urlscan.io logo urlscan.io
SecurityTrails logo

daviviendago.davivienda.com Open in urlscan Pro
200.13.254.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fasttrack-front.debmedia.com/
Effective URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Submission: On December 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 45 HTTP transactions. The main IP is 200.13.254.112, located in Medellín, Colombia and belongs to EPM Telecomunicaciones S.A. E.S.P., CO. The main domain is daviviendago.davivienda.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 1st 2021. Valid for: a year.
This is the only time daviviendago.davivienda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 104.211.58.128 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 159.89.102.253 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.111.228.137 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.215.191 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 200.13.254.112 13489 (EPM Telec...)
45 11
14    104.211.58.128 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fasttrack-front.debmedia.com
daviturno.davivienda.com
ftback.debmedia.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
geolocation-db.com
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com
tags.bkrtx.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
13    200.13.254.112 (Medellín, Colombia)

ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO)
PTR: epm200-13-254-112.epm.net.co
daviviendago.davivienda.com
Domain Requested by
13 daviviendago.davivienda.com fasttrack-front.debmedia.com
daviviendago.davivienda.com
6 daviturno.davivienda.com fasttrack-front.debmedia.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 ftback.debmedia.com fasttrack-front.debmedia.com
4 fasttrack-front.debmedia.com fasttrack-front.debmedia.com
2 geolocation-db.com fasttrack-front.debmedia.com
2 www.googletagmanager.com fasttrack-front.debmedia.com
www.googletagmanager.com
1 www.google.de
1 www.google.com
1 stags.bluekai.com tags.bkrtx.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tags.bkrtx.com www.googletagmanager.com
45 12

This site contains no links.

Subject Issuer Validity Valid
fasttrack-front.debmedia.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
daviturno.davivienda.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-10-07 -
2022-10-07		 a year crt.sh
ftback.debmedia.com
Go Daddy Secure Certificate Authority - G2		 2021-11-24 -
2022-12-26		 a year crt.sh
geolocation-db.com
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2021-04-02 -
2022-04-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
daviviendago.davivienda.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-07-01 -
2022-08-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Frame ID: 509FECFDB200A5345BC0A1881948539F
Requests: 40 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/42488?ret=html&phint=day_of_week%3D3&phint=month_of_year%3DDecember&phint=utm_source%3Dundefined&phint=utm_medium%3Dundefined&phint=utm_campaign%3Dundefined&phint=utm_content%3Dundefined&phint=utm_term%3Dundefined&phint=__bk_t%3DAgendamiento%20-%20Fast-Track%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ffasttrack-front.debmedia.com%2Ffast-track%2Flogin&phint=__bk_v%3D3.1.10&limit=1&r=53669133
Frame ID: D808B398D8D8E512E170110FD50B5316
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Logging Davivienda GO

Page URL History Show full URLs

  1. https://fasttrack-front.debmedia.com/ Page URL
  2. https://ftback.debmedia.com/login HTTP 302
    https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2... Page URL
  3. https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0 Page URL

Page Statistics

45
Requests

87 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

4
Countries

1300 kB
Transfer

6503 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fasttrack-front.debmedia.com/ Page URL
  2. https://ftback.debmedia.com/login HTTP 302
    https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElWcjl6mMk0jGXpHTvljAimk754y6GTQNJV7Y6K4xyv12kei%2BDlKFhP1ECiCqeWGCzXpThNWknaipNVciOvujLphp12%2BiqC%2BS%2F1rbaZtpvLe6wPIJL3q9W8NX9arkQwqZ1oC7yX3jKXJKMog53eabQZbFx4eoTKFZHVWRk1ptOIyIlgRIS%2BGR87S1WBfol%2BpxU%2BL2YnwpzXoN7DDNcFZvpAZNxG20iBMU1PHE4s98b92W0vW4Kjuhhc0iqQIQOGXnQmcgz1sWadTubOaPX9n1DvnC%2BAL6Obis5a%2BR4qyyZrYrRc388Y9zn2CIx9wb5CEQ0Oa%2F79boMf Page URL
  3. https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://ftback.debmedia.com/login HTTP 302
  • https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElWcjl6mMk0jGXpHTvljAimk754y6GTQNJV7Y6K4xyv12kei%2BDlKFhP1ECiCqeWGCzXpThNWknaipNVciOvujLphp12%2BiqC%2BS%2F1rbaZtpvLe6wPIJL3q9W8NX9arkQwqZ1oC7yX3jKXJKMog53eabQZbFx4eoTKFZHVWRk1ptOIyIlgRIS%2BGR87S1WBfol%2BpxU%2BL2YnwpzXoN7DDNcFZvpAZNxG20iBMU1PHE4s98b92W0vW4Kjuhhc0iqQIQOGXnQmcgz1sWadTubOaPX9n1DvnC%2BAL6Obis5a%2BR4qyyZrYrRc388Y9zn2CIx9wb5CEQ0Oa%2F79boMf

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fasttrack-front.debmedia.com/ 		684 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fasttrack-front.debmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
0fbd73171e15ea8e5c1758797f73d15d7b4b0ccb581e4898e0775c63491d1949

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 01 Dec 2021 18:59:18 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
684
Connection
keep-alive
X-Powered-By
Express
Accept-Ranges
bytes
ETag
W/"2ac-EoGu8kbOzrhKkHwhf/DmR+kHO2Y"
Vary
Accept-Encoding
bundle.js
fasttrack-front.debmedia.com/static/js/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fasttrack-front.debmedia.com/static/js/bundle.js
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
15ce12c08382b380801ba8aac9c8ee4683d552168b3b211a25fae904500197d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:18 GMT
Content-Encoding
gzip
ETag
W/"8c2c-tB2YXhntoxBgBeZOc6pCTjz1hIg"
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
vendors~main.chunk.js
fasttrack-front.debmedia.com/static/js/ 		4 MB
813 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
8a08f0598bfc0acca1854ac419877d242509acda60f168fd2647b91c8389ac4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:18 GMT
Content-Encoding
gzip
ETag
W/"3fe18a-L6vhbnwmAasn38rbFwvQpavy1HQ"
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
main.chunk.js
fasttrack-front.debmedia.com/static/js/ 		2 MB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fasttrack-front.debmedia.com/static/js/main.chunk.js
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
f4340ed03fed7299068e0d280374fb823e10059043bcbdbea2b2bb0497996a9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:18 GMT
Content-Encoding
gzip
ETag
W/"1bff09-uBM1UNTqQfNWNA1YjOZSEwDw8SM"
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVZ9WG3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 18:59:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41232
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 18:16:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Dec 2021 18:59:19 GMT
login
ftback.debmedia.com/ 		0
0
branch
daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/branch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-api-token
Origin
https://fasttrack-front.debmedia.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent, x-json, x-prototype-version, Authorization, x-api-token
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
300
queue
daviturno.davivienda.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/queue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-api-token
Origin
https://fasttrack-front.debmedia.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent, x-json, x-prototype-version, Authorization, x-api-token
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
300
branch
daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/branch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-api-token
Origin
https://fasttrack-front.debmedia.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent, x-json, x-prototype-version, Authorization, x-api-token
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
300
queue
daviturno.davivienda.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/queue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-api-token
Origin
https://fasttrack-front.debmedia.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Origin, X-Requested-With, Content-Type, Accept, Referer, User-Agent, x-json, x-prototype-version, Authorization, x-api-token
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
Authorization
Access-Control-Max-Age
300
whoami
ftback.debmedia.com/ 		26 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ftback.debmedia.com/whoami
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
X-Powered-By
Express
ETag
W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fasttrack-front.debmedia.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
26
whoami
ftback.debmedia.com/ 		26 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ftback.debmedia.com/whoami
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
X-Powered-By
Express
ETag
W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fasttrack-front.debmedia.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
26
whoami
ftback.debmedia.com/ 		26 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ftback.debmedia.com/whoami
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
X-Powered-By
Express
ETag
W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fasttrack-front.debmedia.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Content-Length
26
branch
daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/branch
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-api-token
qLjUeE2QD7MTMypyXLRoIPnNFSQI7Mkb5wgXz5VM

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 18:59:20 GMT
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
1325
Access-Control-Expose-Headers
Authorization
queue
daviturno.davivienda.com/api/v1/ 		0
0
/
geolocation-db.com/json/ 		168 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation-db.com/json/
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 18:59:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
branch
daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://daviturno.davivienda.com/api/v1/company/Banco%20Davivienda%20SA/branch
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.58.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-api-token
qLjUeE2QD7MTMypyXLRoIPnNFSQI7Mkb5wgXz5VM

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Dec 2021 18:59:20 GMT
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
1325
Access-Control-Expose-Headers
Authorization
queue
daviturno.davivienda.com/api/v1/ 		0
0
/
geolocation-db.com/json/ 		168 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation-db.com/json/
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/vendors~main.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Dec 2021 18:59:19 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-49F9W14PHQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVZ9WG3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 18:59:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61676
x-xss-protection
0
expires
Wed, 01 Dec 2021 18:59:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVZ9WG3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7092
date
Wed, 01 Dec 2021 17:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 19:01:07 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVZ9WG3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-137.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Wed, 01 Dec 2021 18:59:19 GMT
Connection
keep-alive
Content-Length
16078
Expires
Wed, 08 Dec 2021 18:59:19 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 18:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1910
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 Dec 2021 19:27:29 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-49F9W14PHQ&gtm=2oeba1&_p=305483495&sr=1600x1200&ul=en-us&cid=463848844.1638385159&_s=1&dl=https%3A%2F%2Ffasttrack-front.debmedia.com%2Ffast-track%2Flogin&dt=Agendamiento%20-%20Fast-Track%20-%20Login&sid=1638385159&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-49F9W14PHQ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 18:59:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fasttrack-front.debmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-185340868-3&cid=463848844.1638385159&jid=2072135166&gjid=1499187948&_gid=2048527825.1638385159&_u=aGBAgEAjAAAAAE~&z=1465414
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fasttrack-front.debmedia.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Dec 2021 18:59:19 GMT
content-type
text/plain
access-control-allow-origin
https://fasttrack-front.debmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=305483495&t=pageview&_s=1&dl=https%3A%2F%2Ffasttrack-front.debmedia.com%2Ffast-track%2Flogin&ul=en-us&de=UTF-8&dt=Agendamiento%20-%20Fast-Track%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=2072135166&gjid=1499187948&cid=463848844.1638385159&tid=UA-185340868-3&_gid=2048527825.1638385159&gtm=2wgba1TVZ9WG3&z=48779981
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 15:48:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11429
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
42488
stags.bluekai.com/site/ Frame D808 		71 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/42488?ret=html&phint=day_of_week%3D3&phint=month_of_year%3DDecember&phint=utm_source%3Dundefined&phint=utm_medium%3Dundefined&phint=utm_campaign%3Dundefined&phint=utm_content%3Dundefined&phint=utm_term%3Dundefined&phint=__bk_t%3DAgendamiento%20-%20Fast-Track%20-%20Login&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ffasttrack-front.debmedia.com%2Ffast-track%2Flogin&phint=__bk_v%3D3.1.10&limit=1&r=53669133
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
3610
Date
Wed, 01 Dec 2021 18:59:19 GMT
Connection
keep-alive
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185340868-3&cid=463848844.1638385159&jid=2072135166&_u=aGBAgEAjAAAAAE~&z=694371040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 18:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-185340868-3&cid=463848844.1638385159&jid=2072135166&_u=aGBAgEAjAAAAAE~&z=694371040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 18:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
login
ftback.debmedia.com/ 		0
0
login
ftback.debmedia.com/ 		0
0
sso
daviviendago.davivienda.com/nidp/saml2/
Redirect Chain
  • https://ftback.debmedia.com/login
  • https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElW...
438 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElWcjl6mMk0jGXpHTvljAimk754y6GTQNJV7Y6K4xyv12kei%2BDlKFhP1ECiCqeWGCzXpThNWknaipNVciOvujLphp12%2BiqC%2BS%2F1rbaZtpvLe6wPIJL3q9W8NX9arkQwqZ1oC7yX3jKXJKMog53eabQZbFx4eoTKFZHVWRk1ptOIyIlgRIS%2BGR87S1WBfol%2BpxU%2BL2YnwpzXoN7DDNcFZvpAZNxG20iBMU1PHE4s98b92W0vW4Kjuhhc0iqQIQOGXnQmcgz1sWadTubOaPX9n1DvnC%2BAL6Obis5a%2BR4qyyZrYrRc388Y9zn2CIx9wb5CEQ0Oa%2F79boMf
Requested by
Host: fasttrack-front.debmedia.com
URL: https://fasttrack-front.debmedia.com/static/js/main.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fasttrack-front.debmedia.com/fast-track/login

Response headers

Date
Wed, 01 Dec 2021 18:59:09 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Pragma
No-cache
Cache-Control
no-cache no-store no-cache
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738398)
Keep-Alive
timeout=300, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Wed, 01 Dec 2021 18:59:19 GMT
Content-Length
0
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Origin
undefined
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Credentials
true
Location
https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElWcjl6mMk0jGXpHTvljAimk754y6GTQNJV7Y6K4xyv12kei%2BDlKFhP1ECiCqeWGCzXpThNWknaipNVciOvujLphp12%2BiqC%2BS%2F1rbaZtpvLe6wPIJL3q9W8NX9arkQwqZ1oC7yX3jKXJKMog53eabQZbFx4eoTKFZHVWRk1ptOIyIlgRIS%2BGR87S1WBfol%2BpxU%2BL2YnwpzXoN7DDNcFZvpAZNxG20iBMU1PHE4s98b92W0vW4Kjuhhc0iqQIQOGXnQmcgz1sWadTubOaPX9n1DvnC%2BAL6Obis5a%2BR4qyyZrYrRc388Y9zn2CIx9wb5CEQ0Oa%2F79boMf
collect
www.google-analytics.com/g/ 		0
0
Primary Request sso
daviviendago.davivienda.com/nidp/saml2/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
9b385c5b30122afe87dc8b2c7a99529f598fe2be0e4ac5ba696bb1b4f956d5ed
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
Origin
https://daviviendago.davivienda.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?SAMLRequest=nVJNTwIxEP0rm97Zr6BIw0cQYiRBJYAevJihOwuN3XbtzKL%2Be3dBAl44eOzMm%2FfmzWtv%2BFWYYIeetLN9kYSxGA56BIUp5ajirV3gR4XEQQ2zJPeNvqi8lQ5Ik7RQIElWcjl6mMk0jGXpHTvljAimk754y6GTQNJV7Y6K4xyv12kei%2BDlKFhP1ECiCqeWGCzXpThNWknaipNVciOvujLphp12%2BiqC%2BS%2F1rbaZtpvLe6wPIJL3q9W8NX9arkQwqZ1oC7yX3jKXJKMog53eabQZbFx4eoTKFZHVWRk1ptOIyIlgRIS%2BGR87S1WBfol%2BpxU%2BL2YnwpzXoN7DDNcFZvpAZNxG20iBMU1PHE4s98b92W0vW4Kjuhhc0iqQIQOGXnQmcgz1sWadTubOaPX9n1DvnC%2BAL6Obis5a%2BR4qyyZrYrRc388Y9zn2CIx9wb5CEQ0Oa%2F79boMf

Response headers

Date
Wed, 01 Dec 2021 18:59:11 GMT
X-FRAME-OPTIONS
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
via-ESP
null,NIDPLOGGING.600105004 session33-EC8C8E33E71D5D616B501FC21472B8F7 null,NIDPLOGGING.600105004 session33-EC8C8E33E71D5D616B501FC21472B8F7,NIDPLOGGING.600105002 session220-EC8C8E33E71D5D616B501FC21472B8F7
Pragma
No-cache
Cache-Control
no-cache no-store no-cache
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738400)
Keep-Alive
timeout=300, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Daviviendago.css
daviviendago.davivienda.com/nidp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/css/Daviviendago.css
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
0b581b1c5fe7eb2af778411e82f90d20a73cfbc6bd818a2df44118f5ec0c08b5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 14:54:46 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"5169-1558104886000-gzip"
Transfer-Encoding
chunked
Content-Type
text/css
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738401)
Date
Wed, 01 Dec 2021 18:59:11 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=98
jquery-1.8.2.min.js
daviviendago.davivienda.com/nidp/javascript/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/javascript/jquery-1.8.2.min.js
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 21:04:21 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"93436-1558127061000-gzip"
Transfer-Encoding
chunked
Content-Type
text/javascript
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738402)
Date
Wed, 01 Dec 2021 18:59:11 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=97
jquery.min.js
daviviendago.davivienda.com/nidp/javascript/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/javascript/jquery.min.js
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 02:48:08 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"86927-1563850088000-gzip"
Transfer-Encoding
chunked
Content-Type
text/javascript
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738404)
Date
Wed, 01 Dec 2021 18:59:11 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=100
showhide_2.js
daviviendago.davivienda.com/nidp/images/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/images/showhide_2.js
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
a39c5afab115a4e0e3ca799101c808ef3b5c8e18e9fbe45be710087b2599c8a9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Jan 2019 16:34:36 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"3542-1548866076000-gzip"
Transfer-Encoding
chunked
Content-Type
text/javascript
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738403)
Date
Wed, 01 Dec 2021 18:59:11 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=100
login_jsp.js
daviviendago.davivienda.com/nidp/javascript/ 		226 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/javascript/login_jsp.js
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
40df1bdbef3257dd2e9d42fc273f8750de7e18a03e8dad18ab9ad33973bec13d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Jan 2019 16:34:36 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"226-1548866076000-gzip"
Transfer-Encoding
chunked
Content-Type
text/javascript
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738405)
Date
Wed, 01 Dec 2021 18:59:25 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=100
respond.js
daviviendago.davivienda.com/nidp/javascript/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://daviviendago.davivienda.com/nidp/javascript/respond.js
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
2b3a2c8c64cb04fc366c855d46ef267322625b4e62ccbe17bdd66d79a7296ec6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Jan 2019 16:34:36 GMT
X-FRAME-OPTIONS
SAMEORIGIN
ETag
W/"10164-1548866076000-gzip"
Transfer-Encoding
chunked
Content-Type
text/javascript
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738406)
Date
Wed, 01 Dec 2021 18:59:11 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=300, max=100
casita.png
daviviendago.davivienda.com/nidp/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daviviendago.davivienda.com/nidp/images/casita.png
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
f2c0956d54cd75f6871610c90cd04cb615f4957bd847e149b2b33f95ad9e571b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738407)
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 14:47:14 GMT
ETag
W/"2113-1558104434000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Date
Wed, 01 Dec 2021 18:59:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300, max=99
Content-Length
2113
X-XSS-Protection
1; mode=block
Davivienda_GO.png
daviviendago.davivienda.com/nidp/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daviviendago.davivienda.com/nidp/images/Davivienda_GO.png
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
49c3ef31f7cd842632b48f324f9fffd32da6be3b4539e63865f938e59ae03b35
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738408)
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 14:47:41 GMT
ETag
W/"2097-1558104461000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Date
Wed, 01 Dec 2021 18:59:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300, max=98
Content-Length
2097
X-XSS-Protection
1; mode=block
Logo_Davivienda_centro.png
daviviendago.davivienda.com/nidp/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daviviendago.davivienda.com/nidp/images/Logo_Davivienda_centro.png
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
3178cb9170ec32e3f121f3ad2981dcc8447433f36af61c98e732d65b09e7e4eb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738409)
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 14:48:11 GMT
ETag
W/"4395-1558104491000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Date
Wed, 01 Dec 2021 18:59:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300, max=97
Content-Length
4395
X-XSS-Protection
1; mode=block
Vigilado.png
daviviendago.davivienda.com/nidp/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daviviendago.davivienda.com/nidp/images/Vigilado.png
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
49a9dc9b123e89cf603ced08efb008e70c90d15118adbc2523daf6946eed46fd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738411)
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17 May 2019 14:46:22 GMT
ETag
W/"1634-1558104382000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Date
Wed, 01 Dec 2021 18:59:12 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300, max=99
Content-Length
1634
X-XSS-Protection
1; mode=block
Logo_Davivienda.png
daviviendago.davivienda.com/nidp/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daviviendago.davivienda.com/nidp/images/Logo_Davivienda.png
Requested by
Host: daviviendago.davivienda.com
URL: https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.13.254.112 Medellín, Colombia, ASN13489 (EPM Telecomunicaciones S.A. E.S.P., CO),
Reverse DNS
epm200-13-254-112.epm.net.co
Software
/
Resource Hash
9ed6ce93030acc74b695007050b33f60de183262d1a58c52e4d40f6f4c227892
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://daviviendago.davivienda.com/nidp/saml2/sso?id=AccesoExterno&sid=0&option=credential&sid=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Via
1.1 daviviendago.davivienda.com (Access Gateway-ag-0B466B37A9DC11D1-10738412)
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 May 2019 21:34:13 GMT
ETag
W/"3005-1558042453000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png
Date
Wed, 01 Dec 2021 18:59:25 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=300, max=99
Content-Length
3005
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ftback.debmedia.com
URL
https://ftback.debmedia.com/login
Domain
daviturno.davivienda.com
URL
https://daviturno.davivienda.com/api/v1/queue
Domain
daviturno.davivienda.com
URL
https://daviturno.davivienda.com/api/v1/queue
Domain
ftback.debmedia.com
URL
https://ftback.debmedia.com/login
Domain
ftback.debmedia.com
URL
https://ftback.debmedia.com/login
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-49F9W14PHQ&gtm=2oeba1&_p=305483495&sr=1600x1200&ul=en-us&cid=463848844.1638385159&dl=https%3A%2F%2Ffasttrack-front.debmedia.com%2Ffast-track%2Flogin&dt=Agendamiento%20-%20Fast-Track%20-%20Login&sid=1638385159&sct=1&seg=0&_s=2

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| showhide1 function| showhide function| navshowhide function| showhide3tabs function| showhide4tabs function| showhide5tabs function| showhide6tabs function| inputTest function| inputTest2 function| imageSubmit function| onLoadFocus object| respond

14 Cookies

Domain/Path Name / Value
daviviendago.davivienda.com/nidp Name: JSESSIONID
Value: EC8C8E33E71D5D616B501FC21472B8F7
daviviendago.davivienda.com/nidp Name: UrnNovellNidpClusterMemberId
Value: ~03~0Bslo~0A~0B~14omo~0B~0D~08
daviviendago.davivienda.com/nidp Name: TS019c7001
Value: 013f36a6acd067e84f24197bff10d4297f41d41edf9c937256e2e6baebe05d3ffd29ec5775ff8c27b3a5333f3aa13b6c01d7f9f1e2029c35b99dcd0d7dc08ffa04e73559d7bac153a7f90dba3497d77247cdbba05d
.debmedia.com/ Name: _gid
Value: GA1.2.2048527825.1638385159
.debmedia.com/ Name: _ga
Value: GA1.1.463848844.1638385159
.debmedia.com/ Name: _dc_gtm_UA-185340868-3
Value: 1
ftback.debmedia.com/ Name: connect.sid
Value: s%3ATpvoOlUhdx4ETkU8Uj38i0I2PGfL7hS6.hgXsuQxWWFXd2%2BJT%2BbPBa9PqZ0CnK%2BSxM1y5PAAueQI
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJhNA1arQp91CoXsq+OYr3G2G93oTgEMfka/eaMQO9Vp3VIdHmm9oi/kOdI4de7mSDss6bVXlsTweNyBEa1beti81rGkUu5d91jWw1VVAg1Xhwya0G4XYH3GOqdCkDArqFDS9kr+QxT+ZO6A1nMu95uvjGV2wzJCBkQIG9pI7P4v5ouhoIfOsADReYTopNZTMPGTIdJvMNFybU36IXSTIgbKxM6yp6Lib3HLyrZYQb1iblhTUtbQMEr3UeFSz1jd/8goFdTfdZhK81D87jYx30nNNRKTUrIaWnI5RjWu
.bluekai.com/ Name: bku
Value: IvD9994sotamAvQF
.daviviendago.davivienda.com/ Name: ZNPCQ003-33383300
Value: 3cc8a300
.daviviendago.davivienda.com/ Name: TS011e335d
Value: 013f36a6ac3d60e3b390fa090e9774b026f0c8045b9c937256e2e6baebe05d3ffd29ec57750dda9821dd97db51d13b43df6042b1b3c4db3faf83ee3c82e8584b696722c4ae
.debmedia.com/ Name: _ga_49F9W14PHQ
Value: GS1.1.1638385159.1.0.1638385161.0
daviviendago.davivienda.com/ Name: TSa821780b027
Value: 08175eca2eab20003934e9bb576e1945f354e6abed6752368c569579c3d952b2aa2c5f5e15cf0df808f3f79d78113000b56f457a169694f0d054d917ef5a8e5fa0cbc25e6572bd5cc5d38908f370da2a26e3e0f5abfbb0a6646c05d48c50c4bd

3 Console Messages

Source Level URL
Text
network error URL: https://ftback.debmedia.com/whoami
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ftback.debmedia.com/whoami
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ftback.debmedia.com/whoami
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daviturno.davivienda.com
daviviendago.davivienda.com
fasttrack-front.debmedia.com
ftback.debmedia.com
geolocation-db.com
stags.bluekai.com
stats.g.doubleclick.net
tags.bkrtx.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
daviturno.davivienda.com
ftback.debmedia.com
www.google-analytics.com
104.111.215.191
104.111.228.137
104.211.58.128
159.89.102.253
200.13.254.112
2a00:1450:4001:808::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
0b581b1c5fe7eb2af778411e82f90d20a73cfbc6bd818a2df44118f5ec0c08b5
0fbd73171e15ea8e5c1758797f73d15d7b4b0ccb581e4898e0775c63491d1949
15ce12c08382b380801ba8aac9c8ee4683d552168b3b211a25fae904500197d3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2b3a2c8c64cb04fc366c855d46ef267322625b4e62ccbe17bdd66d79a7296ec6
3178cb9170ec32e3f121f3ad2981dcc8447433f36af61c98e732d65b09e7e4eb
40df1bdbef3257dd2e9d42fc273f8750de7e18a03e8dad18ab9ad33973bec13d
49a9dc9b123e89cf603ced08efb008e70c90d15118adbc2523daf6946eed46fd
49c3ef31f7cd842632b48f324f9fffd32da6be3b4539e63865f938e59ae03b35
8a08f0598bfc0acca1854ac419877d242509acda60f168fd2647b91c8389ac4b
9b385c5b30122afe87dc8b2c7a99529f598fe2be0e4ac5ba696bb1b4f956d5ed
9ed6ce93030acc74b695007050b33f60de183262d1a58c52e4d40f6f4c227892
a39c5afab115a4e0e3ca799101c808ef3b5c8e18e9fbe45be710087b2599c8a9
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f2c0956d54cd75f6871610c90cd04cb615f4957bd847e149b2b33f95ad9e571b
f4340ed03fed7299068e0d280374fb823e10059043bcbdbea2b2bb0497996a9b