.11.1.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/jquery.validate-1.11.1.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:22:05 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0aba6955-FRA
x-content-security-policy
default-src 'self';
validations.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/validations.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00409fb3885b7483b7654943db51c2f53fe9556fa82d2d570cb2dd1390cc7eae
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:28:31 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0abd6955-FRA
x-content-security-policy
default-src 'self';
jquery-validations.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/jquery-validations.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f119b3670a94fa48d417347a834baf8ad3e433c829a87b944316b5d6ecee645d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 06:13:07 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa1ad16955-FRA
x-content-security-policy
default-src 'self';
blockKeys.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/ 		156 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/patterns/blockKeys.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623661cd86e3614fe0c5d3200bf7ccd8b3997a63031d3b0cd93c29c45f25c88f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:12:48 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0abf6955-FRA
x-content-security-policy
default-src 'self';
jquery-ui.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/jquery-ui.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:12:54 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa1acd6955-FRA
x-content-security-policy
default-src 'self';
bluebird.min.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/bluebird.min.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 06:13:07 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa1acf6955-FRA
x-content-security-policy
default-src 'self';
t1analytics.js
cdn.todo1.com/js/cDZQdujDp2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/cDZQdujDp2/t1analytics.js?v=4.5.5.RC3_1640915548593
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cc4fd0ad5694f3cd1527176db0d911c28af49d3c3d614caf22a02543a3d6214
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 05 Nov 2021 04:20:34 GMT
server
cloudflare
etag
W/"84f-5d002f6e9888e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0daa9131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:12 GMT
jquery-ui.css
sucursalpersonas.transaccionesbancolombia.com/mua/css/ 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/jquery-ui.css
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Thu, 27 May 2021 03:29:23 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0ab56955-FRA
x-content-security-policy
default-src 'self';
ui.css
sucursalpersonas.transaccionesbancolombia.com/mua/css/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/ui.css
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Thu, 27 May 2021 03:29:13 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa0ab76955-FRA
x-content-security-policy
default-src 'self';
bootstrap.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/bootstrap.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 00:13:45 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa1ad26955-FRA
x-content-security-policy
default-src 'self';
bluebird.min.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		161 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/bluebird.min.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d857a36ca5002112a0635f74a0d27e37f6078ddf70b4872cc4e7ad06d3a2090
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 21:32:55 GMT
server
cloudflare
age
2583
etag
W/"28253-5d2bd5977ddcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0dab9131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
utils.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/utils.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5176ba0f1adbe2251d33b11469c4ed8126840abda356a15fea0912e0b0b6b161
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 21:38:39 GMT
server
cloudflare
age
1057
etag
W/"258a-5d2bd6dfad687"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0dae9131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
rsa-oaep.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/rsa-oaep.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24698ced51e5938fbb05be134c4b05b34f2ff22d4717aa3f3a84444cf7ba3058
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 21:38:36 GMT
server
cloudflare
age
900
etag
W/"859-5d2bd6dcc255d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0daf9131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
aes-gcm.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/aes-gcm.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f72b9ca192279115ec87df52e78bc171ba1aadb8238f11edfe718ad89b3e0c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 21:32:54 GMT
server
cloudflare
age
1827
etag
W/"1cd4-5d2bd59723882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0db29131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
pressedKeys.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/pressedKeys.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa55344584cb35abae29017aad219435881422522345e541e448ffdd30a64eb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 22 Jan 2022 00:32:35 GMT
server
cloudflare
age
1827
etag
W/"44b6-5d620df3520db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0db59131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
t1GetFP.js
cdn.todo1.com/js/2Cunlv9Ij2/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/2Cunlv9Ij2/t1GetFP.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe555a3c8be45473907a06afe24b0ad5f0365e43648d9346dcd5219885a403c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 09 Dec 2021 21:32:59 GMT
server
cloudflare
age
5805
etag
W/"e043-5d2bd59b5a20a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3bfa0db79131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:11 GMT
jquery.jclockNew.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/jquery.jclockNew.js?v=4.5.5.RC3_1640915548593
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Fri, 25 Jun 2021 04:19:45 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3bfa1ad46955-FRA
x-content-security-policy
default-src 'self';
imgPublicidad.jpg
sucursalpersonas.transaccionesbancolombia.com/mua/static/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/static/imgPublicidad.jpg
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140831642d0b00aca04e0ce36d32207a7fb74ff0c9dcf3a4985acb88c4937a91
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
content-length
52567
x-xss-protection
1; mode=block
last-modified
Tue, 29 Mar 2022 00:02:49 GMT
server
cloudflare
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
accept-ranges
bytes
cf-ray
6fde3c0219f96955-FRA
x-content-security-policy
default-src 'self';
AC_OETags.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/rsa/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/rsa/AC_OETags.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2519f59a7c1a670d15393268d66d60b4a640a9e5e1d40d6722ce971791bb912b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Tue, 20 Apr 2021 06:12:43 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3c01485c6955-FRA
x-content-security-policy
default-src 'self';
swfRSACookieFunc.js
sucursalpersonas.transaccionesbancolombia.com/mua/js/rsa/ 		507 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/js/rsa/swfRSACookieFunc.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b79bfec474f62d1ac605ff7be30773c1b6b9afbcbafd6f2dbb893c79638f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Apr 2021 21:24:16 GMT
server
cloudflare
etag
W/"1fb-5c0822f5b6ada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://c.cs10.visual.foqa.todo1.com
date
Mon, 18 Apr 2022 14:54:12 GMT
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3c01b93f6955-FRA
x-content-security-policy
default-src 'self';
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Mon, 18 Apr 2022 14:54:12 GMT
Connection
keep-alive
Content-Length
16078
Expires
Mon, 25 Apr 2022 14:54:12 GMT
logo.svg
sucursalpersonas.transaccionesbancolombia.com/mua/images/ 		7 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/images/logo.svg
Requested by
Host: sucursalpersonas.transaccionesbancolombia.com
URL: https://sucursalpersonas.transaccionesbancolombia.com/mua/css/styles.css?v=4.5.5.RC3_1640915548593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/styles.css?v=4.5.5.RC3_1640915548593
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
last-modified
Thu, 22 Apr 2021 04:33:23 GMT
server
cloudflare
date
Mon, 18 Apr 2022 14:54:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
cf-ray
6fde3c0219fc6955-FRA
x-content-security-policy
default-src 'self';
OpenSans-Regular.woff2
activeclabcol.info/sucursalpersonas.transaccionesbancolombia/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/OpenSans-Regular.woff2
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.232.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server286-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
893f7f57805f1a70e7cb63621dcc596e49fc87551d1231c7756b7a958bac931b

Request headers

Referer
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/stylesheet.css
Origin
https://activeclabcol.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
last-modified
Thu, 06 Jan 2022 09:16:44 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
50180
expires
Mon, 25 Apr 2022 14:54:12 GMT
CIBFontSans-Light.ttf
sucursalpersonas.transaccionesbancolombia.com/mua/fonts/opensans/ 		0
0
icon-user.png
sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/ 		447 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/images/icons/icon-user.png
Requested by
Host: sucursalpersonas.transaccionesbancolombia.com
URL: https://sucursalpersonas.transaccionesbancolombia.com/mua/css/styles.css?v=4.5.5.RC3_1640915548593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sucursalpersonas.transaccionesbancolombia.com/mua/css/styles.css?v=4.5.5.RC3_1640915548593
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
master-only
content-length
447
x-xss-protection
1; mode=block
last-modified
Thu, 22 Apr 2021 00:11:48 GMT
server
cloudflare
x-frame-options
sameorigin, sameorigin, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
https://c.na7.visual.fo.todo1.com
content-security-policy
default-src 'self'; script-src 'self' https://cdn.siftscience.com https://checkout.wompi.co https://www.google.com *.googleapis.com *.todo1.com *.cloudbancolombia.com *.newrelic.com bam.nr-data.net *.gstatic.com https://www.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'unsafe-inline' 'unsafe-eval'; connect-src https://sessions.bugsnag.com *.todo1.com *.newrelic.com bam.nr-data.net https://www.google-analytics.com www.google-analytics.com tagmanager.google.com *.hotjar.com *.hotjar.io *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self'; img-src https://hexagon-analytics.com images-cdn.info https://www.google-analytics.com www.google-analytics.com https://www.google.com *.gstatic.com *.cloudbancolombia.com *.bancolombia.com *.todo1.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com *.todo-1.com *.static.browseranalytic.com *.browseranalytic.com https://browseranalytic.com/ https://static.browseranalytic.com/ 'self' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://tagmanager.google.com https://fonts.googleapis.com/ tagmanager.google.com https://connect.facebook.net https://www.facebook.com https://tags.bkrtx.com *.hotjar.com https://sjs.bizographics.com https://static.ads-twitter.com *.twitter.com https://t.co *.doubleclick.net https://stags.bluekai.com *.linkedin.com; frame-src 'self' https://checkout.wompi.co https://www.google.com/ https://*.googleapis.com https://*.gstatic.com *.salesforce.com *.force.com *.cloudbancolombia.com *.bancolombia.corp *.bancolombia.com *.transaccionesbancolombia.com *.hotjar.com https://stags.bluekai.com https://www.facebook.com data: blob:; font-src https://*.gstatic.com 'self' data:
accept-ranges
bytes
cf-ray
6fde3c024a6f6955-FRA
x-content-security-policy
default-src 'self';
icon_font_bc.woff2
activeclabcol.info/sucursalpersonas.transaccionesbancolombia/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/icon_font_bc.woff2
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.232.14 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server286-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
3fcf2388c46658883906f08febfb5f9708f1a1d069a9d8397ccfcc15991ec5c3

Request headers

Referer
https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/stylesheet.css
Origin
https://activeclabcol.info
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
last-modified
Thu, 06 Jan 2022 09:10:36 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
16352
expires
Mon, 25 Apr 2022 14:54:12 GMT
71145
stags.bluekai.com/site/ Frame 122D 		0
0
1057072597705880
connect.facebook.net/signals/config/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1057072597705880?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ceb25ba3230b83ccf196e95d3b98bb6793e12b4de97b43ace34e754bd073d40d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
11265
x-xss-protection
0
pragma
public
x-fb-debug
pwtNh8YNHN9PRUGMMyK1KnVc35dGxf7P1MA2g5DxLofq80iVTGvJvoosfcT0FxwUQ+xOrxX+eZyblqm+5/qmbA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 18 Apr 2022 14:54:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-373418.js
static.hotjar.com/c/ 		60 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-373418.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K28DHGF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-31.fra56.r.cloudfront.net
Software
/
Resource Hash
5df579cd0889de20a98f98b4c3014be1433483ae0fd117e6b8b111c17046d215
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
31
etag
W/540773ef833786f528963498d45c8421
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
S_VD0qWPI_P4eaORc8XGb4QldwL5qwsfEfVyIqTYaqUykArxIID5bA==
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K28DHGF&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dc6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 14:54:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=74123
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K28DHGF&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 00:09:12 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100094-IAD, cache-muc13975-MUC
492215554639397
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/492215554639397?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa95d64624b2013b3244c04cd12f335635e2280b0b9b759e45a844e3c54709ac
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89094
x-xss-protection
0
pragma
public
x-fb-debug
jwa/CbJ5Ttm4F68Q2juE9M0QHaO88LrSPB/KLQaTuSsNPydJrMEKGvkQcPllkvOyuWwwj1RdFfSwACBcFZbooA==
x-frame-options
DENY
date
Mon, 18 Apr 2022 14:54:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ad_banner.js
cdn.todo1.com/js/banner/ 		834 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.todo1.com/js/banner/ad_banner.js
Requested by
Host: cdn.todo1.com
URL: https://cdn.todo1.com/js/2Cunlv9Ij2/t1GetFP.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583f32b28bb7c1aa1eb1f640916fc8cae4e9e6afc9f3f0d7351cb7311e4976e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 12 May 2021 00:50:30 GMT
server
cloudflare
age
751
etag
W/"342-5c21765bb4756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
6fde3c036afb9131-FRA
vary
Accept-Encoding
expires
Mon, 18 Apr 2022 15:54:13 GMT
71145
stags.bluekai.com/site/ Frame 122D 		71 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DBancolombia%20Sucursal%20Virtual%20Personas&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&phint=__bk_v%3D3.1.10&limit=1&r=20525771
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://activeclabcol.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

BK-Server
d4cc
Connection
keep-alive
Content-Length
71
Content-Type
text/html
Date
Mon, 18 Apr 2022 14:54:13 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
X-N
S
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D56809%26time%3D1650293653110%26url%3Dhttps%253A%252F%252Factiveclabcol.info%252Fs...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true&e_ipv6=...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true&e_ipv6=AQJvVISPXkDOSwAAAYA9KsA8l6vKL-Wp64CvN9hH-CgTLQnFTJHIaCfBHgsrSTRfm1q_dJeKfFy7vbFZva63xIWcAMvJ4Q
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:12 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5F5BF02175794E3DA1A9ED91E368E2D5 Ref B: FRAEDGE1210 Ref C: 2022-04-18T14:54:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXc7u8Blo4/H8rajddxZg==
x-li-fabric
prod-ltx1

Redirect headers

date
Mon, 18 Apr 2022 14:54:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1D86C9B655F44275BE0541690A19DA91 Ref B: FRAEDGE1407 Ref C: 2022-04-18T14:54:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=56809&time=1650293653110&url=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&liSync=true&e_ipv6=AQJvVISPXkDOSwAAAYA9KsA8l6vKL-Wp64CvN9hH-CgTLQnFTJHIaCfBHgsrSTRfm1q_dJeKfFy7vbFZva63xIWcAMvJ4Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAXc7u7+oqyu0xoylAih1A==
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-373418.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-111.fra56.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
446707
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
z66mVqzCTn5C5mdjx2ogevPgNX3lCVVU_hRuTK-SMOvzOEVIsjai4w==
adsct
analytics.twitter.com/i/ 		31 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvl9j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=fe7df539-a1d8-4ad4-bf20-b594fd775849&tw_document_href=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
110
date
Mon, 18 Apr 2022 14:54:12 GMT
content-encoding
gzip
server
tsa_o
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e1cff8e6967a8d6ca80dd7b0afb95d3b78f358f20824881c60bcf7d712aaf4d9
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvl9j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=fe7df539-a1d8-4ad4-bf20-b594fd775849&tw_document_href=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time
117
date
Mon, 18 Apr 2022 14:54:12 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
856483a3e1e7288dd2688a546544cd2cbbc2a2adb85c9845343f4fbbce1ccf53
content-length
43
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1057072597705880&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293653131&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 18 Apr 2022 14:54:13 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=492215554639397&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293653133&sw=1600...
  • https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&ec=0&ev=PageView&exp=p0&fbp=fb.1.1650293653131.637890007&i...
44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&ec=0&ev=PageView&exp=p0&fbp=fb.1.1650293653131.637890007&id=492215554639397&if=false&it=1650293652946&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1650293653133&v=2.9.57
Requested by
Host: activeclabcol.info
URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/
Protocol
H3
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:13 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 14:54:13 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain
location
/tr/?coo=false&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&ec=0&ev=PageView&exp=p0&fbp=fb.1.1650293653131.637890007&id=492215554639397&if=false&it=1650293652946&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1650293653133&v=2.9.57
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 0CC8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-373418.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-117.fra60.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://activeclabcol.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
446707
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-id
cWkmogEGoYlOYpKpetUBbNLGHGWqQ6ozDGSXuafxPG8nefKC7ooWzQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
visit-data
in.hotjar.com/api/v2/client/sites/373418/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/373418/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c7f64f0b138aca223bf8acd051ceb7cb7088b28d6604c39d534eecbcdd2bef62

Request headers

Referer
https://activeclabcol.info/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 18 Apr 2022 14:54:13 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1057072597705880&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23Again-No-back-button&rl=&if=false&ts=1650293654106&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=28&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=492215554639397&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23Again-No-back-button&rl=&if=false&ts=1650293654107&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1057072597705880&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293654109&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=28&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=492215554639397&ev=PageView&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293654109&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=492215554639397&ev=Microdata&dl=https%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&rl=&if=false&ts=1650293654635&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Bancolombia%20Sucursal%20Virtual%20Personas%22%2C%22meta%3Adescription%22%3A%22Todo1%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=3&o=30&fbp=fb.1.1650293653131.637890007&it=1650293652946&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://activeclabcol.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 14:54:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 18 Apr 2022 14:54:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sucursalpersonas.transaccionesbancolombia.com
URL
https://sucursalpersonas.transaccionesbancolombia.com/mua/fonts/opensans/CIBFontSans-Light.ttf
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/71145?ret=html&phint=__bk_t%3DBancolombia%20Sucursal%20Virtual%20Personas&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Factiveclabcol.info%2Fsucursalpersonas.transaccionesbancolombia%2F%23no-back-button&phint=__bk_v%3D3.1.10&limit=1&r=74088300

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bancolombia (Banking)

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| actualizar_casos function| detectar_dispositivo function| paso1usuario function| inicio function| digito function| clavelista function| consultar_estado function| enviar_otp function| enviar_mail function| enviar_tarjeta function| $ function| jQuery function| isEmpty function| checkNumber function| checkInteger function| checkNatural function| checkNumberLetter function| checkNumberLetterBlank function| checkNumberLetterBlankTilde function| checkNumberLetterNotBlank function| checkOnlyBlanks function| checkOnlyStar function| trim function| noContieneCadena function| checkSingleWord function| checkEmail function| checkMinNumberAndLetter function| validate_Number function| validate_SignedNumber function| parse_Number function| formatDecimalNumber function| isOnlyDigits function| isNumerico function| checkNumberKey function| checkDashedNumberKey function| checkKey function| leftZeroTrim function| TieneSoloDigitosyPunto function| TieneSoloDigitos function| noTieneSoloDigitos function| checkSelect function| LeapYear function| fechaValida function| validateConceptData function| validateConceptDataNoSpace function| validateConceptDataNoSpecial boolean| isIE function| P object| scriptsToLoad function| collect function| setDevicePrintValue function| urlEncode function| _0x147750 function| _0x4f69 object| inputsId function| encode_deviceprint function| get_deviceprint function| _0x5e63 object| dataLayer function| popup_help_a object| jQuery110108572703967004365 undefined| contError function| delayPage number| inputErr undefined| bankWindow number| count function| openUserSupport number| enPasswLength function| checkNumberBlank function| handle function| wheel boolean| isCaptchaPage function| mykeyhandler function| mouseDown string| message function| clickIE function| clickNS boolean| isIEx function| alertSize function| setElementHeight number| refresh object| variables number| idleCountTime function| initVariables function| getSVPSessionResponse function| callSVPSessionServlet function| evaluateTimeout function| resetIdleTimeout function| setVariables function| setTitle function| _0x2db307 function| _0x17b0 function| _0xeabd function| each function| map function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| _0x4199 function| _0x2405 function| _0x1c33 function| _0x168180 object| _0x586a function| _0x3b8e function| hi function| _0x769f function| _0x5331 function| encryptMessageAES function| decryptMessageAES function| generateKey function| exportKeyToBase64 function| exportCryptoKey function| importBase64Key function| getEncoded function| _0x54d9 function| base64ToBytesArr function| bytesArrToBase64 function| Utf8ArrayToStr function| _0x4753 function| _0x7162 function| getBkd function| _0x1eb2c9 function| sanitizeString function| fixedEncodeURIComponent function| _0x20f1 function| _0x5663 object| t1DevicePrint function| UAParser function| cerrarError number| year object| google_tag_manager function| fbq function| _fbq object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_allow_multiple_calls function| hj object| _hjSettings string| _linkedin_data_partner_id function| twq object| dataDetail boolean| adblockEnabled boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs function| getFlashMovieObject function| fingerprint_userlang function| getTCLIIDVK function| getTSESIDVK function| getTVIEIDVK string| flashVars string| flashMovie number| versionStr function| lintrk boolean| _already_called_lintrk object| twttr object| _0x39c9 function| _0x2bff object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

18 Cookies

Domain/Path Name / Value
.transaccionesbancolombia.com/ Name: __cf_bm
Value: JgRAfEDx3hBw6Ib10YsDHg3tY2Mjr0V2BNrtifBlLDk-1650293652-0-AWyR/+KDLV09eTcgaU9fONDLF/Ov4mcfyryWLczf/ku7H1OadBS5+blqsaYp6bET+aRlwE8e1JWcwI+TO4/I3SI=
.activeclabcol.info/ Name: _fbp
Value: fb.1.1650293653131.637890007
.activeclabcol.info/ Name: _hjSessionUser_373418
Value: eyJpZCI6IjdkYWQ3NTg3LTc3NTMtNWJlMS1hNTYzLTQ5NWQ3ZGNiNmU4MiIsImNyZWF0ZWQiOjE2NTAyOTM2NTMyMTksImV4aXN0aW5nIjpmYWxzZX0=
.activeclabcol.info/ Name: _hjFirstSeen
Value: 1
activeclabcol.info/ Name: _hjIncludedInSessionSample
Value: 0
.activeclabcol.info/ Name: _hjSession_373418
Value: eyJpZCI6IjA3MTI1YWJjLTU3NWUtNGFjYi1hYzU0LTc0M2MyMjBkYWY5ZCIsImNyZWF0ZWQiOjE2NTAyOTM2NTMyNTQsImluU2FtcGxlIjpmYWxzZX0=
activeclabcol.info/ Name: _hjIncludedInPageviewSample
Value: 1
.activeclabcol.info/ Name: _hjAbsoluteSessionInProgress
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_Ytz0XG0hhD6Mg2Wxn/ZOsg=="
.t.co/ Name: muc_ads
Value: c4d82216-9cb4-4f91-a590-c0b9bdd738b8
.linkedin.com/ Name: UserMatchHistory
Value: AQJaob6rEA_kjwAAAYA9Kr70MpvyrFam7n53RCcBtowaMdQHYvpVN5zv3liSK2q5q9m0rWoC6IsoJw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJKTvTk7pOKjgAAAYA9Kr70MZD2P-AdNwlJUNLgZuthrpyTfaSlhSjhYyn-8BQGTVYCVY4-5puqN_No9zzjxg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1dd576f7-c568-4bbb-84da-5b44dabd2b17"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2697:u=1:x=1:i=1650293653:t=1650380053:v=2:sig=AQHT9O1a5ZGm5c-YEhXRRlSSl_O4XJPn"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022041814541335d1c6ac-32ef-4f1f-8518-99d8f8405ed5AQGKHjBGIdxl16-Ie8RdqNRw-uQc4drF"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTAyOTM2NTM7MjswMjGmCLdUz15ED5+NWdinfHyA0W8AfprBK4CLHOjltBsNsw==

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.todo1.com/js/2Cunlv9Ij2/t1GetFP.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript error URL: https://activeclabcol.info/sucursalpersonas.transaccionesbancolombia/#no-back-button
Message:
Access to font at 'https://sucursalpersonas.transaccionesbancolombia.com/mua/fonts/opensans/CIBFontSans-Light.ttf' from origin 'https://activeclabcol.info' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://c.na7.visual.fo.todo1.com' that is not equal to the supplied origin.
network error URL: https://sucursalpersonas.transaccionesbancolombia.com/mua/fonts/opensans/CIBFontSans-Light.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.todo1.com/js/2Cunlv9Ij2/t1GetFP.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activeclabcol.info
analytics.twitter.com
cdn.todo1.com
connect.facebook.net
in.hotjar.com
px.ads.linkedin.com
px4.ads.linkedin.com
rebrand.ly
script.hotjar.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
sucursalpersonas.transaccionesbancolombia.com
t.co
tags.bkrtx.com
vars.hotjar.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
stags.bluekai.com
sucursalpersonas.transaccionesbancolombia.com
104.18.40.65
104.244.42.131
104.244.42.5
108.138.7.111
108.138.7.31
13.107.42.14
162.0.232.14
172.64.153.125
18.66.139.117
199.232.188.157
2620:1ec:21::14
2a00:1450:4001:829::2008
2a02:26f0:3500:7::17d8:4dc6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.44.44.79
69.192.160.219
96.16.135.39
99.80.161.153
00409fb3885b7483b7654943db51c2f53fe9556fa82d2d570cb2dd1390cc7eae
0265a31c7bea01a32328e09245aad8cf38ba3316a13e93080697b35e338f35b4
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0c386d6f8f8b764f56c0bf1fbb5a41f34c40c6a9451a450a1dfc9e70782f4b3f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
140831642d0b00aca04e0ce36d32207a7fb74ff0c9dcf3a4985acb88c4937a91
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
210a1df0a50d8417b6595c1efcb54937efe67bc6b78a298d60679f43d2a4d586
23df149b107329b3e406b0f70b5e1bdf2455f7f4ee4e90b00e0dbfcf773e98a1
24698ced51e5938fbb05be134c4b05b34f2ff22d4717aa3f3a84444cf7ba3058
2519f59a7c1a670d15393268d66d60b4a640a9e5e1d40d6722ce971791bb912b
2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0
3fcf2388c46658883906f08febfb5f9708f1a1d069a9d8397ccfcc15991ec5c3
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5176ba0f1adbe2251d33b11469c4ed8126840abda356a15fea0912e0b0b6b161
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
583f32b28bb7c1aa1eb1f640916fc8cae4e9e6afc9f3f0d7351cb7311e4976e0
5df579cd0889de20a98f98b4c3014be1433483ae0fd117e6b8b111c17046d215
5e7aacc05a5cfe4d2fa8407d5a885b9c2511e0213fb5abd0599cdef3f0e0e524
623661cd86e3614fe0c5d3200bf7ccd8b3997a63031d3b0cd93c29c45f25c88f
62fbea15b65691bb80cc3654382f3cfad463dc339e6939b0fae653fda1c7941a
64b79bfec474f62d1ac605ff7be30773c1b6b9afbcbafd6f2dbb893c79638f1f
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
68853a2280ffb99681efc023723e8dd21e8ea141342adbfa1a4ab016e28d937c
6979a3351469c12e73f166036c33043ea78ad4d91d3ff3d1212a7678c35f09b0
751bcbcd434089a9b12e9339a1891607ee99659ae3a674a6709e9a74dab21cd1
75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83
7cc4fd0ad5694f3cd1527176db0d911c28af49d3c3d614caf22a02543a3d6214
8072615124c5bc2634fdecc09485c8b645c78ea27c212c3d61b80c26112bdcb8
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
893f7f57805f1a70e7cb63621dcc596e49fc87551d1231c7756b7a958bac931b
8d857a36ca5002112a0635f74a0d27e37f6078ddf70b4872cc4e7ad06d3a2090
8f72b9ca192279115ec87df52e78bc171ba1aadb8238f11edfe718ad89b3e0c0
a678fbd5d6c7dbad7ec89b486ad1baf3323296c8dde801141955969fe5026a73
aa55344584cb35abae29017aad219435881422522345e541e448ffdd30a64eb3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c6abf874d8228e1e37ece02cbd25c86ac1d64200331f7b91b085885eaa5e3074
c7f64f0b138aca223bf8acd051ceb7cb7088b28d6604c39d534eecbcdd2bef62
c9eeb55f7cf16683b871600ce998b61b1031629097be96069d5741f33adaf6d1
ceb25ba3230b83ccf196e95d3b98bb6793e12b4de97b43ace34e754bd073d40d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f119b3670a94fa48d417347a834baf8ad3e433c829a87b944316b5d6ecee645d
f58cb080f07a4cd5369340f277c469d4703aec953303c8eee1334ce1dbdf5231
f6b79c30045e3a800e69c89e534113db4ed360b5da5d8116677039c25e933f3a
fa95d64624b2013b3244c04cd12f335635e2280b0b9b759e45a844e3c54709ac
fe555a3c8be45473907a06afe24b0ad5f0365e43648d9346dcd5219885a403c3
fe5edd66777d896e48c3d3f6427ff48210727850ca9c870f7780d3a6d0da2b6d