urlscan.io logo urlscan.io
SecurityTrails logo

plataformabienestar.desaws.compensar.co Open in urlscan Pro
3.230.10.255  Public Scan

Go To Rescan Add Verdict Report
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Submission: On April 25 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 3.230.10.255, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is plataformabienestar.desaws.compensar.co.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 13th 2023. Valid for: a year.
This is the only time plataformabienestar.desaws.compensar.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 3.230.10.255 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.100.29.216 8075 (MICROSOFT...)
1 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
1 190.144.155.110 14080 (Telmex Co...)
25 8
13    3.230.10.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-10-255.compute-1.amazonaws.com
plataformabienestar.desaws.compensar.co
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.100.29.216 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s10.ysocial.net
1    2600:9000:214f:3800:4:7b2c:4c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
plataformabienestar-chatbot.desaws.compensar.co
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:225e:3800:1b:afdd:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
plataformabienestar-imagenes.desaws.compensar.co
1    190.144.155.110 (Bogotá, Colombia)

ASN14080 (Telmex Colombia S.A., CO)
corporativo.compensar.com
Domain Requested by
13 plataformabienestar.desaws.compensar.co plataformabienestar.desaws.compensar.co
4 fonts.googleapis.com plataformabienestar.desaws.compensar.co
client
2 plataformabienestar-imagenes.desaws.compensar.co plataformabienestar.desaws.compensar.co
2 fonts.gstatic.com fonts.googleapis.com
1 corporativo.compensar.com plataformabienestar.desaws.compensar.co
1 plataformabienestar-chatbot.desaws.compensar.co plataformabienestar.desaws.compensar.co
1 s10.ysocial.net plataformabienestar.desaws.compensar.co
1 ajax.googleapis.com plataformabienestar.desaws.compensar.co
25 8

This site contains no links.

Subject Issuer Validity Valid
plataformabienestar.desaws.compensar.co
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.ysocial.net
SSL.com RSA SSL subCA		 2023-03-29 -
2024-04-28		 a year crt.sh
plataformabienestar-chatbot.desaws.compensar.co
Amazon RSA 2048 M01		 2023-03-19 -
2024-04-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
plataformabienestar-imagenes.desaws.compensar.co
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-10		 a year crt.sh
*.compensar.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2024-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plataformabienestar.desaws.compensar.co/auth/login
Frame ID: 724B27EE144451B9DD6E64F7BD17EF20
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bienestar a la carta | Creado por compensar

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

63 %
IPv6

5
Domains

8
Subdomains

8
IPs

3
Countries

5155 kB
Transfer

5226 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
plataformabienestar.desaws.compensar.co/auth/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
f1a84fd1cf67482f064d7ed5faa46272886417b206b94b6b19711cf07402bc9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
allow
GET, POST
apigw-requestid
D8ZGxhiKIAMEYcQ=
content-length
3918
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-type
text/html
date
Tue, 25 Apr 2023 17:06:25 GMT
etag
"6446d847-f4e"
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.23.4
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 17:33:29 GMT
styles.db96faf067876f1d9784.css
plataformabienestar.desaws.compensar.co/ 		398 KB
399 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/styles.db96faf067876f1d9784.css
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
993ba5389cf08c5091bcfeded8f32700ea3ac6ef5444ffa20c54797df0f1d355
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
407398
apigw-requestid
D8ZGyj4qIAMEYEg=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-63766"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
text/css
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
main.5a70c5f6488830000de9.css
plataformabienestar.desaws.compensar.co/ 		398 KB
399 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/main.5a70c5f6488830000de9.css
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
993ba5389cf08c5091bcfeded8f32700ea3ac6ef5444ffa20c54797df0f1d355
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
407398
apigw-requestid
D8ZGyj9xoAMEYlg=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-63766"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
text/css
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
runtime.3f6fb6ea373b85e175df.js
plataformabienestar.desaws.compensar.co/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/runtime.3f6fb6ea373b85e175df.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
6b6e40e0b3250a8c15d115078494fe652aada6ebca3d68ae47811b1e6e0fd800
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plataformabienestar.desaws.compensar.co/auth/login
Origin
https://plataformabienestar.desaws.compensar.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
5019
apigw-requestid
D8ZGyhaeIAMEYKA=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:24:39 GMT
server
nginx/1.23.4
etag
"6446d777-139b"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
polyfills.9782a7ae5c73674abbda.esm.js
plataformabienestar.desaws.compensar.co/ 		103 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/polyfills.9782a7ae5c73674abbda.esm.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
74c248bd09827c09fb8c3fce9dc69e2c9e044917dccbb14d8470cb19613d600c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plataformabienestar.desaws.compensar.co/auth/login
Origin
https://plataformabienestar.desaws.compensar.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
105527
apigw-requestid
D8ZGyjlvIAMEMwA=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:24:39 GMT
server
nginx/1.23.4
etag
"6446d777-19c37"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
scripts.780f1fe03e3d535d06d6.js
plataformabienestar.desaws.compensar.co/ 		773 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/scripts.780f1fe03e3d535d06d6.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
2334836c12957e904f2bd160d40f5ea024328ff23b7bf788ba7f1427b1c5c213
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
773
apigw-requestid
D8ZG0gwHoAMEMiw=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-305"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
main.b3fde9d65ae56749b659.esm.js
plataformabienestar.desaws.compensar.co/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/main.b3fde9d65ae56749b659.esm.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
4533431c99232c7f95726f804f1fa6deadbdad5b5458e53e53838bc8a2ae8fd9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://plataformabienestar.desaws.compensar.co/auth/login
Origin
https://plataformabienestar.desaws.compensar.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
3563168
apigw-requestid
D8ZGyhgZIAMEYwg=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:24:39 GMT
server
nginx/1.23.4
etag
"6446d777-365ea0"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800i&display=swap
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/styles.db96faf067876f1d9784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
516a25fa9f1fc04ef5470289cf1fa91cc2ed2128dbb708f014a6350f87219726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 17:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:06:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 17:06:26 GMT
css2
fonts.googleapis.com/ 		3 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rajdhani:wght@500&family=Roboto:wght@300&display=swap
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/styles.db96faf067876f1d9784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
462d76c3f223908ac8d526377eb0764563347f35ead49d2ad412804f7c58f2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 17:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:06:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 17:06:26 GMT
css2
fonts.googleapis.com/ 		6 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Rajdhani:wght@500&family=Roboto:wght@300&display=swap
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/styles.db96faf067876f1d9784.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f529270baa3c713d0c5b0da78cd6d9bb18d7d39ff9682216e860ad10137e1396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 17:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 17:06:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 17:06:26 GMT
setupchat.js
s10.ysocial.net/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.ysocial.net:8090/js/setupchat.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.100.29.216 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d7a5bc545d9269e36ea0de0f41d1be5027843cabcfd8e66de767b6a49cd581c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 25 Apr 2023 17:06:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Mar 2023 12:42:49 GMT
ETag
W/"2eca-1870e7e453d"
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-user-agent, x-alt-referer, x-custom-session
Content-Length
11978
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5
css2
fonts.googleapis.com/ 		3 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9cd64ca9fca199d4366d499a84f6678bf0a2da7f87fa16217a042b6813d4ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 17:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:09:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 17:06:26 GMT
loading-bienestar-a-la-carta.2f2e17e.gif
plataformabienestar.desaws.compensar.co/ 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plataformabienestar.desaws.compensar.co/loading-bienestar-a-la-carta.2f2e17e.gif
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
31a6713251cdbde0e843b622221c0fa3176fc6a13f9720b914f0c6790d4fa75f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
214654
apigw-requestid
D8ZG_gurIAMEY4Q=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-3467e"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
image/gif
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
get-by-domain
plataformabienestar.desaws.compensar.co/api/experience/domain-login/ 		0
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/api/experience/domain-login/get-by-domain?domain=plataformabienestar.desaws.compensar.co
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/main.b3fde9d65ae56749b659.esm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

access-control-allow-origin
*
Accept
application/json, text/plain, */*
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 17:06:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.23.4
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
allow
GET, POST
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
content-length
0
apigw-requestid
D8ZG_hvtIAMEYkg=
x-xss-protection
1; mode=block
versionManager.json
plataformabienestar-chatbot.desaws.compensar.co/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar-chatbot.desaws.compensar.co/versionManager.json
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/main.b3fde9d65ae56749b659.esm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3800:4:7b2c:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e9e3b006c102eaa12d4ac4b0a4c544cd59351b228d9185cce5e8a2efe705883

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:28 GMT
x-amz-version-id
cKsbV_azlGA1LhciSMx90Q8i0Hxb1Prq
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Mon, 24 Apr 2023 16:12:11 GMT
server
AmazonS3
etag
W/"ddd455d926020dd649a2df998e6d4327"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://plataformabienestar.desaws.compensar.co
access-control-allow-credentials
true
x-amz-cf-id
zSKdEc-fHRK2ma54AahcPhDnMBIY7SDD25uZFiHxcb9JZE0ucvSw6w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plataformabienestar.desaws.compensar.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
399663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plataformabienestar.desaws.compensar.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
399663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
common.56c16318c78f04376b99.esm.js
plataformabienestar.desaws.compensar.co/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/common.56c16318c78f04376b99.esm.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/runtime.3f6fb6ea373b85e175df.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
baffe3c650c783e42b2cf55c0448596fae271da5f124bf67aeac569f89bc3b1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
11922
apigw-requestid
D8ZHDhEeoAMEY_g=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:24:39 GMT
server
nginx/1.23.4
etag
"6446d777-2e92"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
28.d73c8832358f0222e338.esm.js
plataformabienestar.desaws.compensar.co/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plataformabienestar.desaws.compensar.co/28.d73c8832358f0222e338.esm.js
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/runtime.3f6fb6ea373b85e175df.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
0d1e818b2764614ebbca14d804d993cbc7d5616d393eab2bd4833ded3f253ab7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
7588
apigw-requestid
D8ZHDiHioAMEMSw=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:24:39 GMT
server
nginx/1.23.4
etag
"6446d777-1da4"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
application/javascript
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
preLoginDefaultImage.png
plataformabienestar-imagenes.desaws.compensar.co/personalization/defaultCustomizationImage/ 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plataformabienestar-imagenes.desaws.compensar.co/personalization/defaultCustomizationImage/preLoginDefaultImage.png
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3800:1b:afdd:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
192518c78ec226e7b17b155b0f9e582f995f57bc3f064b987f2c5deab15e7a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:28 GMT
x-amz-version-id
.y6x._ErDOIXWqhAXNzr9as3iQfrDXLn
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 15:25:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"5b79e12e4d7c8718c1a5414933c35a09"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
246676
x-amz-cf-id
ICrzw9scnMnkBNSs7k0q7_Cv2Q4zOBIX7F9NqULusm7CTD4Z6ObHnA==
creado-por-compensar.6c42a87.svg
plataformabienestar.desaws.compensar.co/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plataformabienestar.desaws.compensar.co/creado-por-compensar.6c42a87.svg
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
fedc7de6e3737c348e20441fe9b9a68ea42171d566fc93333e4657629c08ee51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
19868
apigw-requestid
D8ZHDjCuIAMEYIg=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-4d9c"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
image/svg+xml
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
header-background.59db80dd602fe7934045.png
plataformabienestar.desaws.compensar.co/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plataformabienestar.desaws.compensar.co/header-background.59db80dd602fe7934045.png
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/main.5a70c5f6488830000de9.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.10.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-10-255.compute-1.amazonaws.com
Software
nginx/1.23.4 /
Resource Hash
d2650539cc932793194b23e83e874f0415e18092097e749691075d159a585542
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/main.5a70c5f6488830000de9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
content-length
143332
apigw-requestid
D8ZHDjPeIAMEY6g=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 19:28:07 GMT
server
nginx/1.23.4
etag
"6446d847-22fe4"
x-frame-options
SAMEORIGIN
allow
GET, POST
content-type
image/png
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
defaultLogoBienestar.svg
plataformabienestar-imagenes.desaws.compensar.co/personalization/defaultCustomizationImage/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plataformabienestar-imagenes.desaws.compensar.co/personalization/defaultCustomizationImage/defaultLogoBienestar.svg
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3800:1b:afdd:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfe57f9633467e3fee898e02ed5a76108592b1ace91a1d621be31e7cab57536a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 17:06:28 GMT
x-amz-version-id
yw9iJuArrLR1EvLr2Jmy49R9G_VizhlZ
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 15:07:40 GMT
server
AmazonS3
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
etag
W/"6d1d14eba5857d78863596b2c48e10b1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
x-amz-cf-id
hYqWrWqNQWi2QrfThEeqIUorCugeCGcfWmyPKA2-izJ2Tu8S5t_Hqw==
chat-btn-open.png
corporativo.compensar.com/PublishingImages/Chat/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corporativo.compensar.com/PublishingImages/Chat/chat-btn-open.png
Requested by
Host: plataformabienestar.desaws.compensar.co
URL: https://plataformabienestar.desaws.compensar.co/auth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.144.155.110 Bogotá, Colombia, ASN14080 (Telmex Colombia S.A., CO),
Reverse DNS
Software
/
Resource Hash
f1f715f69a5392093edbfd3cd47b8bcf314a9f274cabbf3e34a8da3c99dd7bf6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://intranet.compensar.com/
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://plataformabienestar.desaws.compensar.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Request-Method
GET,HEAD
X-Content-Type-Options
nosniff
Date
Tue, 25 Apr 2023 17:06:28 GMT
Age
2347
Connection
Keep-Alive
request-id
a8b6aca0-dcbb-60d2-4a9d-629e072c6fb9
Content-Length
5994
MicrosoftSharePointTeamServices
16.0.0.10394
X-XSS-Protection
0
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
strict-origin
Last-Modified
Thu, 28 Oct 2021 22:32:19 GMT
SPRequestGuid
a8b6aca0-dcbb-60d2-4a9d-629e072c6fb9
ETag
"{2DBB4D88-9250-4E07-9B9F-BC6A09DF979B},4pub"
X-FRAME-OPTIONS
ALLOW-FROM https://intranet.compensar.com/
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Permissions-Policy
geolocation=(self "https://intranet.compensar.com/"), microphone=()
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| ySocialChatInit object| webpackJsonp function| clearImmediate function| setImmediate object| YSocialChat

1 Cookies

Domain/Path Name / Value
s10.ysocial.net/ Name: sessionId
Value: s%3AE-IqpsvLEY6tmo53DSFdsv6oX1R_4e_s.QRG%2BA9Qe%2BA3fJmCg2ZK4jkXGe8CWQwRXmesahiOYvAY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' plataformabienestar.desaws.compensar.co plataformabienestar-admin.desaws.compensar.co *.plataformabienestar.desaws.compensar.co:* *.plataformabienestar-admin.desaws.compensar.co:* https://play.google.com:* https://maps.googleapis.com:* https://securetoken.googleapis.co:* https://fonts.googleapis.com:* https://youtube.com:* https://cdn.firebase.com https://*.firebaseio.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
corporativo.compensar.com
fonts.googleapis.com
fonts.gstatic.com
plataformabienestar-chatbot.desaws.compensar.co
plataformabienestar-imagenes.desaws.compensar.co
plataformabienestar.desaws.compensar.co
s10.ysocial.net
190.144.155.110
23.100.29.216
2600:9000:214f:3800:4:7b2c:4c80:93a1
2600:9000:225e:3800:1b:afdd:f440:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
3.230.10.255
0d1e818b2764614ebbca14d804d993cbc7d5616d393eab2bd4833ded3f253ab7
192518c78ec226e7b17b155b0f9e582f995f57bc3f064b987f2c5deab15e7a7c
1e9e3b006c102eaa12d4ac4b0a4c544cd59351b228d9185cce5e8a2efe705883
2334836c12957e904f2bd160d40f5ea024328ff23b7bf788ba7f1427b1c5c213
2d7a5bc545d9269e36ea0de0f41d1be5027843cabcfd8e66de767b6a49cd581c
31a6713251cdbde0e843b622221c0fa3176fc6a13f9720b914f0c6790d4fa75f
4533431c99232c7f95726f804f1fa6deadbdad5b5458e53e53838bc8a2ae8fd9
462d76c3f223908ac8d526377eb0764563347f35ead49d2ad412804f7c58f2e6
516a25fa9f1fc04ef5470289cf1fa91cc2ed2128dbb708f014a6350f87219726
6b6e40e0b3250a8c15d115078494fe652aada6ebca3d68ae47811b1e6e0fd800
74c248bd09827c09fb8c3fce9dc69e2c9e044917dccbb14d8470cb19613d600c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
993ba5389cf08c5091bcfeded8f32700ea3ac6ef5444ffa20c54797df0f1d355
a9cd64ca9fca199d4366d499a84f6678bf0a2da7f87fa16217a042b6813d4ca5
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
baffe3c650c783e42b2cf55c0448596fae271da5f124bf67aeac569f89bc3b1a
bfe57f9633467e3fee898e02ed5a76108592b1ace91a1d621be31e7cab57536a
d2650539cc932793194b23e83e874f0415e18092097e749691075d159a585542
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1a84fd1cf67482f064d7ed5faa46272886417b206b94b6b19711cf07402bc9c
f1f715f69a5392093edbfd3cd47b8bcf314a9f274cabbf3e34a8da3c99dd7bf6
f529270baa3c713d0c5b0da78cd6d9bb18d7d39ff9682216e860ad10137e1396
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fedc7de6e3737c348e20441fe9b9a68ea42171d566fc93333e4657629c08ee51