URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Submission: On January 24 via manual from ES — Scanned from ES

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 54.228.186.210, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is bankinter.avanti-lean.com.
TLS certificate: Issued by Amazon on March 20th 2022. Valid for: a year.
This is the only time bankinter.avanti-lean.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 54.228.186.210 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 13.225.78.45 16509 (AMAZON-02)
9 151.101.1.195 54113 (FASTLY)
6 3.74.208.112 16509 (AMAZON-02)
26 5
Apex Domain
Subdomains
Transfer
16 froged.com
iifqhs.sdk.froged.com
sdk.froged.com — Cisco Umbrella Rank: 678307
widget-v2.froged.com — Cisco Umbrella Rank: 694562
api.froged.com — Cisco Umbrella Rank: 637804
602 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
5 KB
5 avanti-lean.com
bankinter.avanti-lean.com
310 KB
1 gstatic.com
fonts.gstatic.com
27 KB
26 4
Domain Requested by
8 widget-v2.froged.com iifqhs.sdk.froged.com
widget-v2.froged.com
6 api.froged.com widget-v2.froged.com
5 fonts.googleapis.com bankinter.avanti-lean.com
iifqhs.sdk.froged.com
client
5 bankinter.avanti-lean.com bankinter.avanti-lean.com
1 sdk.froged.com
1 iifqhs.sdk.froged.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
26 7

This site contains links to these domains. Also see Links.

Domain
avanti-lean.com
www.avanti-lean.com
Subject Issuer Validity Valid
avanti-lean.com
Amazon
2022-03-20 -
2023-04-18
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
inibby.app
GTS CA 1D4
2023-01-17 -
2023-04-18
3 months crt.sh
*.froged.com
Amazon
2022-04-19 -
2023-05-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://bankinter.avanti-lean.com/procurement/login?next=/
Frame ID: 10077611EE2BD30BE7A4061593D8FFF9
Requests: 9 HTTP requests in this frame

Frame: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Frame ID: B55B252164FE08EDB5A4353162C88441
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Login Avanti

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

96 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

5
IPs

3
Countries

944 kB
Transfer

3173 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://iifqhs.sdk.froged.com/ HTTP 302
  • https://sdk.froged.com/

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
bankinter.avanti-lean.com/procurement/
6 KB
6 KB
Document
General
Full URL
https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.186.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-186-210.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
b8e51b8a14b9440fcb777e067b41a8bbb3397b5b3e1e4950b784bae8a314f21e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

content-language
es
content-length
5711
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 17:24:04 GMT
server
gunicorn
vary
Cookie, Accept-Language
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/
5 KB
980 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Mulish:300,400,700
Requested by
Host: bankinter.avanti-lean.com
URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3dea416eb1e097fdb8929adb377018d19f9c2aaa7d581ec84bac47f1d137e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 17:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 17:24:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 17:24:04 GMT
bootstrap.min.css
bankinter.avanti-lean.com/static/bootstrap-5.2.2-dist/css/
190 KB
191 KB
Stylesheet
General
Full URL
https://bankinter.avanti-lean.com/static/bootstrap-5.2.2-dist/css/bootstrap.min.css
Requested by
Host: bankinter.avanti-lean.com
URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.186.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-186-210.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/procurement/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 17:24:04 GMT
last-modified
Thu, 01 Dec 2022 19:54:50 GMT
server
gunicorn
x-frame-options
SAMEORIGIN
vary
Accept-Language, Cookie
content-language
es
content-type
text/css
content-length
194901
login.css
bankinter.avanti-lean.com/static/compras/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://bankinter.avanti-lean.com/static/compras/css/login.css
Requested by
Host: bankinter.avanti-lean.com
URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.186.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-186-210.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
716889b48dd286b0f4376c6772f6b3716fa8294b4fb379dbe36e1dc381f846ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/procurement/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 17:24:04 GMT
last-modified
Thu, 01 Dec 2022 19:54:50 GMT
server
gunicorn
x-frame-options
SAMEORIGIN
vary
Accept-Language, Cookie
content-language
es
content-type
text/css
content-length
4089
bootstrap.min.js
bankinter.avanti-lean.com/static/bootstrap-5.2.2-dist/js/
59 KB
59 KB
Script
General
Full URL
https://bankinter.avanti-lean.com/static/bootstrap-5.2.2-dist/js/bootstrap.min.js
Requested by
Host: bankinter.avanti-lean.com
URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.186.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-186-210.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/procurement/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 17:24:04 GMT
last-modified
Thu, 01 Dec 2022 19:54:50 GMT
server
gunicorn
x-frame-options
SAMEORIGIN
vary
Accept-Language, Cookie
content-language
es
content-type
application/javascript
content-length
60480
logo_avanti_login.png
bankinter.avanti-lean.com/static/compras/img/
50 KB
50 KB
Image
General
Full URL
https://bankinter.avanti-lean.com/static/compras/img/logo_avanti_login.png
Requested by
Host: bankinter.avanti-lean.com
URL: https://bankinter.avanti-lean.com/procurement/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.186.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-186-210.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
cb2577743ae9ad69d04ecf87d02f3869a42ba6bd5988b13039121180cc4d05e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/procurement/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 17:24:05 GMT
last-modified
Thu, 01 Dec 2022 19:54:50 GMT
server
gunicorn
x-frame-options
SAMEORIGIN
vary
Accept-Language, Cookie
content-language
es
content-type
image/png
content-length
50693
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bankinter.avanti-lean.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 15:21:36 GMT
x-content-type-options
nosniff
age
7349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 15:21:36 GMT
/
sdk.froged.com/
Redirect Chain
  • https://iifqhs.sdk.froged.com/
  • https://sdk.froged.com/
97 KB
17 KB
Script
General
Full URL
https://sdk.froged.com/
Protocol
H2
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9c74f03c2967652ac0eb0db979c27b4587e6ad7e5b26354e7218060da255767
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22056-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:05 GMT
last-modified
Mon, 23 Jan 2023 22:01:13 GMT
x-timer
S1674581046.854795,VS0,VE0
etag
"7c7429cdef633fcc6616629ca88a6a5b2c1dfa987ad3f17bde9147deb44cb40c-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17333
x-cache-hits
7337

Redirect headers

date
Tue, 24 Jan 2023 17:24:05 GMT
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
location
https://sdk.froged.com/
cache-control
max-age=1800
content-length
0
x-amz-cf-id
vltRfGPBT8AtKZdqBELK_BEtoSANI4lYlBa340ZruOt7-CCsVrDURw==
css2
fonts.googleapis.com/
7 KB
665 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Muli:ital,wght@0,300;0,400;0,600;0,700;0,800;1,400;1,700&display=swap
Requested by
Host: iifqhs.sdk.froged.com
URL: https://iifqhs.sdk.froged.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36630b3e7f723840e42937a41b87c179f53ae35c7ef6d42be7f31c8e6fb64b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://bankinter.avanti-lean.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 17:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 17:24:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 17:24:05 GMT
/
widget-v2.froged.com/ Frame B55B
966 B
631 B
Document
General
Full URL
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Requested by
Host: iifqhs.sdk.froged.com
URL: https://iifqhs.sdk.froged.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
89a0d97e669391f5134542cdadcbea7e7d560766139daf802e50e8342df8b1ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://bankinter.avanti-lean.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=1
content-encoding
br
content-length
289
content-type
text/html; charset=utf-8
date
Tue, 24 Jan 2023 17:24:06 GMT
etag
"6cd9f0a3e84459dde10d207cb70427d0d0f95313ffe37f3c805f448066b1fb25-br"
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-mad22034-MAD
x-timer
S1674581046.165025,VS0,VE1
ficon.min.css
widget-v2.froged.com/assets/fonts/ficon/ Frame B55B
40 KB
5 KB
Stylesheet
General
Full URL
https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
689ffee8cbc5f35754a8c093bc4438820e8c31980b71deaf87c38f399690c78b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22034-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581046.231776,VS0,VE0
etag
"64fefa5333f648e67175eb0b5e1e7eacf251b44325f6d58900c5697dbead8261-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5230
x-cache-hits
770
styles.fa687140d741b6442ffc.css
widget-v2.froged.com/ Frame B55B
157 B
203 B
Stylesheet
General
Full URL
https://widget-v2.froged.com/styles.fa687140d741b6442ffc.css
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d50dfda0339a2089abb65fb20420c393ea14a4b1400360478bb9d91ec4c9683
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22034-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581046.232649,VS0,VE0
etag
"9c39c1fbdd91b5594a81a5bccd3aee2b12b8106e2ed6606d15eaa602bcd62f73-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
87
x-cache-hits
771
runtime-es2015.bf0aa0044450c397443c.js
widget-v2.froged.com/ Frame B55B
2 KB
1 KB
Script
General
Full URL
https://widget-v2.froged.com/runtime-es2015.bf0aa0044450c397443c.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a54aceabdae06682a30c94b36ed217ed46a54f054d24f58d831fc63e2b0f90bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Origin
https://widget-v2.froged.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22034-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581046.232628,VS0,VE0
etag
"aebb83b973be54759097442337bb65fbad55af3870d6ba29f2a0d7907292d7fc-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1089
x-cache-hits
772
polyfills-es2015.afed2d3ff59a73ee0bf3.js
widget-v2.froged.com/ Frame B55B
36 KB
11 KB
Script
General
Full URL
https://widget-v2.froged.com/polyfills-es2015.afed2d3ff59a73ee0bf3.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aea2b6103f72e7985438d0b4ff9a57502ff72aa87be8bf9c593fa2706c21308f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Origin
https://widget-v2.froged.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22034-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581046.232611,VS0,VE0
etag
"71c8db4fcdfe39ccc3d09816c6395818997750999db28d79e2a097c174922413-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11214
x-cache-hits
773
main-es2015.d60f727305943f59b02b.js
widget-v2.froged.com/ Frame B55B
2 MB
405 KB
Script
General
Full URL
https://widget-v2.froged.com/main-es2015.d60f727305943f59b02b.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7df1d7407163bb02c5d9822b45b505dbbffc19d01fca251ae8dce38a6e3fdf93
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
Origin
https://widget-v2.froged.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22034-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581046.232590,VS0,VE0
etag
"fe5ca07de34e767f832a8fdb52c339d936c3d09d895c7d42b80099907a124df5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
414470
x-cache-hits
97
css2
fonts.googleapis.com/ Frame B55B
5 KB
647 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3152b68244c532c1c57a31bc1782b77b5d105fc28add54e667d37e8dc5e3fb12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 17:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 17:24:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 17:24:06 GMT
css2
fonts.googleapis.com/ Frame B55B
5 KB
583 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e93bedec95f27c1996d5c0bc2c9384f6736e74574379c42b5c9e392dac6fa448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 17:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 17:20:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 17:24:06 GMT
css2
fonts.googleapis.com/ Frame B55B
8 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9eea736d4670672bc37d214ed17876bd43efc4d90929bafe7645edf1f1227d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 17:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 17:14:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 17:24:06 GMT
8-es2015.0752571a04f40f2d0f9c.js
widget-v2.froged.com/ Frame B55B
22 KB
4 KB
Script
General
Full URL
https://widget-v2.froged.com/8-es2015.0752571a04f40f2d0f9c.js
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/runtime-es2015.bf0aa0044450c397443c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16f41f911281208642713110d31b429bd8bc92f109f63aea1294add8d99635d1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://widget-v2.froged.com/?slug=5r4mqx&sesionId=new&sdob=eyJ1c2VySWQiOiIzNE5vbmUiLCJlbWFpbCI6IiIsInVzZXJuYW1lIjoiIiwibmFtZSI6IiIsImNvbXBhbnkiOiJCQU5LSU5URVIifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22029-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581047.681359,VS0,VE0
etag
"0ba6e67bce9071645cb5044ca675791e96f5d00cee960db2137e1e21840b2a6b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3916
x-cache-hits
1199
ficon.ttf
widget-v2.froged.com/assets/fonts/ficon/ Frame B55B
418 KB
141 KB
Font
General
Full URL
https://widget-v2.froged.com/assets/fonts/ficon/ficon.ttf
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cf2c0287fbc6eb3ea518651e85a71c15081deed34725c8da51d09f678cc6b53
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://widget-v2.froged.com/assets/fonts/ficon/ficon.min.css
Origin
https://widget-v2.froged.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by
cache-mad22029-MAD
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 24 Jan 2023 17:24:06 GMT
last-modified
Tue, 24 Jan 2023 16:28:51 GMT
x-timer
S1674581047.797115,VS0,VE0
etag
"4b50d3c36241e401f3435882abc5a9b682b8ec7c481a7bb14a306c4c11c331fa-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
cache-control
max-age=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
143848
x-cache-hits
700
slim
api.froged.com/sdkBoot/5r4mqx/new/boot/ Frame B55B
15 KB
15 KB
Fetch
General
Full URL
https://api.froged.com/sdkBoot/5r4mqx/new/boot/slim
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.afed2d3ff59a73ee0bf3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
1f11b9546d1ede1115bfd2689a1282d0961ba3a156152621b765e171b9be5731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://widget-v2.froged.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
token
content-type
application/json

Response headers

date
Tue, 24 Jan 2023 17:24:07 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
etag
W/"3a96-snD9yMPSa/i3PQ2xcdVfs+EyDQE"
x-frame-options
DENY
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-remaining
999
x-ratelimit-reset
1674581108
x-ratelimit-limit
1000
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
14998
x-xss-protection
0
slim
api.froged.com/sdkBoot/5r4mqx/new/boot/ Frame
0
0
Preflight
General
Full URL
https://api.froged.com/sdkBoot/5r4mqx/new/boot/slim
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
POST
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 24 Jan 2023 17:24:07 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
notifications
api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/automessages/ Frame B55B
56 B
462 B
Fetch
General
Full URL
https://api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/automessages/notifications
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.afed2d3ff59a73ee0bf3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
7861540ca1830e7d9b8ad2a0d16d2be9631d6e87f9a0670d532a1ae85c7a738b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://widget-v2.froged.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
token
content-type
application/json

Response headers

date
Tue, 24 Jan 2023 17:24:08 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
etag
W/"38-vV6qcRHTVG8yBCZfw47/+hwyAHo"
x-frame-options
DENY
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-remaining
99
x-ratelimit-reset
1674581109
x-ratelimit-limit
100
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
56
x-xss-protection
0
on_pageView
api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/track/ Frame B55B
63 B
468 B
Fetch
General
Full URL
https://api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/track/on_pageView
Requested by
Host: widget-v2.froged.com
URL: https://widget-v2.froged.com/polyfills-es2015.afed2d3ff59a73ee0bf3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
79f4a34dfc6017277886a9e7c9b7c4a19c6eabb965be77c777ffd75ccac01d39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://widget-v2.froged.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
token
content-type
application/json

Response headers

date
Tue, 24 Jan 2023 17:24:08 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
etag
W/"3f-8DAPpTHeGoUB/F/MG43Afcj+2D8"
x-frame-options
DENY
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-remaining
98
x-ratelimit-reset
1674581109
x-ratelimit-limit
100
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
content-length
63
x-xss-protection
0
notifications
api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/automessages/ Frame
0
0
Preflight
General
Full URL
https://api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/automessages/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
PATCH
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 24 Jan 2023 17:24:08 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
on_pageView
api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/track/ Frame
0
0
Preflight
General
Full URL
https://api.froged.com/sdk/5r4mqx/68291664-3437-41c8-8441-77325254941b/track/on_pageView
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.208.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-208-112.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
POST
Origin
https://widget-v2.froged.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With, token, apiKey
access-control-allow-methods
GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 24 Jan 2023 17:24:08 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
nginx/1.20.0
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange number| uidEvent object| bootstrap object| frogedSettings function| Froged object| fg_data function| modalPaginaEstatica object| frogedPopup_dom_listener_dismissed object| frogedPopup_dom_listener_button_clicked undefined| frogedTooltip_dom_listener_tooltip_destroyed undefined| frogedTooltip_dom_listener_tooltip_located undefined| frogedTooltip_dom_listener_tooltip_dismissed undefined| frogedTooltip_dom_listener_tooltipPointed_clicked undefined| frogedTooltip_dom_listener_tooltipPointed_removed undefined| frogedTooltip_dom_listener_button_clicked object| frogedBus object| frogedEnv object| frogedPalette object| frogedUrl object| frogedModal object| frogedModalNot object| frogedPopup object| frogedTooltip object| frogedAutoClick object| frogedAutomessages object| frogedAutoScroll object| frogedAutoSet object| frogedBubble object| frogedCookies object| frogedDocument object| frogedFinder object| frogedFlow object| frogedFlows object| frogedHooks object| frogedLightbox object| frogedMessage object| frogedNavigation object| frogedNotification object| frogedNps object| frogedPicker object| frogedUpdates object| frogedWidget function| getFroged function| fg_start object| fg_styleSheet function| fg_version object| fg_styleSheet_custom

2 Cookies

Domain/Path Name / Value
bankinter.avanti-lean.com/ Name: csrftoken
Value: XAfQaZywRlJqnplv8MkeahC372H2geMSSoIvH0HAuKTBYozxfPBNx1STa4d92L8g
.avanti-lean.com/ Name: fgSesionId_5r4mqx
Value: 68291664-3437-41c8-8441-77325254941b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.froged.com
bankinter.avanti-lean.com
fonts.googleapis.com
fonts.gstatic.com
iifqhs.sdk.froged.com
sdk.froged.com
widget-v2.froged.com
13.225.78.45
151.101.1.195
2a00:1450:4001:80f::200a
2a00:1450:400d:80a::2003
3.74.208.112
54.228.186.210
0cf2c0287fbc6eb3ea518651e85a71c15081deed34725c8da51d09f678cc6b53
16f41f911281208642713110d31b429bd8bc92f109f63aea1294add8d99635d1
1d50dfda0339a2089abb65fb20420c393ea14a4b1400360478bb9d91ec4c9683
1f11b9546d1ede1115bfd2689a1282d0961ba3a156152621b765e171b9be5731
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
3152b68244c532c1c57a31bc1782b77b5d105fc28add54e667d37e8dc5e3fb12
36630b3e7f723840e42937a41b87c179f53ae35c7ef6d42be7f31c8e6fb64b0c
689ffee8cbc5f35754a8c093bc4438820e8c31980b71deaf87c38f399690c78b
716889b48dd286b0f4376c6772f6b3716fa8294b4fb379dbe36e1dc381f846ce
7861540ca1830e7d9b8ad2a0d16d2be9631d6e87f9a0670d532a1ae85c7a738b
79f4a34dfc6017277886a9e7c9b7c4a19c6eabb965be77c777ffd75ccac01d39
7df1d7407163bb02c5d9822b45b505dbbffc19d01fca251ae8dce38a6e3fdf93
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65
89a0d97e669391f5134542cdadcbea7e7d560766139daf802e50e8342df8b1ca
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
9eea736d4670672bc37d214ed17876bd43efc4d90929bafe7645edf1f1227d7c
a54aceabdae06682a30c94b36ed217ed46a54f054d24f58d831fc63e2b0f90bd
aea2b6103f72e7985438d0b4ff9a57502ff72aa87be8bf9c593fa2706c21308f
b8e51b8a14b9440fcb777e067b41a8bbb3397b5b3e1e4950b784bae8a314f21e
c9c74f03c2967652ac0eb0db979c27b4587e6ad7e5b26354e7218060da255767
cb2577743ae9ad69d04ecf87d02f3869a42ba6bd5988b13039121180cc4d05e3
e93bedec95f27c1996d5c0bc2c9384f6736e74574379c42b5c9e392dac6fa448
f3dea416eb1e097fdb8929adb377018d19f9c2aaa7d581ec84bac47f1d137e3a