accounts-uat.popularbank.com Open in urlscan Pro
136.146.43.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts-uat.popularbank.com/
Effective URL:
https://accounts-uat.popularbank.com/s/
Submission: On May 03 via automatic, source certstream-suspicious (May 3rd 2024, 1:55:31 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 136.146.43.167, located in United States and belongs to SALESFORCE, US. The main domain is accounts-uat.popularbank.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 23rd 2023. Valid for: a year.

This is the only time accounts-uat.popularbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	136.146.43.167 136.146.43.167	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
21	3

21 136.146.43.167 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl12-ncg1-c8-iad5.na238-ia7.force.com

accounts-uat.popularbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	popularbank.com 1 redirects accounts-uat.popularbank.com	2 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
21	2

	Domain	Requested by
21	accounts-uat.popularbank.com	1 redirects accounts-uat.popularbank.com
1	fonts.googleapis.com	accounts-uat.popularbank.com
21	2

This site contains links to these domains. Also see Links.

Domain
documents.popular.com
www.popularbank.com

Subject Issuer	Validity	Valid
*.na238.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-23` - `2024-11-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounts-uat.popularbank.com/s/
Frame ID: 9EA74601361C93ACA91F754D5091DB76
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Application Dashboard

Page URL History Show full URLs

https://accounts-uat.popularbank.com/ HTTP 301
https://accounts-uat.popularbank.com/s/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1998 kB
Transfer

7768 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://documents.popular.com/pdfs/PCB/Privacy_Policy_Popular.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.popularbank.com/online-privacy-practices/
Title: Privacy Practices

Search URL Search Domain Scan URL

URL: https://documents.popular.com/pdfs/PCB/USA_Patriot_Act_eng.pdf
Title: USA Patriot Act

Search URL Search Domain Scan URL

URL: https://www.popularbank.com/terms-and-conditions/
Title: Terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts-uat.popularbank.com/ HTTP 301
https://accounts-uat.popularbank.com/s/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
accounts-uat.popularbank.com/s/
Redirect Chain

https://accounts-uat.popularbank.com/
https://accounts-uat.popularbank.com/s/

291 KB
66 KB

348ms
347ms

Document
text/html

136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

2ecab4873256aaef32ec64105193b39b9d70b80197ecf88b32834fa3ebf89795

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Fri, 03 May 2024 13:55:24 GMT
Expires: Thu, 04 May 2023 13:55:24 GMT
Last-Modified: Thu, 04 May 2023 13:55:24 GMT
Link: </s/sfsites/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-248.10.5-5.0.10-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22n9k1TwnPH9amSjg-IrVvXw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A2%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=>;rel=preload;as=script;nopush
Referrer-Policy: origin-when-cross-origin
Server-Timing: Total;dur=172
Strict-Transport-Security: max-age=63072000; includeSubDomains
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Origin, Accept-Encoding
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Length: 0
Date: Fri, 03 May 2024 13:55:24 GMT
Location: https://accounts-uat.popularbank.com/s/
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura_prod.js Show response
accounts-uat.popularbank.com/s/sfsites/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/ 844 KB
265 KB 471ms
211ms Script
text/javascript 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

9e9490918c82228772f6d9f88aaf90f8ff009dcc11393cee3611eb6e7e299669

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing
Cache-Control: public,max-age=31536000,immutable
Server-Timing: Total;dur=12
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-248.10.5-5.0.10-b%22%2C%22parts%... 3 MB
585 KB 395ms
124ms Script
text/javascript 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-248.10.5-5.0.10-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22n9k1TwnPH9amSjg-IrVvXw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A2%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

93a4345d5705b1a8acaaedf5ba027175f8d12394f8b6a50e0e5253a7859d8512

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:15 GMT
Content-Encoding: gzip
Age: 10
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000,immutable
Content-Length: 598618
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 151ms
57ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@200;300;400;600;700;800;900&display=swap

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f50293d32ab5bad1038edb66ca973fb2b72966f682944b4c21b5155c6a2b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 13:55:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 13:43:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 13:55:25 GMT

GET
H/1.1 200
OK popular-bank.css
accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/ 61 KB
11 KB 363ms
127ms Stylesheet
text/css 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/popular-bank.css

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

6abe3bc85b8fa767faff227e129b66afe7e47394b75b150538aa91d9908fa616

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 1
P3P: CP="CUR OTR STA"
Content-Length: 10460
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 3 May 2024 10:08:24 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=3888000
Origin-Trial: AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Expires: Mon, 17 Jun 2024 13:55:24 GMT

GET
H/1.1 200
OK login.css
accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/ 8 KB
2 KB 367ms
123ms Stylesheet
text/css 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/login.css

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

2b254afcb00adb33edeffe7611012edf6b27a2a2b049f3131a39dae6d93d0cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 10
P3P: CP="CUR OTR STA"
Content-Length: 1565
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 3 May 2024 10:08:24 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=3888000
Origin-Trial: AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Expires: Mon, 17 Jun 2024 13:55:15 GMT

GET
H/1.1 200
OK fonts.css
accounts-uat.popularbank.com/s/sfsites/runtimedownload/ 336 KB
241 KB 252ms
124ms Stylesheet
text/css 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/runtimedownload/fonts.css?lastMod=1706777866000&brandSet=6e18424b-27b9-47b8-8831-cc5b276891f8

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

f323f93e60bc20de838a2af10001f51909df06e270a75ae4f7b050edb56f20c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 01 Feb 2024 08:57:46 GMT
Content-Encoding: gzip
Age: 10
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=31536000
Content-Length: 246796
X-XSS-Protection: 1; mode=block
Expires: Sat, 03 May 2025 13:55:15 GMT

GET
H/1.1 200
OK resources.js Show response
accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mU... 52 KB
14 KB 434ms
305ms Script
text/javascript 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

20954c4fed81e01dd7fffb79c14d90acd40975cf47cce99f980e811da19087b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=31536000,immutable
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.js Show response
accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mU... 471 KB
100 KB 500ms
371ms Script
text/javascript 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22n9k1TwnPH9amSjg-IrVvXw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEyMjBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226e18424b-27b9-47b8-8831-cc5b276891f8%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2235a48639-2a0f-47c1-8ebc-11bf4b168cff%22%2C%22publishedChangelistNum%22%3A%227%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

2349120f34937e48493db8862a41b60d98aced838b79c7a04e8b239170431ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=900
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3Acomm... 1 MB
132 KB 231ms
230ms Stylesheet
text/css 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22n9k1TwnPH9amSjg-IrVvXw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22ANKM7VGpjNbqPO2gICgQlA%22%2C%22cuid%22%3A1118287676%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226e18424b-27b9-47b8-8831-cc5b276891f8%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%2235a48639-2a0f-47c1-8ebc-11bf4b168cff%22%2C%22publishedChangelistNum%22%3A%227%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

eb46957156ffe0225ef7cc1816c7721cb3989e0fdc0b75cf42435338f8205705

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000,immutable
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK faviconDao
accounts-uat.popularbank.com/sfsites/c/resource/ 894 B
2 KB 122ms
121ms Other
image/x-icon 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/sfsites/c/resource/faviconDao

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

cafcc3fc46513d365c58684b7ecb151bb7373689b8307cc35e67d7a3511f279d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:48:33 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 14 Apr 2023 18:10:44 GMT
Age: 413
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: image/x-icon
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Origin-Trial: AqlAE64ET63tVSana3qdVkfkPAgyUhY8GwcehUlpqv067CevOpumeNUlx9YouLkBxJ0CT+EwIb8/SiNbF2NGvwYAAABfeyJvcmlnaW4iOiJodHRwczovL3NhbGVzZm9yY2UuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Content-Length: 894
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Jun 2024 13:48:33 GMT

GET
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 196 KB
51 KB 251ms
250ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%226ead9281-d142-4a81-b476-3942b9a2b31a%22%2C%22routeType%22%3A%22home%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22viewid%22%3A%22cfe4cb47-4741-4d64-908b-b4e2325d31ab%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A7%2C%22brandingSetId%22%3A%226e18424b-27b9-47b8-8831-cc5b276891f8%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22n9k1TwnPH9amSjg-IrVvXw%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDEyMjBlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/s/sfsites/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

72db1c520822096cf7f71b2f3c4440ee1e63621ef001dd2c997823eb343978ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 02 May 2024 13:55:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=1800
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:26 GMT

POST
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 1 MB
267 KB 261ms
261ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?r=1&aura.Component.getComponentDef=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

25ad669c9d74969ad596657f14463773a46633b79cb5fe95689b396ff71cc3c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
X-SFDC-Request-Id: 2824700000cbec600f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accounts-uat.popularbank.com/s/
X-SFDC-Page-Cache: 3ec257e87ed0c381
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 May 2023 13:55:26 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:26 GMT

POST
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 91 KB
28 KB 451ms
451ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?r=2&aura.Component.getComponent=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1&ui-self-service-components-profileMenu.ProfileMenu.getProfileMenuResponse=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

dd70d192b37de44c057d245cb32cea79de97a714ca8d4d267f8a479f1dba4a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
X-SFDC-Request-Id: 28708000007adf8848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accounts-uat.popularbank.com/s/
X-SFDC-Page-Cache: 3ec257e87ed0c381
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 May 2023 13:55:26 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing: Total;dur=293
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:26 GMT

POST
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 18 KB
4 KB 284ms
284ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?r=3&aura.ApexAction.execute=4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

89a947441010881ab62f7e84c6faffb99dc4294633eee42674a8b4393417ac67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-SFDC-LDS-Endpoints: ApexActionController.execute:DEP_ORIG_ApplicationCntrl.getLWCConfigSettings, ApexActionController.execute:DEP_ORIG_ApplicationCntrl.getCurrentYear
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
X-SFDC-Request-Id: 3088400000b411247f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accounts-uat.popularbank.com/s/
X-SFDC-Page-Cache: 3ec257e87ed0c381
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 May 2023 13:55:26 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing: Total;dur=128
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:26 GMT

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51

Request headers

Referer: https://accounts-uat.popularbank.com/
Origin: https://accounts-uat.popularbank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK OpenSans.woff
accounts-uat.popularbank.com/resource/Fonts_OpenSans/ 79 KB
79 KB 122ms
121ms Font
application/octet-stream 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/resource/Fonts_OpenSans/OpenSans.woff

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/popular-bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

fc875d65f61c0c123bff14b19ad2535b63c1bb87af36c5c421400c73a5e83e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/popular-bank.css
Origin: https://accounts-uat.popularbank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:16 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 26 Apr 2024 14:19:48 GMT
Age: 10
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/octet-stream
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Content-Length: 80468
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Jun 2024 13:55:16 GMT

GET
H/1.1 200
OK ManropeBold.woff
accounts-uat.popularbank.com/resource/Fonts_Manrope/ 43 KB
43 KB 123ms
122ms Font
application/octet-stream 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/resource/Fonts_Manrope/ManropeBold.woff

Requested by

Host: accounts-uat.popularbank.com
URL: https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/popular-bank.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

e322a023e8d19444c9b82800f68212d730ee607267ca4f5110448fdb332f6d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/sfsites/c/resource/DepOrig_Assets/popular-bank.css
Origin: https://accounts-uat.popularbank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:48:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 26 Apr 2024 14:19:47 GMT
Age: 398
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: application/octet-stream
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Content-Length: 43632
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Jun 2024 13:48:48 GMT

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145

Request headers

Referer: https://accounts-uat.popularbank.com/
Origin: https://accounts-uat.popularbank.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK popular-bank.css
accounts-uat.popularbank.com/resource/1714730904000/DepOrig_Assets/ 61 KB
11 KB 130ms
129ms Stylesheet
text/css 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/resource/1714730904000/DepOrig_Assets/popular-bank.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

6abe3bc85b8fa767faff227e129b66afe7e47394b75b150538aa91d9908fa616

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 3 May 2024 10:08:24 GMT
Content-Encoding: gzip
Age: 10
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Content-Length: 10460
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Jun 2024 13:55:17 GMT

GET
H/1.1 200
OK logo-popular-bank.svg
accounts-uat.popularbank.com/resource/1714730904000/DepOrig_Assets/images/ 4 KB
2 KB 125ms
125ms Image
image/svg+xml 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-uat.popularbank.com/resource/1714730904000/DepOrig_Assets/images/logo-popular-bank.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

cbaba327e7f5655c23bbe44bbd23e9a3ae67012e4300386e99306ecaba39bcb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts-uat.popularbank.com/s/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 3 May 2024 10:08:24 GMT
Content-Encoding: gzip
Age: 1
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Content-Length: 1751
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 Jun 2024 13:55:26 GMT

POST
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 2 KB
2 KB 479ms
479ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?r=4&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

b924526a0f1c797bbfc14685f600d19fc62effe28bd852524d2d1b3f6bf09bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
X-SFDC-Request-Id: 414670000018caeef2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accounts-uat.popularbank.com/s/
X-SFDC-Page-Cache: 3ec257e87ed0c381
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:28 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 May 2023 13:55:28 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing: Total;dur=194
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:28 GMT

POST
H/1.1 200
OK aura Show response
accounts-uat.popularbank.com/s/sfsites/ 1 KB
1 KB 176ms
176ms XHR
application/json 136.146.43.167
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-uat.popularbank.com/s/sfsites/aura?r=5&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.146.43.167 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl12-ncg1-c8-iad5.na238-ia7.force.com

Software

Resource Hash

6ca01939a42bb74dd1a456fca730983f6675d417c8b0a613d644d2a9cd4aa846

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-SFDC-Page-Scope-Id: 5ba6e9d2-6741-4f64-b5bb-72b0863e49c5
X-SFDC-Request-Id: 4148900000ae7802e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-mobile: ?0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://accounts-uat.popularbank.com/s/
X-SFDC-Page-Cache: 3ec257e87ed0c381
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 03 May 2024 13:55:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 May 2023 13:55:27 GMT
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/json
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing: Total;dur=17
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Thu, 04 May 2023 13:55:27 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts-uat.popularbank.com/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%2235a48639-2a0f-47c1-8ebc-11bf4b168cff%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%226e18424b-27b9-47b8-8831-cc5b276891f8%22%2C%22audienceIds%22%3A%22%22%7D
accounts-uat.popularbank.com/	1970-01-21 05:04:40	Name: CookieConsentPolicy Value: 0:1
accounts-uat.popularbank.com/	1970-01-21 05:04:40	Name: LSKey-c$CookieConsentPolicy Value: 0:1
accounts-uat.popularbank.com/	1970-01-20 20:19:15	Name: force-proxy-stream Value: !7ERGBeePK9XJhBzMuMS4m8fGYSY2rQUiyqI1AmRL29uQx19UCfxJV9z8WQ0TqUQ7VP2iG8KIIL//g1Y=
accounts-uat.popularbank.com/	1970-01-20 20:19:15	Name: sfdc-stream Value: !9d06AOPhUQtSY3f4lWY0fnY73PR8XAUZo1oQ5Y2/D3kw5wd/c/4d8y1xPajtT//o7H927I2uoLaFpx8=
accounts-uat.popularbank.com/	1970-01-21 05:04:40	Name: pctrk Value: c65c970c-4301-4c5c-88a0-03f79021bb6e
accounts-uat.popularbank.com/	1970-01-20 20:19:15	Name: force-stream Value: !VBN+Afy/zaNn6UvMuMS4m8fGYSY2rThglT7A14KaZl5+mpKpy9bm19s04YSaxsKilLY0CE6s4Ycg7rg=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://accounts-uat.popularbank.com/s/sfsites/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/aura_prod.js(Line 49) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-uat.popularbank.com
fonts.googleapis.com
136.146.43.167
2a00:1450:4001:82f::200a
0f50293d32ab5bad1038edb66ca973fb2b72966f682944b4c21b5155c6a2b8fa
20954c4fed81e01dd7fffb79c14d90acd40975cf47cce99f980e811da19087b8
2349120f34937e48493db8862a41b60d98aced838b79c7a04e8b239170431ea2
25ad669c9d74969ad596657f14463773a46633b79cb5fe95689b396ff71cc3c9
2b254afcb00adb33edeffe7611012edf6b27a2a2b049f3131a39dae6d93d0cbf
2ecab4873256aaef32ec64105193b39b9d70b80197ecf88b32834fa3ebf89795
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51
6abe3bc85b8fa767faff227e129b66afe7e47394b75b150538aa91d9908fa616
6ca01939a42bb74dd1a456fca730983f6675d417c8b0a613d644d2a9cd4aa846
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145
72db1c520822096cf7f71b2f3c4440ee1e63621ef001dd2c997823eb343978ed
89a947441010881ab62f7e84c6faffb99dc4294633eee42674a8b4393417ac67
93a4345d5705b1a8acaaedf5ba027175f8d12394f8b6a50e0e5253a7859d8512
9e9490918c82228772f6d9f88aaf90f8ff009dcc11393cee3611eb6e7e299669
b924526a0f1c797bbfc14685f600d19fc62effe28bd852524d2d1b3f6bf09bee
cafcc3fc46513d365c58684b7ecb151bb7373689b8307cc35e67d7a3511f279d
cbaba327e7f5655c23bbe44bbd23e9a3ae67012e4300386e99306ecaba39bcb9
dd70d192b37de44c057d245cb32cea79de97a714ca8d4d267f8a479f1dba4a64
e322a023e8d19444c9b82800f68212d730ee607267ca4f5110448fdb332f6d40
eb46957156ffe0225ef7cc1816c7721cb3989e0fdc0b75cf42435338f8205705
f323f93e60bc20de838a2af10001f51909df06e270a75ae4f7b050edb56f20c0
fc875d65f61c0c123bff14b19ad2535b63c1bb87af36c5c421400c73a5e83e0a

accounts-uat.popularbank.com Open in urlscan Pro 136.146.43.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

5 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1998 kBTransfer

7768 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

7 Cookies

1 Console Messages

Security Headers

Indicators

accounts-uat.popularbank.com Open in urlscan Pro
136.146.43.167 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

5 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1998 kB
Transfer

7768 kB
Size

7
Cookies

21 HTTP transactions
2 data transactions