app.habilitacionesnexa.com Open in urlscan Pro
83.229.112.75  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login Show response app.habilitacionesnexa.com/	7 KB 8 KB	291ms 88ms	Document text/html	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 17cf461337aa50d368def15312ed04c2321d72f1b4eacef3dbbcd18e2371a6f8 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private content-length 7489 content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' content-type text/html; charset=utf-8 date Fri, 26 Apr 2024 14:27:34 GMT server Microsoft-IIS/10.0 strict-transport-security max-age=31536000; includeSubDomains x-aspnetmvc-version 5.2 x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by ASP.NET x-xss-protection 1; mode=block
GET H2	200	styles.css app.habilitacionesnexa.com/Content/css/	408 KB 409 KB	89ms 88ms	Stylesheet text/css	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/css/styles.css Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3962a454aa05a20e2c81541930929a996bc25f84f528098cc3094e2fb15f03b3 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Mon, 27 Jun 2022 12:58:02 GMT server Microsoft-IIS/10.0 etag "53c21f89258ad81:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type text/css accept-ranges bytes content-length 418159 x-xss-protection 1; mode=block
GET H2	200	fontawesome.min.js Show response app.habilitacionesnexa.com/Content/js/	1 MB 1 MB	347ms 346ms	Script application/javascript	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/js/fontawesome.min.js Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bb5d7f5d023603a9a95dad23d69d25d14a4edd9ba2313227194a9a4f62bd6564 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Tue, 16 Mar 2021 20:15:14 GMT server Microsoft-IIS/10.0 etag "075e812a11ad71:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type application/javascript accept-ranges bytes content-length 1195450 x-xss-protection 1; mode=block
GET H2	200	nexa-login.png app.habilitacionesnexa.com/Content/assets/img/	3 KB 3 KB	431ms 430ms	Image image/png	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Show image Full URL https://app.habilitacionesnexa.com/Content/assets/img/nexa-login.png Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4acbf79c1618cc2b0b7a64f7c7ffb40af1bc0b3c1d72199170902df27339533b Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Fri, 25 Jun 2021 22:20:41 GMT server Microsoft-IIS/10.0 etag "1534e55106ad71:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 3171 x-xss-protection 1; mode=block
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 855 B	82ms 17ms	Script text/javascript	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software GSE / Resource Hash b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 14:27:34 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 26 Apr 2024 14:27:34 GMT
GET H2	200	jquery-3.5.1.min.js Show response app.habilitacionesnexa.com/Content/js/	87 KB 88 KB	431ms 431ms	Script application/javascript	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/js/jquery-3.5.1.min.js Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Origin https://app.habilitacionesnexa.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Wed, 16 Sep 2020 04:21:54 GMT server Microsoft-IIS/10.0 etag "56799e8e08bd61:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type application/javascript accept-ranges bytes content-length 89476 x-xss-protection 1; mode=block
GET H2	200	Script_Login.js Show response app.habilitacionesnexa.com/Content/Scripts/	2 KB 2 KB	186ms 186ms	Script application/javascript	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/Scripts/Script_Login.js?vers=00008 Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 25c60a5a7cbefbb2e2942e17368b8a22505179f36a5193034808d6578a72f91c Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Mon, 13 Feb 2023 13:15:00 GMT server Microsoft-IIS/10.0 etag "15957e2dad3fd91:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type application/javascript accept-ranges bytes content-length 1635 x-xss-protection 1; mode=block
GET H2	200	play-store.png app.habilitacionesnexa.com/Content/assets/img/	6 KB 6 KB	89ms 88ms	Image image/png	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Show image Full URL https://app.habilitacionesnexa.com/Content/assets/img/play-store.png Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b17a47338bc9657d3671b58aa842a00d244a3e4d355ee9747f5e5733857a62c3 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Mon, 10 Oct 2022 23:18:12 GMT server Microsoft-IIS/10.0 etag "012191fedcd81:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 5753 x-xss-protection 1; mode=block
GET H2	200	app-store.png app.habilitacionesnexa.com/Content/assets/img/	3 KB 3 KB	88ms 87ms	Image image/png	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Show image Full URL https://app.habilitacionesnexa.com/Content/assets/img/app-store.png Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9cd4ddf4fb854d6179f0254d221296977d51bcad3f2293bed562b8a04595bd61 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Mon, 10 Oct 2022 23:18:12 GMT server Microsoft-IIS/10.0 etag "012191fedcd81:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 2801 x-xss-protection 1; mode=block
GET H2	200	nexa-banner.jpg app.habilitacionesnexa.com/Content/assets/img/	162 KB 163 KB	89ms 88ms	Image image/jpeg	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Show image Full URL https://app.habilitacionesnexa.com/Content/assets/img/nexa-banner.jpg Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 58d402e2cdc8228182e393f9fb278744f1b70978d1db5a09fc5bf2fdd90a860a Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Tue, 14 Jun 2022 18:36:39 GMT server Microsoft-IIS/10.0 etag "e7e7c5af1d80d81:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/jpeg accept-ranges bytes content-length 166372 x-xss-protection 1; mode=block
GET H2	200	Metropolis-Regular.otf app.habilitacionesnexa.com/Content/assets/fonts/metropolis/	23 KB 23 KB	87ms 87ms	Font font/otf	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/assets/fonts/metropolis/Metropolis-Regular.otf Requested by Host: app.habilitacionesnexa.com URL: https://app.habilitacionesnexa.com/Content/css/styles.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Content/css/styles.css Origin https://app.habilitacionesnexa.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:34 GMT last-modified Sun, 05 Jul 2020 15:24:53 GMT server Microsoft-IIS/10.0 etag "8050426ee052d61:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type font/otf accept-ranges bytes content-length 23124 x-xss-protection 1; mode=block
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/	509 KB 203 KB	44ms 7ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/ Origin https://app.habilitacionesnexa.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 14:24:00 GMT content-encoding gzip x-content-type-options nosniff age 214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207268 x-xss-protection 0 last-modified Mon, 22 Apr 2024 21:03:35 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 26 Apr 2025 14:24:00 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 188F	0 0	47ms 33ms	Document text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lca9kYjAAAAALDVohAy0PYIcA4KxQzkl1lxzS3V&co=aHR0cHM6Ly9hcHAuaGFiaWxpdGFjaW9uZXNuZXhhLmNvbTo0NDM.&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=4zaseb53zral Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-EDiJ7M9l_ibxJDpdHlciSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.habilitacionesnexa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-EDiJ7M9l_ibxJDpdHlciSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 26 Apr 2024 14:27:34 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	nexa-icono.png app.habilitacionesnexa.com/Content/assets/img/	467 B 574 B	87ms 87ms	Other image/png	83.229.112.75 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://app.habilitacionesnexa.com/Content/assets/img/nexa-icono.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 83.229.112.75 Secaucus, United States, ASN36007 (KAMATERA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bf7776c662fb24ccbdff98d7a581fd8f041919fd77d26a9043303338504d77b8 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://app.habilitacionesnexa.com/Login Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff date Fri, 26 Apr 2024 14:27:35 GMT last-modified Sat, 26 Jun 2021 23:28:38 GMT server Microsoft-IIS/10.0 etag "a443f6fde26ad71:0" x-powered-by ASP.NET x-frame-options SAMEORIGIN content-type image/png accept-ranges bytes content-length 467 x-xss-protection 1; mode=block
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 843E	0 0	23ms 22ms	Document text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Lca9kYjAAAAALDVohAy0PYIcA4KxQzkl1lxzS3V Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_xaTuwoIBI0kyc9STc_6Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://app.habilitacionesnexa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-_xaTuwoIBI0kyc9STc_6Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 26 Apr 2024 14:27:35 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_564211

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.habilitacionesnexa.com
www.google.com
www.gstatic.com
142.250.186.36
2a00:1450:4001:813::2003
83.229.112.75
17cf461337aa50d368def15312ed04c2321d72f1b4eacef3dbbcd18e2371a6f8
25c60a5a7cbefbb2e2942e17368b8a22505179f36a5193034808d6578a72f91c
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
3962a454aa05a20e2c81541930929a996bc25f84f528098cc3094e2fb15f03b3
4acbf79c1618cc2b0b7a64f7c7ffb40af1bc0b3c1d72199170902df27339533b
58d402e2cdc8228182e393f9fb278744f1b70978d1db5a09fc5bf2fdd90a860a
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462
9cd4ddf4fb854d6179f0254d221296977d51bcad3f2293bed562b8a04595bd61
b17a47338bc9657d3671b58aa842a00d244a3e4d355ee9747f5e5733857a62c3
b4a87969c4cc52d70e75db24b6bda485dbb1beef9ab5c4074e4020176ea1713b
bb5d7f5d023603a9a95dad23d69d25d14a4edd9ba2313227194a9a4f62bd6564
bf7776c662fb24ccbdff98d7a581fd8f041919fd77d26a9043303338504d77b8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d