urlscan.io logo urlscan.io
SecurityTrails logo

comunicaciones.davivienda.com Open in urlscan Pro
142.0.160.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-s...
Submission: On April 24 via manual from CO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 20 domains to perform 52 HTTP transactions. The main IP is 142.0.160.17, located in Ashburn, United States and belongs to NETDYNAMICS, US. The main domain is comunicaciones.davivienda.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 13th 2020. Valid for: a year.
This is the only time comunicaciones.davivienda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 142.0.160.17 7160 (NETDYNAMICS)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
19 104.111.246.137 16625 (AKAMAI-AS)
1 54.84.217.202 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 3 142.0.160.13 7160 (NETDYNAMICS)
2 23.45.237.36 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.245.241 16625 (AKAMAI-AS)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 147.75.84.91 54825 (PACKET)
1 2 172.217.23.102 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 147.75.102.13 54825 (PACKET)
1 147.75.84.31 54825 (PACKET)
1 2a03:2880:f12... 32934 (FACEBOOK)
52 22
2    142.0.160.17 (Ashburn, United States)

ASN7160 (NETDYNAMICS, US)
comunicaciones.davivienda.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    104.111.246.137 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-137.deploy.static.akamaitechnologies.com
img03.en25.com
1    54.84.217.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-217-202.compute-1.amazonaws.com
www.daviviendamovil.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    142.0.160.13 (Ashburn, United States)

ASN7160 (NETDYNAMICS, US)
s1585023691.t.eloqua.com
2    23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.111.245.241 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-241.deploy.static.akamaitechnologies.com
tags.bkrtx.com
5    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
static.hotjar.com
2    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
8727234.fls.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1
script.hotjar.com
1    147.75.84.31 (Parsippany, United States)

ASN54825 (PACKET, US)
vars.hotjar.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
19 img03.en25.com comunicaciones.davivienda.com
www.googletagmanager.com
5 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
comunicaciones.davivienda.com
3 fonts.gstatic.com comunicaciones.davivienda.com
3 s1585023691.t.eloqua.com 2 redirects comunicaciones.davivienda.com
2 www.youtube.com code.jquery.com
www.googletagmanager.com
2 www.google.de comunicaciones.davivienda.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net comunicaciones.davivienda.com
connect.facebook.net
2 8727234.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 stackpath.bootstrapcdn.com comunicaciones.davivienda.com
2 comunicaciones.davivienda.com comunicaciones.davivienda.com
1 www.facebook.com comunicaciones.davivienda.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 s.ytimg.com www.youtube.com
1 stags.bluekai.com tags.bkrtx.com
1 static.hotjar.com www.googletagmanager.com
1 tags.bkrtx.com comunicaciones.davivienda.com
1 www.googletagmanager.com comunicaciones.davivienda.com
1 tags.bluekai.com comunicaciones.davivienda.com
1 code.jquery.com comunicaciones.davivienda.com
1 www.daviviendamovil.com comunicaciones.davivienda.com
1 fonts.googleapis.com comunicaciones.davivienda.com
52 24

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
Subject Issuer Validity Valid
comunicaciones.davivienda.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-13 -
2021-03-15		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA		 2019-06-21 -
2020-08-19		 a year crt.sh
*.daviviendamovil.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-16 -
2020-09-15		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-04-14 -
2021-04-10		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2020-02-28 -
2021-05-29		 a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.t.eloqua.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2022-04-08		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Frame ID: A4473B09A674B30017C5D3B5013DA108
Requests: 45 HTTP requests in this frame

Frame: https://8727234.fls.doubleclick.net/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna
Frame ID: 804D08E201D6CA4D03EF77BCA2DF4B56
Requests: 1 HTTP requests in this frame

Frame: https://comunicaciones.davivienda.com/geoloc?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Frame ID: BAE4579B69FFA10F3BAE933C34E789BF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WGFyC5Z80Is?controls=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fcomunicaciones.davivienda.com
Frame ID: B9D1963A178C91AFF828C481A378DE2F
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/42488?ret=html&phint=eventAction%3DClick&phint=eventLabel%3DD%C3%ADgame%20qui%C3%A9n%20lo%20ayuda%20y%20le%20dir%C3%A9%20cuanto%20pierde&phint=eventCategory%3DOpciones&phint=__bk_t%3DDavivienda%20S.A.&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&phint=__bk_v%3D3.1.4&limit=1&r=64901766
Frame ID: 3B473DB99903E138895F3296C47D6E58
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: A7C43BCD878CEA918BEF35CB9E75235F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

52
Requests

96 %
HTTPS

57 %
IPv6

20
Domains

24
Subdomains

22
IPs

6
Countries

536 kB
Transfer

1453 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://s1585023691.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1585023691&PURLSiteID=5&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=6754&PURLRecordID=0&PURLGUID=BED98CEA1F0C412D899C1542EE502190&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0&utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na HTTP 302
  • https://s1585023691.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1585023691&PURLSiteID=5&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=6754&PURLRecordID=0&PURLGUID=BED98CEA1F0C412D899C1542EE502190&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&elq_ck=0&utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na&elqCookie=1 HTTP 302
  • https://tags.bluekai.com/site/41240?vid=bee851dddb9e4344b84c083b8d94910c
Request Chain 26
  • https://8727234.fls.doubleclick.net/activityi;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna HTTP 302
  • https://8727234.fls.doubleclick.net/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna
Request Chain 32
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&gjid=1329107684&_gid=385130418.1587771440&_u=aGBAgEAj~&z=361405207 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207&slf_rd=1&random=2773431930
Request Chain 41
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1826038956&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&ul=en-us&de=UTF-8&dt=Davivienda%20S.A.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Opciones&ea=Click&el=D%C3%ADgame%20qui%C3%A9n%20lo%20ayuda%20y%20le%20dir%C3%A9%20cuanto%20pierde&_u=aGDAAEAj~&jid=812241504&gjid=764304314&cid=742822964.1587771440&tid=UA-156730250-7&_gid=385130418.1587771440&_r=1&gtm=2wg4f055WQ2D3&z=839694403 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_gid=385130418.1587771440&gjid=764304314&_v=j81&z=839694403 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403&slf_rd=1&random=1236814901

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set phishing
comunicaciones.davivienda.com/la-tia-segura/ 		56 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.17 Ashburn, United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
94641646a82ef7d3c10c06d8cdff1bbe9b96ec14c02435edb566ac079dac6dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
comunicaciones.davivienda.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Set-Cookie
SAMESITESET=ELOQUA=1; domain=.davivienda.com; expires=Mon, 24-May-2021 23:37:20 GMT; path=/;SameSite=None; secure ELOQUA=GUID=BED98CEA1F0C412D899C1542EE502190; domain=comunicaciones.davivienda.com; expires=Mon, 24-May-2021 23:37:20 GMT; path=/;SameSite=None; secure; HttpOnly
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options
nosniff
Date
Fri, 24 Apr 2020 23:37:20 GMT
Content-Length
8448
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Origin
https://comunicaciones.davivienda.com

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
status
200
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i&display=swap
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
139f8ee57e20238f5ac4323f38c3f7e515dad8c827d48d6348212606343b44fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Apr 2020 23:37:20 GMT
server
ESF
date
Fri, 24 Apr 2020 23:37:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B340584a0-f43b-4649-9b30-a922e00fc9f7%7D_styles.css
img03.en25.com/Web/BANCODAVIVIENDADAVIPRO/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/Web/BANCODAVIVIENDADAVIPRO/%7B340584a0-f43b-4649-9b30-a922e00fc9f7%7D_styles.css
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72f37e989299598f2f2a8f7a83f9de2e69451fa2f60a9a6fdd8eaaef7788c2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 21 Feb 2020 22:30:50 GMT
ETag
"f319e0916e9d51:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1743
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Bd2677aae-dea5-4c20-9d21-964cc3c5ec81%7D_casita.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Bd2677aae-dea5-4c20-9d21-964cc3c5ec81%7D_casita.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5b75403c7f82aebbad5af40694c3d24834eb6c50a3418f609b84355873a819d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:31 GMT
ETag
"3182def1d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6240
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B0adbe1bf-22d2-4228-b595-f378df7efa3a%7D_davi-sa-blanco.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B0adbe1bf-22d2-4228-b595-f378df7efa3a%7D_davi-sa-blanco.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24638c9471ad939649414077370d18abe810c2212c1be4c0a5675d2eed4464fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:31 GMT
ETag
"58e4e0f1d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
739
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Beb3ae957-1a10-42ee-b43f-f2f6db53fbab%7D_vigilado-blanco.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Beb3ae957-1a10-42ee-b43f-f2f6db53fbab%7D_vigilado-blanco.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3a22c48c8088ad54e3d63532cf2fa12b7d114fea8f7e1575b3b419209f4260c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:33 GMT
ETag
"3d3a7f2d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
831
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Be460732d-f017-45bd-9072-f242b70234c0%7D_davi-sa-gris.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Be460732d-f017-45bd-9072-f242b70234c0%7D_davi-sa-gris.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bc017f7630fad3dc76c0440a93bd94b99311ca682e508debb47b7676df1bdcc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:31 GMT
ETag
"58e4e0f1d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
725
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B2e14ba68-7e2a-4695-b742-c769dbec09d1%7D_vigilado-gris.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B2e14ba68-7e2a-4695-b742-c769dbec09d1%7D_vigilado-gris.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc2d83d0438c1f12fbdc56976e5cc1fe162e897f68ad7958ad64c451644a01b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:33 GMT
ETag
"c5e1ff3d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
828
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Bd5af6c0c-a83c-48e3-9577-4a52c0f92ade%7D_kv-2-min.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Bd5af6c0c-a83c-48e3-9577-4a52c0f92ade%7D_kv-2-min.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22eeb19297812159752244f7d9b35ff3581219e46aa1bb2d20792b47a02e28ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Mar 2020 14:46:03 GMT
ETag
"c3615e4ca1f0d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
113280
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B569de989-d277-482a-97b6-64e4d92e791f%7D_ico-1.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B569de989-d277-482a-97b6-64e4d92e791f%7D_ico-1.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2701f99f901d7da5082b88d70f1c0394004798c8c8d2071d0b59f461c308e972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 20:03:58 GMT
ETag
"2b36dab85fe7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5473
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B3a92a0e3-773b-4209-845b-7c16847a54b9%7D_arrow.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B3a92a0e3-773b-4209-845b-7c16847a54b9%7D_arrow.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6feb1f605732fbd61726ac8826192fe87d496c6350021975ba2addc93b6c8057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 21 Feb 2020 16:42:31 GMT
ETag
"1af75e9d5e8d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1302
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Bdedd0f49-c98a-4d14-9eb4-3be16bb3075e%7D_boton.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Bdedd0f49-c98a-4d14-9eb4-3be16bb3075e%7D_boton.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cd6a3991a29702e17eead0c193a50025de6084ca3c5f86e84a7caa83c4eeebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 15:48:08 GMT
ETag
"18a8bafb3be7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
9934
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B4c94f9dd-cb24-4ac0-87ca-c7c311fb6856%7D_ico-2.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B4c94f9dd-cb24-4ac0-87ca-c7c311fb6856%7D_ico-2.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60b2495a119c277dded531c3a54d9095d070402ac92abe25f8cab75e7ff3cbef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 20:03:59 GMT
ETag
"814a1fb95fe7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6396
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B4200c9c9-a5eb-459c-930a-efe9a192ce5d%7D_ico-3.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B4200c9c9-a5eb-459c-930a-efe9a192ce5d%7D_ico-3.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
952182c2bf68d0461e0cb944d771f24ddfe42725cd4af529e28b25349ede5485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 20:03:58 GMT
ETag
"113ccb95fe7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6569
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B6ae69ca7-2f41-4e59-8a86-48b8776c61b0%7D_ico-4.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B6ae69ca7-2f41-4e59-8a86-48b8776c61b0%7D_ico-4.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52f0e2d1fe29d5ff00f82693858918336b6df037c18f50bc943aaf07db47606d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 20:03:58 GMT
ETag
"43da9b95fe7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5967
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Be0b106df-bb9a-4b79-8516-2eba30a96b1e%7D_ico-5.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Be0b106df-bb9a-4b79-8516-2eba30a96b1e%7D_ico-5.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5eff752bf2e9041e5ae3e900bb69adfdb981f973a181eaa4ad595e28231e8b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 20:03:58 GMT
ETag
"113ccb95fe7d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
3555
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7B31b1da3e-26a0-4cae-b936-f92fd6845a61%7D_cierre-min.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B31b1da3e-26a0-4cae-b936-f92fd6845a61%7D_cierre-min.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5fbf616012b6a3705e8fee1a54d339684b8b0cad09ec25be0e13de723156360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Mar 2020 14:46:04 GMT
ETag
"30f6f4ca1f0d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
8628
Expires
Fri, 24 Apr 2020 23:37:20 GMT
vigilado.png
www.daviviendamovil.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.daviviendamovil.com/img/vigilado.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.84.217.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-217-202.compute-1.amazonaws.com
Software
Apache /
Resource Hash
511a6a2411138da226d732e823bfd690c39b5fd9296ea0aa809135509391ceb2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 23:32:47 GMT
Last-Modified
Wed, 29 Jan 2020 20:16:38 GMT
Server
Apache
ETag
"15a4-59d4d048dd580"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
www.daviviendamovil.com, daviviendamovil.com
X-Permitted-Cross-Domain-Policies
master-only
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5540
X-XSS-Protection
1; mode=block
%7Bcf02c27b-dc88-4968-89bf-32e1744cbfde%7D_davi-foot-blanco.png
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Bcf02c27b-dc88-4968-89bf-32e1744cbfde%7D_davi-foot-blanco.png
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00b2678379062072e217aa1bb946fd9ebf1d1600d94f9d70a05e990d1dd13635
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Feb 2020 17:06:31 GMT
ETag
"a20dcf1d8ddd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1204
Expires
Fri, 24 Apr 2020 23:37:20 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Origin
https://comunicaciones.davivienda.com

Response headers

Date
Fri, 24 Apr 2020 23:37:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-15851"
Vary
Accept-Encoding
X-HW
1587771433.dop123.fr8.shc,1587771433.dop123.fr8.t,1587771440.cds133.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30638
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Origin
https://comunicaciones.davivienda.com

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:52 GMT
status
200
etag
"1574963572"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15919
41240
tags.bluekai.com/site/
Redirect Chain
  • https://s1585023691.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1585023691&PURLSiteID=5&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=6754&PURLRecordID=0&PURLGUID=BED98CEA1F0C412D899C1542...
  • https://s1585023691.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1585023691&PURLSiteID=5&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=6754&PURLRecordID=0&PURLGUID=BED98CEA1F0C412D899...
  • https://tags.bluekai.com/site/41240?vid=bee851dddb9e4344b84c083b8d94910c
62 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/41240?vid=bee851dddb9e4344b84c083b8d94910c
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Apr 2020 23:37:22 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
4d8b
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Fri, 24 Apr 2020 23:37:20 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
//tags.bluekai.com/site/41240?vid=bee851dddb9e4344b84c083b8d94910c
Cache-Control
private,no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
183
Expires
-1
gtm.js
www.googletagmanager.com/ 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9798353f012ea78e7cbc1a295c1059fda0decf2b2ca2962d8d9f94903e8c696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
37926
x-xss-protection
0
last-modified
Fri, 24 Apr 2020 22:00:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Apr 2020 23:37:20 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.245.241 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-245-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 24 Apr 2020 23:37:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Mar 2020 16:24:16 GMT
Server
Apache
ETag
"31600f9-7850-5a009da075833"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10546
Expires
Fri, 01 May 2020 23:37:20 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
7126
date
Fri, 24 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 24 Apr 2020 23:38:34 GMT
hotjar-1715772.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1715772.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
04e4fe1d94aef6d315080db0fbc9345e7af95ea9afe0840ec9352ebfe443dbb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
content-encoding
br
x-content-type-options
nosniff
section-io-tag
hotjar
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1654
cache-control
max-age=60
etag
W/d3fce82f552b0fa78822e2efe5857faf
access-control-max-age
600
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.078
section-io-id
e9c0ac5d8fe84061c70de75053ca38a6
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-t...
8727234.fls.doubleclick.net/ Frame 804D
Redirect Chain
  • https://8727234.fls.doubleclick.net/activityi;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla...
  • https://8727234.fls.doubleclick.net/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2F...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8727234.fls.doubleclick.net/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8727234.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 24 Apr 2020 23:37:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
469
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 24-Apr-2020 23:52:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 24 Apr 2020 23:37:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8727234.fls.doubleclick.net/activityi;dc_pre=CI_X08WdgukCFdoGiwodEKoAIg;src=8727234;type=remark0;cat=tia1;ord=1;num=7463822574172;gtm=2wg4f0;auiddc=636574279.1587771440;~oref=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
%7B1f96240b-aff0-4513-a58e-ae841ab385a8%7D_bg-3-min.jpg
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7B1f96240b-aff0-4513-a58e-ae841ab385a8%7D_bg-3-min.jpg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96f7f9b1aaddeb98c6b9a6dd987c74c6c1301f56d3512c2ea29ac6067bb81e13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Mar 2020 14:46:03 GMT
ETag
"45ad6c4ca1f0d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
6335
Expires
Fri, 24 Apr 2020 23:37:20 GMT
%7Bb8d7f6e8-b3a2-4210-9fb3-ce76b9562a42%7D_texurat-1-min.jpg
img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img03.en25.com/EloquaImages/clients/BANCODAVIVIENDADAVIPRO/%7Bb8d7f6e8-b3a2-4210-9fb3-ce76b9562a42%7D_texurat-1-min.jpg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38a2e756681d519bc3e3380519198e8fc276e09b6f182c46280424bee29d750c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 02 Mar 2020 14:46:03 GMT
ETag
"9925634ca1f0d51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
5372
Expires
Fri, 24 Apr 2020 23:37:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
JhiOYZ8P23JB4DIVZmB9DF8bnnoTbwvJCxKnpC60ATK2ku1/s35r0Wpey7PuEPGu4nxud3H1U7iWW/k+xgnwbQ==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Fri, 24 Apr 2020 23:37:20 GMT, Fri, 24 Apr 2020 23:37:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1660
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Sat, 25 Apr 2020 00:09:40 GMT
collect
www.google-analytics.com/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1826038956&t=pageview&_s=1&dl=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&ul=en-us&de=UTF-8&dt=Davivienda%20S.A.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=1373042242&gjid=1329107684&cid=742822964.1587771440&tid=UA-156730250-7&_gid=385130418.1587771440&gtm=2wg4f055WQ2D3&z=184442424
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 22:53:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
866650
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&gjid=1329107684&_gid=385130418.1587771440&_u=aGBAgEAj~&z=361405207
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207&slf_rd=1&random=2773431930
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207&slf_rd=1&random=2773431930
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Apr 2020 23:37:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Apr 2020 23:37:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=1373042242&_v=j81&z=361405207&slf_rd=1&random=2773431930
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
250286619111840
connect.facebook.net/signals/config/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/250286619111840?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad68499e0250c29d3d5f3e38f892ae7cc89cf16c2d6fffa2534624f4837f48a0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
xZ/3pKztA3sI7nznmthpB6mwMYP/4BrDqovr/bc3F2Igi58FgrH23bLHyG6E/k4GdtXp7qUiZWhV1VH+8fod0Q==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Fri, 24 Apr 2020 23:37:20 GMT, Fri, 24 Apr 2020 23:37:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
elqCfg.min.js
img03.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img03.en25.com/i/elqCfg.min.js
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.246.137 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-246-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 22 Jan 2020 17:21:27 GMT
ETag
"164336148d1d51:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
2115
Expires
Fri, 24 Apr 2020 23:37:20 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i&display=swap
Origin
https://comunicaciones.davivienda.com

Response headers

date
Fri, 10 Apr 2020 02:52:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:17 GMT
server
sffe
age
1284266
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10996
x-xss-protection
0
expires
Sat, 10 Apr 2021 02:52:54 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i&display=swap
Origin
https://comunicaciones.davivienda.com

Response headers

date
Wed, 01 Apr 2020 18:23:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:22 GMT
server
sffe
age
2006037
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10968
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:23:23 GMT
ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9QPFUew.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9QPFUew.woff2
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58e3184f269e1dbd8e247942242824cf71d306b91b66841f9e119c6af572115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,400i,700,700i&display=swap
Origin
https://comunicaciones.davivienda.com

Response headers

date
Sat, 04 Apr 2020 09:03:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:08 GMT
server
sffe
age
1780448
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
12660
x-xss-protection
0
expires
Sun, 04 Apr 2021 09:03:12 GMT
geoloc
comunicaciones.davivienda.com/ Frame BAE4 		17 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://comunicaciones.davivienda.com/geoloc?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.17 Ashburn, United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
bdb36e1bbaf92f73ec25d7ac182ba9c9aab35d9482ee6c2f4ff3e9915fe42b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
comunicaciones.davivienda.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
SAMESITESET=ELOQUA=1; ELOQUA=GUID=BED98CEA1F0C412D899C1542EE502190; _gcl_au=1.1.636574279.1587771440; _ga=GA1.2.742822964.1587771440; _gid=GA1.2.385130418.1587771440; _dc_gtm_UA-156730250-7=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na

Response headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options
nosniff
Date
Fri, 24 Apr 2020 23:37:20 GMT
Content-Length
50
WGFyC5Z80Is
www.youtube.com/embed/ Frame B9D1 		0
0
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1826038956&t=pageview&_s=1&dl=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&dp=%2Fdigame-quien-lo-ayuda&ul=en-us&de=UTF-8&dt=D%C3%ADgame%20qui%C3%A9n%20lo%20ayuda%20y%20le%20dir%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAj~&jid=&gjid=&cid=742822964.1587771440&tid=UA-156730250-7&_gid=385130418.1587771440&gtm=2wg4f055WQ2D3&z=496085230
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Apr 2020 22:53:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
866650
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1826038956&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_gid=385130418.1587771440&gjid=764304314&_v=j81&z=839694403
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403&slf_rd=1&random=1236814901
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403&slf_rd=1&random=1236814901
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Apr 2020 23:37:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Apr 2020 23:37:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-156730250-7&cid=742822964.1587771440&jid=812241504&_v=j81&z=839694403&slf_rd=1&random=1236814901
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WGFyC5Z80Is
www.youtube.com/embed/ Frame B9D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/WGFyC5Z80Is?controls=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fcomunicaciones.davivienda.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/WGFyC5Z80Is?controls=0&rel=0&enablejsapi=1&origin=https%3A%2F%2Fcomunicaciones.davivienda.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na

Response headers

status
200
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
cache-control
no-cache
x-content-type-options
nosniff
date
Fri, 24 Apr 2020 23:37:20 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=-VwrzJK5KoU; path=/; domain=.youtube.com; secure; expires=Wed, 21-Oct-2020 23:37:20 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=-VwrzJK5KoU; path=/; domain=.youtube.com; secure; expires=Wed, 21-Oct-2020 23:37:20 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 25-Apr-2020 00:07:20 GMT YSC=TdizINC-FAQ; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WQ2D3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
dbc99b5f57ddbf0e575a34bf3df1ed833f83450de2fc109361ba5c1f8d7e940a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
42488
stags.bluekai.com/site/ Frame 3B47 		0
0
Cookie set 42488
stags.bluekai.com/site/ Frame 3B47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/42488?ret=html&phint=eventAction%3DClick&phint=eventLabel%3DD%C3%ADgame%20qui%C3%A9n%20lo%20ayuda%20y%20le%20dir%C3%A9%20cuanto%20pierde&phint=eventCategory%3DOpciones&phint=__bk_t%3DDavivienda%20S.A.&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&phint=__bk_v%3D3.1.4&limit=1&r=64901766
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
fa16
Date
Fri, 24 Apr 2020 23:37:20 GMT
Connection
keep-alive
Set-Cookie
bkdc=phx; expires=Wed, 21-Oct-2020 23:37:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJhPD1+ryM9xdOop/69uoUY/D9EiPvZc4AY6mBryy7juKhtJFIISH8+vkrt5ZjNjKhV/zPUZ8USf2XMNCSNjMO50UmmWMCFBBeCPc9Is2cUmF11jMHOc5uCDzIpOGLgUl8cr2z8JRxqjTORfAwmVQYEo0eXAz+zHcY4PumQf7wL4QnW4dW6iwAR+xtOT6ZNfFgSzGZsii5e5dEIpJoLngivRNt7VYd1RPBsGdYHnepRb6F9ypfo4+6yRTx6LZV9jL/2KWA8iaLuFPXDoLZleWnNszx6t3nhvA1VmGF6cSq9MDJIIXBU4OFwNRQ4cXkRCd8JSSVT5wOV1wCAbZn2kW3E/BkZ81suJbXlYNNV8VtdK3rGcRcSKDQ==; expires=Wed, 21-Oct-2020 23:37:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=IvD99eOTGNTUXURZ; expires=Wed, 21-Oct-2020 23:37:20 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl1CGgp3/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl1CGgp3/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57b1814c4d2fdd3ba345727f10565589ccc303acbfdc8ca67e17a1a00d22bc8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89653
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25734
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 20:20:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 01 May 2020 22:43:07 GMT
modules.a3d983311a7a43f86303.js
script.hotjar.com/ 		366 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a3d983311a7a43f86303.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1715772.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress1
Software
/
Resource Hash
2fa64f3357daaa8850b361a600131b0864556baf6a8fb088dfc9461f992d3dc5

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT
content-encoding
br
age
143684
status
200
section-io-cache
Hit
content-length
70668
last-modified
Thu, 23 Apr 2020 07:39:34 GMT
etag
"2d642e5af529dc326754fff6fd627bc4"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.086
section-io-id
21c031a053a76c60b5dd2193e6055391
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame A7C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1715772.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.31 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na

Response headers

status
200
date
Fri, 24 Apr 2020 23:37:19 GMT
content-type
text/html
content-length
851
last-modified
Wed, 25 Mar 2020 15:18:29 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.092
section-origin-responded
true
age
2570829
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
b4858f994fa67e257469bb7e4f5a9dcc
svrGP
s1585023691.t.eloqua.com/visitor/v200/ 		49 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1585023691.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1585023691&ref2=elqNone&tzo=-60&ms=755&optin=disabled
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.13 Ashburn, United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Fri, 24 Apr 2020 23:37:20 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
private,no-cache, no-store
Content-Type
image/gif
Content-Length
49
Expires
-1
/
www.facebook.com/tr/ 		44 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=250286619111840&ev=PageView&dl=https%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&rl=&if=false&ts=1587771440770&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1587771440769.581865249&it=1587771440477&coo=false&rqm=GET
Requested by
Host: comunicaciones.davivienda.com
URL: https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://comunicaciones.davivienda.com/la-tia-segura/phishing?utm_source=sms&utm_medium=sms&utm_campaign=phishing_slf&utm_content=tia-segura_sms_na&utm_term=na
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 24 Apr 2020 23:37:20 GMT, Fri, 24 Apr 2020 23:37:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 24 Apr 2020 23:37:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/WGFyC5Z80Is?controls=0&rel=0
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/42488?ret=html&phint=day_of_week%3D6&phint=month_of_year%3DApril&phint=utm_source%3Dsms&phint=utm_medium%3Dsms&phint=utm_campaign%3Dphishing_slf&phint=utm_content%3Dtia-segura_sms_na&phint=utm_term%3Dna&phint=__bk_t%3DDavivienda%20S.A.&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fcomunicaciones.davivienda.com%2Fla-tia-segura%2Fphishing%3Futm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dphishing_slf%26utm_content%3Dtia-segura_sms_na%26utm_term%3Dna&phint=__bk_v%3D3.1.4&limit=1&r=15285743

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| bk_async object| google_tag_manager string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| google_tag_data object| _elqQ function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| bootstrap function| onYouTubeIframeAPIReady object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| YT object| YTConfig function| onYTReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| _elq

16 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.bluekai.com/ Name: bkdc
Value: phx
.doubleclick.net/ Name: IDE
Value: AHWqTUnxvkQlziDsfgUn3xR4DxTuomuyLNmDOnYJLDiwfoA-Nb4WZJr9lxUwUAfc
.davivienda.com/ Name: _fbp
Value: fb.1.1587771440769.581865249
.youtube.com/ Name: YSC
Value: TdizINC-FAQ
.davivienda.com/ Name: _gali
Value: consejo5
.bluekai.com/ Name: bku
Value: IvD99eOTGNTUXURZ
.davivienda.com/ Name: _dc_gtm_UA-156730250-7
Value: 1
.davivienda.com/ Name: _hjid
Value: 476aba59-8cda-4a59-b43a-f5e5786a9a35
.davivienda.com/ Name: _ga
Value: GA1.2.742822964.1587771440
.davivienda.com/ Name: _gid
Value: GA1.2.385130418.1587771440
.davivienda.com/ Name: _gcl_au
Value: 1.1.636574279.1587771440
.comunicaciones.davivienda.com/ Name: ELOQUA
Value: GUID=BED98CEA1F0C412D899C1542EE502190
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: -VwrzJK5KoU
.davivienda.com/ Name: _gat_UA-156730250-7
Value: 1
.davivienda.com/ Name: SAMESITESET
Value: ELOQUA=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8727234.fls.doubleclick.net
code.jquery.com
comunicaciones.davivienda.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
img03.en25.com
s.ytimg.com
s1585023691.t.eloqua.com
script.hotjar.com
stackpath.bootstrapcdn.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
vars.hotjar.com
www.daviviendamovil.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
stags.bluekai.com
www.youtube.com
104.111.245.241
104.111.246.137
142.0.160.13
142.0.160.17
147.75.102.13
147.75.84.31
147.75.84.91
172.217.23.102
2001:4de0:ac19::1:b:3a
2001:4de0:ac19::1:b:3b
23.45.237.36
2a00:1450:4001:802::2003
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200e
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.84.217.202
00b2678379062072e217aa1bb946fd9ebf1d1600d94f9d70a05e990d1dd13635
04e4fe1d94aef6d315080db0fbc9345e7af95ea9afe0840ec9352ebfe443dbb2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
139f8ee57e20238f5ac4323f38c3f7e515dad8c827d48d6348212606343b44fc
22eeb19297812159752244f7d9b35ff3581219e46aa1bb2d20792b47a02e28ba
24638c9471ad939649414077370d18abe810c2212c1be4c0a5675d2eed4464fd
2701f99f901d7da5082b88d70f1c0394004798c8c8d2071d0b59f461c308e972
2fa64f3357daaa8850b361a600131b0864556baf6a8fb088dfc9461f992d3dc5
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
38a2e756681d519bc3e3380519198e8fc276e09b6f182c46280424bee29d750c
3a22c48c8088ad54e3d63532cf2fa12b7d114fea8f7e1575b3b419209f4260c8
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
511a6a2411138da226d732e823bfd690c39b5fd9296ea0aa809135509391ceb2
52f0e2d1fe29d5ff00f82693858918336b6df037c18f50bc943aaf07db47606d
57b1814c4d2fdd3ba345727f10565589ccc303acbfdc8ca67e17a1a00d22bc8c
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5eff752bf2e9041e5ae3e900bb69adfdb981f973a181eaa4ad595e28231e8b16
60b2495a119c277dded531c3a54d9095d070402ac92abe25f8cab75e7ff3cbef
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
6cd6a3991a29702e17eead0c193a50025de6084ca3c5f86e84a7caa83c4eeebe
6feb1f605732fbd61726ac8826192fe87d496c6350021975ba2addc93b6c8057
72f37e989299598f2f2a8f7a83f9de2e69451fa2f60a9a6fdd8eaaef7788c2b5
7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94641646a82ef7d3c10c06d8cdff1bbe9b96ec14c02435edb566ac079dac6dae
952182c2bf68d0461e0cb944d771f24ddfe42725cd4af529e28b25349ede5485
96f7f9b1aaddeb98c6b9a6dd987c74c6c1301f56d3512c2ea29ac6067bb81e13
a9798353f012ea78e7cbc1a295c1059fda0decf2b2ca2962d8d9f94903e8c696
ad68499e0250c29d3d5f3e38f892ae7cc89cf16c2d6fffa2534624f4837f48a0
bc017f7630fad3dc76c0440a93bd94b99311ca682e508debb47b7676df1bdcc9
bdb36e1bbaf92f73ec25d7ac182ba9c9aab35d9482ee6c2f4ff3e9915fe42b20
dbc99b5f57ddbf0e575a34bf3df1ed833f83450de2fc109361ba5c1f8d7e940a
dc2d83d0438c1f12fbdc56976e5cc1fe162e897f68ad7958ad64c451644a01b7
e58e3184f269e1dbd8e247942242824cf71d306b91b66841f9e119c6af572115
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f5b75403c7f82aebbad5af40694c3d24834eb6c50a3418f609b84355873a819d
f5fbf616012b6a3705e8fee1a54d339684b8b0cad09ec25be0e13de723156360