palasoft.com.py Open in urlscan Pro
192.99.18.106  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response palasoft.com.py/File-4635284/	7 KB 7 KB	86ms 15ms	Document text/html	192.99.18.106 OVH
General Check archive.org Show headers Download Go to Full URL https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.18.106 , Canada, ASN16276 (OVH, FR), Reverse DNS ns51.serverpy.com Software Apache / Resource Hash 6b02f88fd2e3829957cc5e2822a4bdce90bcbf87ec63745edbc5b71a02c2c359 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 6673 Content-Type text/html Date Wed, 03 Aug 2022 00:40:03 GMT Keep-Alive timeout=5, max=100 Last-Modified Wed, 27 Jul 2022 19:32:32 GMT Server Apache
GET H/1.1	200 OK	ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Show response www.ameritas.com/	248 KB 93 KB	422ms 60ms	Script text/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 7b7f644b2ace63ad0c6a1482defcef756640f3413afba91e9caae94c550b8edd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff NEL {"report_to":"default","max_age":31536000,"include_subdomains":true} Content-Security-Policy-Report-Only default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; media-src 'self'; frame-src 'self'; form-action 'self'; base-uri 'self'; report-uri https://ameritas.report-uri.com/r/d/csp/wizard; report-to default Report-To {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ameritas.report-uri.com/a/d/g"}],"include_subdomains":true} Connection keep-alive Content-Length 94141 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin-when-cross-origin Last-Modified Wed, 03 Mar 2010 07:01:40 GMT Server Server X-Frame-Options sameorigin Strict-Transport-Security max-age=63072000; includeSubDomains Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin *.ameritas.com Cache-Control public, max-age=31536000, immutable Permissions-Policy accelerometer=(),camera=(),fullscreen=(self),geolocation=(),microphone=(),payment=(),sync-xhr=(self) X-Correlation-ID geZ-SW5H-LfwA Expires Thu, 03 Aug 2023 00:40:03 GMT
GET H/1.1	200 OK	bootstrap.min.css www.ameritas.com/include/css/	118 KB 21 KB	463ms 101ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/bootstrap.min.css Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="2035649312" Content-Length 19629 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID 5Zy-XHTM-d19z Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	font-awesome.min.css www.ameritas.com/include/css/	30 KB 9 KB	476ms 115ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/font-awesome.min.css Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="-640164858" Content-Length 6995 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID bLE-dFDz-wBBF Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	bootstrap-table.min.css www.ameritas.com/include/css/	6 KB 4 KB	462ms 101ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/css/bootstrap-table.min.css Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash caa21e230bb6013532eec8e448b2e0be1c4d16808fdd9bd25395e3c602e75609 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="-394357176" Content-Length 1839 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:10 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0d3c2e548cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID gd0-YSLo-QP9q Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	style_alic.css www.ameritas.com/include/resources/	70 KB 34 KB	460ms 100ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/resources/style_alic.css Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash ff6b79f4f2bc6efdf85009b786853ed86c694b5065dc23126b99b902b5438e6e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="1185327843" Content-Length 32519 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 11 Aug 2017 20:22:30 GMT Server Server X-Frame-Options SAMEORIGIN ETag "07678edf12d31:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID 4o3-ODAh-uPuQ Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	ameritas.css www.ameritas.com/include/resources/	280 B 2 KB	456ms 95ms	Stylesheet text/css	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/resources/ameritas.css Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash c8aea846f85981c62eae80293a80dc4d857746c7fffd5045a78eb5c499d9ff3b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="1687267980" Content-Length 317 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Tue, 13 Jun 2017 13:43:22 GMT Server Server X-Frame-Options SAMEORIGIN ETag "0f9e854be4d21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID 1FI-qWqE-UhSi Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	jquery.min.js Show response www.ameritas.com/include/js/	85 KB 31 KB	547ms 91ms	Script application/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/js/jquery.min.js Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="1112825798" Content-Length 30217 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:12 GMT Server Server X-Frame-Options SAMEORIGIN ETag "00f4e648cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID jJG-iVP4-WB6s Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 966 B	310ms 40ms	Script text/javascript	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fa8632fc4e2e47f0eb22b9f49dc24f43b08f8862c843fee3d88d9f4209bb42da Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 00:40:04 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 553 x-xss-protection 1; mode=block expires Wed, 03 Aug 2022 00:40:04 GMT
GET H2	200	800px-Logo_Microsoft_Office_365_(2013-2019).svg.png upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/	19 KB 21 KB	135ms 52ms	Image image/png	2620:0:861:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/c/c3/Logo_Microsoft_Office_365_(2013-2019).svg/800px-Logo_Microsoft_Office_365_(2013-2019).svg.png?20190416222239 Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:861:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash bf061b90dd20707fd3d8c6e023196954c4b64ad8988e6afbecb05aefa86088f7 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 17:56:08 GMT nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 24235 x-cache-status hit-front x-cache cp1080 hit, cp1086 hit/62 content-disposition inline;filename*=UTF-8''Logo_Microsoft_Office_365_%282013-2019%29.svg.png server-timing cache;desc="hit-front", host;desc="cp1086" content-length 19907 x-client-ip 2607:5300:60:7867::13 accept-ranges bytes last-modified Sun, 28 Mar 2021 16:46:31 GMT server ATS/8.0.8 etag 0c14ba580ad7dd31a188dda3b370c3df strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version timing-allow-origin *
GET H/1.1	200 OK	bootstrap.min.js Show response www.ameritas.com/include/js/	36 KB 11 KB	94ms 94ms	Script application/javascript	69.12.28.22 AS-ALIC-1
General Check archive.org Show headers Download Go to Full URL https://www.ameritas.com/include/js/bootstrap.min.js Requested by Host: palasoft.com.py URL: https://palasoft.com.py/File-4635284/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 69.12.28.22 Lincoln, United States, ASN47087 (AS-ALIC-1, US), Reverse DNS Software Server / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1;mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://palasoft.com.py/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Access-Control-Allow-Methods GET, POST, OPTIONS Server-Timing dtSInfo;desc="0", dtRpid;desc="1619836808" Content-Length 9839 X-XSS-Protection 1;mode=block Referrer-Policy no-referrer, strict-origin-when-cross-origin Last-Modified Fri, 12 May 2017 17:55:12 GMT Server Server X-Frame-Options SAMEORIGIN ETag "00f4e648cbd21:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript Access-Control-Allow-Origin "*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com Connection keep-alive Permissions-Policy geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=() X-Correlation-ID 4zo-mqs8-vIx3 Content-Security-Policy frame-ancestors 'self' *.ameritas.com *.employeebenefitservice.com *.inbison.com; script-src * 'unsafe-inline' 'unsafe-eval'; Accept-Ranges bytes Access-Control-Allow-Headers "Origin, X-Requested- With, Content-Type, Accept", DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET		d5af76d8-a90b-4527-b3a3-182207cc3250.woff www.ameritas.com/include/fonts/alic/	0 0
GET H/1.1	404 Not Found	sa-alerts Show response palasoft.com.py/wps/wcm/connect/utilities/globalitems/	92 KB 14 KB	885ms 885ms	XHR text/html	192.99.18.106 OVH
General Check archive.org Show headers Download Go to Full URL https://palasoft.com.py/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic Requested by Host: www.ameritas.com URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.18.106 , Canada, ASN16276 (OVH, FR), Reverse DNS ns51.serverpy.com Software Apache / Resource Hash 39729b9d8d8b618da79761346f9a6d3a5cee461e624004e1c271e8cd92ada227 Request headers Accept text/html, */*; q=0.01 Referer https://palasoft.com.py/File-4635284/ X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 x-dtpc -28$487203747_822h2vKNQAWCHNKAIPAPUERAIAHSWSHPKKGNFH-0e0 Response headers Date Wed, 03 Aug 2022 00:40:03 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection Keep-Alive Link <https://palasoft.com.py/index.php/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=99 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/	384 KB 154 KB	68ms 20ms	Script text/javascript	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://palasoft.com.py/ Origin https://palasoft.com.py accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Tue, 02 Aug 2022 08:18:32 GMT content-encoding gzip x-content-type-options nosniff age 58892 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 156787 x-xss-protection 0 last-modified Mon, 01 Aug 2022 04:00:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 02 Aug 2023 08:18:32 GMT
GET		1d238354-d156-4dde-89ea-4770ef04b9f9.ttf www.ameritas.com/include/fonts/alic/	0 0
POST H/1.1	404 Not Found	rb_4d4e4829-fb85-4698-a437-c1b20a534b52 Show response palasoft.com.py/	92 KB 14 KB	888ms 888ms	XHR text/html	192.99.18.106 OVH
General Check archive.org Show headers Download Go to Full URL https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D28_sn_NIN33MHSPNP5HRIF88PU9QD1EI661LR0&svrid=-28&flavor=post&vi=KNQAWCHNKAIPAPUERAIAHSWSHPKKGNFH-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=1849511587&en=ebhyx2hs&end=1 Requested by Host: www.ameritas.com URL: https://www.ameritas.com/ruxitagentjs_ICA2Vdfghjqrux_10243220606153550.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.18.106 , Canada, ASN16276 (OVH, FR), Reverse DNS ns51.serverpy.com Software Apache / Resource Hash 39729b9d8d8b618da79761346f9a6d3a5cee461e624004e1c271e8cd92ada227 Request headers Referer https://palasoft.com.py/File-4635284/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 03 Aug 2022 00:40:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection Keep-Alive Link <https://palasoft.com.py/index.php/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=98 Expires Wed, 11 Jan 1984 05:00:00 GMT
POST		rb_4d4e4829-fb85-4698-a437-c1b20a534b52 palasoft.com.py/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.ameritas.com

URL

https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff

Domain

www.ameritas.com

URL

https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf

Domain

palasoft.com.py

URL

https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D28_sn_NIN33MHSPNP5HRIF88PU9QD1EI661LR0&svrid=-28&flavor=post&vi=KNQAWCHNKAIPAPUERAIAHSWSHPKKGNFH-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=2219877719&en=ebhyx2hs&end=1

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum function| $ function| onSubmit function| validate number| posted function| validateData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.palasoft.com.py/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D28_sn_NIN33MHSPNP5HRIF88PU9QD1EI661LR0
			.palasoft.com.py/	1969-12-31 23:59:59	Name: rxVisitor Value: 16594872037519DVA80G57017GB9HNF54TDT7MKKEU2S4
			www.ameritas.com/	1969-12-31 23:59:59	Name: X-Session-ID Value: 02c7026aa6-989a-44eCVGCPMN4IlbmMGs8fIhUYF9thR2xpvTiNi5Se1aa4RSD-PJfWWAjb6Wc3uv0cNArOw
			.palasoft.com.py/	1969-12-31 23:59:59	Name: dtLatC Value: 36
			.palasoft.com.py/	1969-12-31 23:59:59	Name: dtSa Value: -
			.palasoft.com.py/	1969-12-31 23:59:59	Name: rxvt Value: 1659489004521|1659487203755
			palasoft.com.py/	1970-01-20 05:38:26	Name: mailchimp_landing_site Value: https%3A%2F%2Fpalasoft.com.py%2Fwps%2Fwcm%2Fconnect%2Futilities%2Fglobalitems%2Fsa-alerts%3Fsrv%3Dcmpnt%26source%3Dlibrary%26cmpntname%3Dalert-public-alic
			.palasoft.com.py/	1969-12-31 23:59:59	Name: dtPC Value: -28$487203747_822h-vKNQAWCHNKAIPAPUERAIAHSWSHPKKGNFH-0e0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://palasoft.com.py/File-4635284/ Message: Access to font at 'https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff' from origin 'https://palasoft.com.py' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com', but only one is allowed.
network	error	URL: https://www.ameritas.com/include/fonts/alic/d5af76d8-a90b-4527-b3a3-182207cc3250.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://palasoft.com.py/File-4635284/ Message: Access to font at 'https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf' from origin 'https://palasoft.com.py' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values '"*.ameritas.com, *.employeebenefitservice.com, *.inbison.com, *.corporate.unificompanies.com", *.ameritas.com, *.employeebenefitservice.com, *.corporate.unificompanies.com, *.inbison.com', but only one is allowed.
network	error	URL: https://www.ameritas.com/include/fonts/alic/1d238354-d156-4dde-89ea-4770ef04b9f9.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://palasoft.com.py/wps/wcm/connect/utilities/globalitems/sa-alerts?srv=cmpnt&source=library&cmpntname=alert-public-alic Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://palasoft.com.py/rb_4d4e4829-fb85-4698-a437-c1b20a534b52?type=js3&sn=v_4_srv_-2D28_sn_NIN33MHSPNP5HRIF88PU9QD1EI661LR0&svrid=-28&flavor=post&vi=KNQAWCHNKAIPAPUERAIAHSWSHPKKGNFH-0&modifiedSince=1658566041597&rf=https%3A%2F%2Fpalasoft.com.py%2FFile-4635284%2F&bp=3&app=f6d384602f00a629&crc=1849511587&en=ebhyx2hs&end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

palasoft.com.py
upload.wikimedia.org
www.ameritas.com
www.google.com
www.gstatic.com
palasoft.com.py
www.ameritas.com
192.99.18.106
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::2003
2620:0:861:ed1a::2:b
69.12.28.22
21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724
39729b9d8d8b618da79761346f9a6d3a5cee461e624004e1c271e8cd92ada227
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6b02f88fd2e3829957cc5e2822a4bdce90bcbf87ec63745edbc5b71a02c2c359
7b7f644b2ace63ad0c6a1482defcef756640f3413afba91e9caae94c550b8edd
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
bf061b90dd20707fd3d8c6e023196954c4b64ad8988e6afbecb05aefa86088f7
c8aea846f85981c62eae80293a80dc4d857746c7fffd5045a78eb5c499d9ff3b
caa21e230bb6013532eec8e448b2e0be1c4d16808fdd9bd25395e3c602e75609
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa8632fc4e2e47f0eb22b9f49dc24f43b08f8862c843fee3d88d9f4209bb42da
ff6b79f4f2bc6efdf85009b786853ed86c694b5065dc23126b99b902b5438e6e