pse.todo1.com Open in urlscan Pro
162.159.254.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pse.todo1.com/
Effective URL:
https://pse.todo1.com/index.jsp
Submission: On July 04 via manual (July 4th 2024, 12:56:33 am UTC) from CO — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 162.159.254.111, located in and belongs to CLOUDFLARENET, US. The main domain is pse.todo1.com. The Cisco Umbrella rank of the primary domain is 209023.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 25th 2023. Valid for: a year.

This is the only time pse.todo1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	162.159.254.111 162.159.254.111		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	1

10 162.159.254.111 (None, )

ASN13335 (CLOUDFLARENET, US)

pse.todo1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	todo1.com pse.todo1.com — Cisco Umbrella Rank: 209023	201 KB
10	1

	Domain	Requested by
10	pse.todo1.com	pse.todo1.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid
pse.todo1.com GlobalSign RSA OV SSL CA 2018	`2023-10-25` - `2024-11-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pse.todo1.com/index.jsp
Frame ID: 99A65EDFA6F9EA2D0F00658E274537FE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bancolombia - Pagos PSE

Page URL History Show full URLs

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/ Page URL
https://pse.todo1.com/index.jsp Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

201 kB
Transfer

482 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/ Page URL
https://pse.todo1.com/index.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pse.todo1.com/ HTTP 307
https://pse.todo1.com/

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
pse.todo1.com/
Redirect Chain

http://pse.todo1.com/
https://pse.todo1.com/

175 B
920 B

284ms
179ms

Document
text/html

162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: pse.todo1.com
cf-cache-status: DYNAMIC
cf-ray: 89db27d84c522bd7-FRA
content-encoding: gzip
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-type: text/html; charset=iso-8859-1
date: Thu, 04 Jul 2024 00:56:28 GMT
last-modified: Mon, 08 Feb 2016 14:22:07 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

Redirect headers

Location: https://pse.todo1.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 404 Primary Request index.jsp Show response
pse.todo1.com/ 5 KB
1 KB 180ms
180ms Document
text/html 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/index.jsp

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pse.todo1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: pse.todo1.com
cf-cache-status: DYNAMIC
cf-ray: 89db27d97ce92bd7-FRA
content-encoding: gzip
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-type: text/html; charset=iso-8859-1
date: Thu, 04 Jul 2024 00:56:28 GMT
last-modified: Fri, 03 Nov 2017 00:29:55 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 styles.css
pse.todo1.com/bancolombia/pse/css/ 32 KB
6 KB 68ms
68ms Stylesheet
text/css 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/styles.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab7af8bc8aa5996d0b2dbebdc56a548d447137df96533481dd99266713249fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
cf-cache-status: HIT
age: 7019
ntcoent-length: 32257
content-length: 6472
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 20 Jan 2023 03:01:38 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
vary: Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 89db27da9d6b2bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 bootstrap.css
pse.todo1.com/bancolombia/pse/css/ 98 KB
17 KB 62ms
61ms Stylesheet
text/css 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/bootstrap.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7dc0bf2d9c01efaf41a4aa46d0c551a4ba72d40ce7e0b3dff4b0c421f60b61d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 6192
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 14:00:50 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 89db27da9d6c2bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 bootstrap-ie7.css
pse.todo1.com/bancolombia/pse/css/ 19 KB
2 KB 179ms
179ms Stylesheet
text/css 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/css/bootstrap-ie7.css

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9349a4ed8222210551ccf5913821dc9bd16d539c7592f6739f3f9c7048fc952

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 14:00:50 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/css
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 89db27da9d6d2bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 logo.png
pse.todo1.com/bancolombia/images/ 2 KB
2 KB 60ms
60ms Image
image/png 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pse.todo1.com/bancolombia/images/logo.png

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/index.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a891bc3ebedf2ee3c61f7b1e08944a9976117bb1c546f8dfd9f5c8dd819f16f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 6672
content-length: 2397
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:44 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 89db27daad752bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 icon-error.png
pse.todo1.com/bancolombia/images/ 861 B
959 B 61ms
60ms Image
image/png 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pse.todo1.com/bancolombia/images/icon-error.png

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457839b6033a9e6f927999269afa687d8419e05868de8fb7816466e23de1b604

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 5652
content-length: 861
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:46 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/png
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 89db27dbbe142bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 CIBFontSans-Light.ttf
pse.todo1.com/bancolombia/pse/fonts/cic-sans/ 108 KB
55 KB 63ms
62ms Font
application/font-sfnt 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/fonts/cic-sans/CIBFontSans-Light.ttf

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Origin: https://pse.todo1.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 237
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:58 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/font-sfnt
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 89db27dbce172bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 200 OpenSans-Regular.ttf
pse.todo1.com/bancolombia/pse/fonts/open-sans/ 212 KB
114 KB 60ms
59ms Font
application/font-sfnt 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/bancolombia/pse/fonts/open-sans/OpenSans-Regular.ttf

Requested by

Host: pse.todo1.com
URL: https://pse.todo1.com/bancolombia/pse/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/bancolombia/pse/css/styles.css
Origin: https://pse.todo1.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 237
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 21 Dec 2022 13:59:58 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/font-sfnt
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 89db27dbce182bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

GET
H2 404 favicon.ico
pse.todo1.com/ 5 KB
1 KB 100ms
99ms Other
text/html 162.159.254.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pse.todo1.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.254.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pse.todo1.com/index.jsp
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 00:56:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.todo-1.com *.todo1.com *.newrelic.com *.nr-data.net *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.todo1.com *.google.com; img-src 'self' *.todo1.com *.google.com; child-src *;
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 35
content-encoding: gzip
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 03 Nov 2017 02:38:40 GMT
server: cloudflare
x-frame-options: sameorigin, SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: pse.todo1.com
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 89db27dbce192bd7-FRA
expires: Thu, 04 Jul 2024 01:56:28 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pse.todo1.com/	1969-12-31 23:59:59	Name: NSC_qtf.upep1.dpn443 Value*: 0933a3dfc0b0ac6ce0642c7542a1f725f512b6aa3ec891d36cb9f3b511f81279b5c579dc
			pse.todo1.com/	1970-01-20 21:48:57	Name: __cflb Value: 02DiuDHypNmNMeGZ5QjXWvisgm5pY17dBYyiDHPothKX2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pse.todo1.com/index.jsp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pse.todo1.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .todo1.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .todo-1.com .todo1.com .newrelic.com .nr-data.net .google.com .gstatic.com;style-src 'self' 'unsafe-inline' .todo1.com .google.com; img-src 'self' .todo1.com .google.com; child-src ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pse.todo1.com
162.159.254.111
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
29c37e14534f5caf4eb68cebe17456d391d34351ae8da345e06611fcdeb580b3
457839b6033a9e6f927999269afa687d8419e05868de8fb7816466e23de1b604
5ab7af8bc8aa5996d0b2dbebdc56a548d447137df96533481dd99266713249fb
9a891bc3ebedf2ee3c61f7b1e08944a9976117bb1c546f8dfd9f5c8dd819f16f
decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc
e7dc0bf2d9c01efaf41a4aa46d0c551a4ba72d40ce7e0b3dff4b0c421f60b61d
f9349a4ed8222210551ccf5913821dc9bd16d539c7592f6739f3f9c7048fc952

pse.todo1.com Open in urlscan Pro 162.159.254.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

201 kBTransfer

482 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

pse.todo1.com Open in urlscan Pro
162.159.254.111 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

201 kB
Transfer

482 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions