URL: https://palasoft.com.py/File-4635284/
Submission: On July 27 via manual from US — Scanned from CA

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 192.99.18.106, located in Canada and belongs to OVH, FR. The main domain is palasoft.com.py.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 19th 2022. Valid for: 3 months.
This is the only time palasoft.com.py was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 192.99.18.106 16276 (OVH)
8 69.12.28.22 47087 (AS-ALIC-1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:0:861:ed... 14907 (WIKIMEDIA)
1 2607:f8b0:400... 15169 (GOOGLE)
17 6
Apex Domain
Subdomains
Transfer
8 ameritas.com
www.ameritas.com — Cisco Umbrella Rank: 198836
206 KB
3 palasoft.com.py
palasoft.com.py
35 KB
1 gstatic.com
www.gstatic.com
150 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2741
9 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
967 B
17 5
Domain Requested by
8 www.ameritas.com palasoft.com.py
www.ameritas.com
3 palasoft.com.py www.ameritas.com
1 www.gstatic.com www.google.com
1 upload.wikimedia.org palasoft.com.py
1 www.google.com palasoft.com.py
17 5

This site contains no links.

Subject Issuer Validity Valid
palasoft.com.py
cPanel, Inc. Certification Authority
2022-06-19 -
2022-09-17
3 months crt.sh
www.ameritas.com
Sectigo ECC Extended Validation Secure Server CA
2022-05-11 -
2023-05-11
a year crt.sh
www.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.wikipedia.org
R3
2022-07-10 -
2022-10-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://palasoft.com.py/File-4635284/
Frame ID: 31FCE862D04C54490AA48B628B473E99
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Secure Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

17
Requests

82 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

401 kB
Transfer

1170 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
palasoft.com.py/File-4635284/
7 KB
7 KB
Document
General
Full URL
https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.18.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns51.serverpy.com
Software
Apache /
Resource Hash
6b02f88fd2e3829957cc5e2822a4bdce90bcbf87ec63745edbc5b71a02c2c359

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
6673
Content-Type
text/html
Date
Wed, 27 Jul 2022 20:25:30 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 27 Jul 2022 19:32:32 GMT
Server
Apache
ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js
www.ameritas.com/
248 KB
93 KB
Script
General
Full URL
https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
7b7f644b2ace63ad0c6a1482defcef756640f3413afba91e9caae94c550b8edd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"report_to":"default","max_age":31536000,"include_subdomains":true}
Content-Security-Policy-Report-Only
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; media-src 'self'; frame-src 'self'; form-action 'self'; base-uri 'self'; report-uri https://ameritas.report-uri.com/r/d/csp/wizard; report-to default
Report-To
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://ameritas.report-uri.com/a/d/g"}],"include_subdomains":true}
Connection
keep-alive
Content-Length
94141
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Server
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Upgrade
h2
Access-Control-Allow-Origin
*.ameritas.com
Cache-Control
public, max-age=31536000, immutable
Permissions-Policy
accelerometer=(),camera=(),fullscreen=(self),geolocation=(),microphone=(),payment=(),sync-xhr=(self)
X-Correlation-ID
8r4-5mN4-kOeH
Content-Type
text/javascript; charset=utf-8
Expires
Thu, 27 Jul 2023 20:25:31 GMT
bootstrap.min.css
www.ameritas.com/include/css/
118 KB
21 KB
Stylesheet
General
Full URL
https://www.ameritas.com/include/css/bootstrap.min.css
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-2103385900"
Content-Length
19629
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 12 May 2017 17:55:10 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"0d3c2e548cbd21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
dac-bNFp-q3ey
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
font-awesome.min.css
www.ameritas.com/include/css/
30 KB
9 KB
Stylesheet
General
Full URL
https://www.ameritas.com/include/css/font-awesome.min.css
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="878703194"
Content-Length
6995
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 12 May 2017 17:55:10 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"0d3c2e548cbd21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
5K1-Ip5g-vhKH
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
bootstrap-table.min.css
www.ameritas.com/include/css/
6 KB
4 KB
Stylesheet
General
Full URL
https://www.ameritas.com/include/css/bootstrap-table.min.css
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
caa21e230bb6013532eec8e448b2e0be1c4d16808fdd9bd25395e3c602e75609
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1729805796"
Content-Length
1839
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 12 May 2017 17:55:10 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"0d3c2e548cbd21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
jBP-oYMU-lwJB
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
style_alic.css
www.ameritas.com/include/resources/
70 KB
34 KB
Stylesheet
General
Full URL
https://www.ameritas.com/include/resources/style_alic.css
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
ff6b79f4f2bc6efdf85009b786853ed86c694b5065dc23126b99b902b5438e6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-2036692842"
Content-Length
32519
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 11 Aug 2017 20:22:30 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"07678edf12d31:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
f13-Ha2u-p76Y
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ameritas.css
www.ameritas.com/include/resources/
280 B
2 KB
Stylesheet
General
Full URL
https://www.ameritas.com/include/resources/ameritas.css
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
c8aea846f85981c62eae80293a80dc4d857746c7fffd5045a78eb5c499d9ff3b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-426272416"
Content-Length
317
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Tue, 13 Jun 2017 13:43:22 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"0f9e854be4d21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
4AC-OevF-y4cz
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
jquery.min.js
www.ameritas.com/include/js/
85 KB
31 KB
Script
General
Full URL
https://www.ameritas.com/include/js/jquery.min.js
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-446797310"
Content-Length
30217
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 12 May 2017 17:55:12 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"00f4e648cbd21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
2wN-nf73-5tVa
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
api.js
www.google.com/recaptcha/
850 B
967 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee54df0af8ba4304f838b32b38dfda077c126f112cfe344c744ed71513c90f39
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 20:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 27 Jul 2022 20:25:31 GMT
800px-Logo_Microsoft_Office_365_(2013-2019).svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/
7 KB
9 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/800px-Logo_Microsoft_Office_365_(2013-2019).svg.png?20190416222239
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:861:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
45abe483ba9d36404f49fc5e7e0cc0d9095f6ab1cdba705bc3643c8a0c7d24be
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 17:51:44 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
9227
x-cache-status
hit-front
x-cache
cp1078 hit, cp1082 hit/48
content-disposition
inline;filename*=UTF-8''Logo_Microsoft_Office_365_%282013-2019%29.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp1082"
content-length
7658
x-client-ip
2607:5300:60:7867::7
accept-ranges
bytes
last-modified
Mon, 21 Mar 2022 17:24:31 GMT
server
ATS/8.0.8
etag
d7d0629736474586225fcf83e7a3f7db
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
bootstrap.min.js
www.ameritas.com/include/js/
36 KB
11 KB
Script
General
Full URL
https://www.ameritas.com/include/js/bootstrap.min.js
Requested by
Host: palasoft.com.py
URL: https://palasoft.com.py/File-4635284/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US),
Reverse DNS
Software
Server /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://palasoft.com.py/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Methods
GET, POST, OPTIONS
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1406733713"
Content-Length
9839
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer, strict-origin-when-cross-origin
Last-Modified
Fri, 12 May 2017 17:55:12 GMT
Server
Server
X-Frame-Options
SAMEORIGIN
ETag
"00f4e648cbd21:0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com
Connection
keep-alive
Permissions-Policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-Correlation-ID
jdG-hfXI-dck6
Content-Security-Policy
frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Access-Control-Allow-Headers
"Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
d5af76d8-a90b-4527-b3a3-182207cc3250.woff
www.ameritas.com/include/fonts/alic/
0
0

sa-alerts
palasoft.com.py/wps/wcm/connect/utilities/globalitems/
92 KB
14 KB
XHR
General
Full URL
https://palasoft.com.py/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic
Requested by
Host: www.ameritas.com
URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.18.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns51.serverpy.com
Software
Apache /
Resource Hash
39729b9d8d8b618da79761346f9a6d3a5cee461e624004e1c271e8cd92ada227

Request headers

Accept
text/html, */*; q=0.01
Referer
https://palasoft.com.py/File-4635284/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-dtpc
-66$553531354_84h2vFFIFRUCDJUIUMKBEAMDVQULHMWWTNVNL-0e0

Response headers

Date
Wed, 27 Jul 2022 20:25:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Link
<https://palasoft.com.py/index.php/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=99
Expires
Wed, 11 Jan 1984 05:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/
378 KB
150 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9545c3b5b16671be2fdc41945e54fc2f279dd109b8a0b00d7cc68000a6a34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palasoft.com.py/
Origin
https://palasoft.com.py
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 16:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153164
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 04:02:22 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Jul 2023 16:05:14 GMT
1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
www.ameritas.com/include/fonts/alic/
0
0

rb_4d4e4829-fb85-4698-a437-c1b20a534b52
palasoft.com.py/
92 KB
14 KB
XHR
General
Full URL
https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D66_sn_UIVME61O63CP67QPMJLK7CIT4CFI471R&svrid=-66&flavor=post&vi=FFIFRUCDJUIUMKBEAMDVQULHMWWTNVNL-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=45264363&en=ebhyx2hs&end=1
Requested by
Host: www.ameritas.com
URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.18.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns51.serverpy.com
Software
Apache /
Resource Hash
39729b9d8d8b618da79761346f9a6d3a5cee461e624004e1c271e8cd92ada227

Request headers

Referer
https://palasoft.com.py/File-4635284/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 27 Jul 2022 20:25:33 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Link
<https://palasoft.com.py/index.php/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=98
Expires
Wed, 11 Jan 1984 05:00:00 GMT
rb_4d4e4829-fb85-4698-a437-c1b20a534b52
palasoft.com.py/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.ameritas.com
URL
https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
Domain
www.ameritas.com
URL
https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
Domain
palasoft.com.py
URL
https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D66_sn_UIVME61O63CP67QPMJLK7CIT4CFI471R&svrid=-66&flavor=post&vi=FFIFRUCDJUIUMKBEAMDVQULHMWWTNVNL-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=2468094203&en=ebhyx2hs&end=1

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum function| $ function| onSubmit function| validate number| posted function| validateData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

8 Cookies

Domain/Path Name / Value
www.ameritas.com/ Name: X-Session-ID
Value: 02c7026aa6-989a-449tAn2yXHPdqvej5VOZ056_QLD3YT6b7l4hsSv6RMIE1ps8cEJTSVWWtGGKLGqaoF5_M
.palasoft.com.py/ Name: dtCookie
Value: v_4_srv_-2D66_sn_UIVME61O63CP67QPMJLK7CIT4CFI471R
.palasoft.com.py/ Name: rxVisitor
Value: 1658953531360DDI6K1EKVHH2LD6JHKE3DN2C5NQVHD5A
.palasoft.com.py/ Name: dtLatC
Value: 18
.palasoft.com.py/ Name: dtSa
Value: -
.palasoft.com.py/ Name: rxvt
Value: 1658955331818|1658953531361
palasoft.com.py/ Name: mailchimp_landing_site
Value: https%3A%2F%2Fpalasoft.com.py%2Fwps%2Fwcm%2Fconnect%2Futilities%2Fglobalitems%2Fsa-alerts%3Fsrv%3Dcmpnt%26source%3Dlibrary%26cmpntname%3Dalert-public-alic
.palasoft.com.py/ Name: dtPC
Value: -66$553531354_84h-vFFIFRUCDJUIUMKBEAMDVQULHMWWTNVNL-0e0

6 Console Messages

Source Level URL
Text
javascript error URL: https://palasoft.com.py/File-4635284/
Message:
Access to font at 'https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff' from origin 'https://palasoft.com.py' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com', but only one is allowed.
network error URL: https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://palasoft.com.py/File-4635284/
Message:
Access to font at 'https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf' from origin 'https://palasoft.com.py' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://palasoft.com.py/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D66_sn_UIVME61O63CP67QPMJLK7CIT4CFI471R&svrid=-66&flavor=post&vi=FFIFRUCDJUIUMKBEAMDVQULHMWWTNVNL-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=45264363&en=ebhyx2hs&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)