URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Submission: On July 19 via manual from ES — Scanned from ES

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 70 HTTP transactions. The main IP is 194.224.110.11, located in Lloret de Mar, Spain and belongs to TELEFONICA_DE_ESPANA, ES. The main domain is areacliente.eroski.es.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 26th 2022. Valid for: a year.
This is the only time areacliente.eroski.es was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 194.224.110.11 3352 (TELEFONIC...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 96.16.134.158 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 3.220.57.224 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 108.157.4.113 16509 (AMAZON-02)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.90.104.226 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.42 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.122 16509 (AMAZON-02)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.89.210.154 29990 (ASN-APPNEX)
1 13.225.78.127 16509 (AMAZON-02)
70 24
Apex Domain
Subdomains
Transfer
21 eroski.es
areacliente.eroski.es
661 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 509
143 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 177
accounts.google.com — Cisco Umbrella Rank: 126
www.google.com — Cisco Umbrella Rank: 17
59 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
673 B
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
279 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 698
script.hotjar.com — Cisco Umbrella Rank: 1004
vars.hotjar.com — Cisco Umbrella Rank: 1019
68 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
81 KB
2 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 623
ib.adnxs.com — Cisco Umbrella Rank: 257
4 KB
2 doubleclick.net
4378219.fls.doubleclick.net Failed
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
514 B
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2954
498 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
140 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2514
257 B
1 google.es
www.google.es — Cisco Umbrella Rank: 15828
501 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 830
451 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3924
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
898 B
70 17
Domain Requested by
21 areacliente.eroski.es areacliente.eroski.es
9 cdn.cookielaw.org areacliente.eroski.es
cdn.cookielaw.org
5 www.facebook.com connect.facebook.net
areacliente.eroski.es
5 connect.facebook.net areacliente.eroski.es
connect.facebook.net
3 accounts.google.com apis.google.com
areacliente.eroski.es
www.gstatic.com
3 www.google-analytics.com www.googletagmanager.com
areacliente.eroski.es
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 api.ipify.org areacliente.eroski.es
2 www.googletagmanager.com areacliente.eroski.es
2 apis.google.com areacliente.eroski.es
apis.google.com
1 vc.hotjar.io script.hotjar.com
1 ib.adnxs.com areacliente.eroski.es
1 www.google.es areacliente.eroski.es
1 www.google.com areacliente.eroski.es
1 vars.hotjar.com static.hotjar.com
1 www.gstatic.com accounts.google.com
1 script.hotjar.com static.hotjar.com
1 acdn.adnxs.com areacliente.eroski.es
1 static.hotjar.com areacliente.eroski.es
1 geolocation.onetrust.com cdn.cookielaw.org
1 appleid.cdn-apple.com areacliente.eroski.es
1 fonts.googleapis.com areacliente.eroski.es
0 4378219.fls.doubleclick.net Failed www.googletagmanager.com
70 24

This site contains links to these domains. Also see Links.

Domain
www.eroski.es
www.onetrust.com
Subject Issuer Validity Valid
*.eroski.es
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-04-26 -
2023-05-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.apis.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1
2022-04-19 -
2023-05-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2022-02-07 -
2023-03-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-27 -
2022-07-26
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
accounts.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.google.es
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.hotjar.io
Amazon
2022-07-18 -
2023-08-16
a year crt.sh

This page contains 4 frames:

Primary Page: https://areacliente.eroski.es/areacliente/es/nlrLogin
Frame ID: 6E64D8A0FC4F6EB011A32708A3DB518F
Requests: 64 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 3D2E5F377FB7A257E412A7BE33D996F6
Requests: 4 HTTP requests in this frame

Frame: https://4378219.fls.doubleclick.net/activityi;src=4378219;type=ero_visi;cat=reg_e00;ord=247969932070;gtm=2wg7i0;auiddc=543776166.1658228151;u6=undefined;u8=undefined;~oref=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin
Frame ID: 3BFC09B0AD99027C119BC60A074D72F6
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 749F34A9E41E48FFBA48634D310C4CED
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Back ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

70
Requests

97 %
HTTPS

61 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

1476 kB
Transfer

3341 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request nlrLogin
areacliente.eroski.es/areacliente/es/
117 KB
119 KB
Document
General
Full URL
https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
ae4fc8ad588fcbde2908ed2bbdbda8e3dcfb3571b47671f9861d244aa72ed5ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Connection
Keep-Alive
Content-Language
es
Content-Type
text/html;charset=UTF-8
Date
Tue, 19 Jul 2022 10:55:49 GMT
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Vary
Origin
css
fonts.googleapis.com/
1 KB
898 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 10:32:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 10:55:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Jul 2022 10:55:50 GMT
nice-select.css
areacliente.eroski.es/areacliente/resources/css/NLR/
4 KB
5 KB
Stylesheet
General
Full URL
https://areacliente.eroski.es/areacliente/resources/css/NLR/nice-select.css
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
e1de5ecc2cdf36ca16dfc5946f0800fa6c0bda034886725fcb3fa7be7025632e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 23 Nov 2020 23:09:50 GMT
ETag
"1037-5b4ce4a844b80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
4151
Keep-Alive
timeout=5, max=100
newEroskiSignUP.css
areacliente.eroski.es/areacliente/resources/css/NLR/
22 KB
23 KB
Stylesheet
General
Full URL
https://areacliente.eroski.es/areacliente/resources/css/NLR/newEroskiSignUP.css?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
f813311527c2a9caeb4c6361db8e44dceef5e476540f06904450eea4a659fef8

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 30 Nov 2020 15:15:38 GMT
ETag
"59e7-5b5547b88da80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
23015
Keep-Alive
timeout=5, max=100
jquery-ui.css
areacliente.eroski.es/areacliente/resources/css/
33 KB
34 KB
Stylesheet
General
Full URL
https://areacliente.eroski.es/areacliente/resources/css/jquery-ui.css
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
f568972568b02c36e87b5ef049ead53a3cb775704534779a134a97876396be4a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Fri, 17 May 2019 08:44:50 GMT
ETag
"8303-589116544a480"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
33539
Keep-Alive
timeout=5, max=100
jquery-3.3.1.min.js
areacliente.eroski.es/areacliente/resources/js/NLR/
85 KB
86 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/NLR/jquery-3.3.1.min.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"1538f-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
86927
Keep-Alive
timeout=5, max=100
jquery-ui-1.12.1.min.js
areacliente.eroski.es/areacliente/resources/js/libs/
248 KB
248 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/libs/jquery-ui-1.12.1.min.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
a3a38adc41c4dcf12d566d778e7fed6ab065d7531aa14ca9c62143f48cd803a5

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Fri, 17 May 2019 08:44:50 GMT
ETag
"3dee6-589116544a480"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
253670
Keep-Alive
timeout=5, max=100
jquery.nice-select.min.js
areacliente.eroski.es/areacliente/resources/js/NLR/
3 KB
4 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/NLR/jquery.nice-select.min.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"b7e-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
2942
Keep-Alive
timeout=5, max=99
parsley.js
areacliente.eroski.es/areacliente/resources/js/libs/
87 KB
88 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/libs/parsley.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
bd0e71d5183bdb15c999a75e631bec85c4e52d22d7e730d5be641765a336652f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 30 Oct 2017 14:15:04 GMT
ETag
"15cad-55cc443c6ca00"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
89261
Keep-Alive
timeout=5, max=98
util.js
areacliente.eroski.es/areacliente/resources/js/
11 KB
12 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/util.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
a18d763869963333c5ea059740c6080e265629909bc96f5daaed3fe7ea663f28

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 25 Apr 2022 10:17:50 GMT
ETag
"2b68-5dd77e36d6f80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
11112
Keep-Alive
timeout=5, max=99
commons.js
areacliente.eroski.es/areacliente/resources/js/NLR/
92 B
871 B
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/NLR/commons.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
65ae65b2d156cd2c98e3166a6480d181d9705f9a7729417eec1c690835819d6e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 09 Sep 2019 05:50:40 GMT
ETag
"5c-592185e266c00"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
92
Keep-Alive
timeout=5, max=99
nlrGTM.js
areacliente.eroski.es/areacliente/resources/js/NLR/
3 KB
4 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/NLR/nlrGTM.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
02029f985d3f4902e965cbed952b8f988ce894d35a4ee1cd2adab90bdfbbaef8

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 02 Feb 2021 08:08:46 GMT
ETag
"bfc-5ba55fac8bf80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
3068
Keep-Alive
timeout=5, max=99
ajaxUtils.js
areacliente.eroski.es/areacliente/resources/js/
4 KB
4 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/ajaxUtils.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
82dd9f15d6dd6cdee4c21885830e15dd338b3ad40ae9fc6d56c4d1621b9874f3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Mon, 09 Sep 2019 05:50:40 GMT
ETag
"e64-592185e266c00"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
3684
Keep-Alive
timeout=5, max=98
sso.js
areacliente.eroski.es/areacliente/resources/js/
7 KB
8 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/sso.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
6e5c83964b27ee4293317d043979c938465eb8c7aef3bab3ea07587f10d60981

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 22 May 2018 15:24:04 GMT
ETag
"1c92-56ccd022aad00"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
7314
Keep-Alive
timeout=5, max=97
OtAutoBlock.js
cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/
13 KB
4 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/OtAutoBlock.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185fd74322b679645665bf87986cda2bd2a33cca1ba2a5e854e743921efc3454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dftt44xZ5LxfG9o/iK5LsQ==
age
4401
vary
Accept-Encoding
content-length
3533
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 12:36:16 GMT
server
cloudflare
etag
0x8DA52B97864C2C8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
125e9ba7-e01e-0013-31a2-84ed07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed52fb0237cd-MAD
expires
Tue, 19 Jul 2022 14:55:50 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
20 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4m3LBpuQ5au3un+sbdTm6g==
age
8713
vary
Accept-Encoding
content-length
6922
x-ms-lease-status
unlocked
last-modified
Thu, 14 Jul 2022 19:31:29 GMT
server
cloudflare
etag
0x8DA65CF736BBFE4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
29181591-f01e-014c-73d5-9759ac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed52fb0337cd-MAD
platform.js
apis.google.com/js/
52 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559671286e80efeb7d8ecf407297c5f56011ac01aa6ce9fc41e91486e393b62e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Tue, 19 Jul 2022 10:55:50 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"7d248261a56fc474"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 10:55:50 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/es_ES/
43 KB
18 KB
Script
General
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/es_ES/appleid.auth.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
0a1212cb083ea0615c9f8ba1b0c47a7ac1ac213fb8689d5ef6acb4f2dcd089e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 17:44:09 GMT
Server
Apple
ETag
W/"44163-1657734249364"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Date
Tue, 19 Jul 2022 10:55:50 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17903
nlrLogin.js
areacliente.eroski.es/areacliente/resources/js/NLR/
1 KB
2 KB
Script
General
Full URL
https://areacliente.eroski.es/areacliente/resources/js/NLR/nlrLogin.js?v=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
22f79e0a02219096f8e9f8de5fb63bdb1662d4de723c2fc32c26ee50dc232dc3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Fri, 29 May 2020 12:02:42 GMT
ETag
"550-5a6c838e8bc80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
1360
Keep-Alive
timeout=5, max=99
returnArrow.png
areacliente.eroski.es/areacliente/resources/img/NLR/
1 KB
2 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/returnArrow.png
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
3378c8717fc5e90c8e5a70758177c5849e405687cc30f899b9223f21ae802d5e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"5ff-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
1535
Keep-Alive
timeout=5, max=99
ajax-loader.gif
areacliente.eroski.es/areacliente/resources/img/
0
0

x.png
areacliente.eroski.es/areacliente/resources/img/NLR/
744 B
1 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/x.png
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
cd64e1d3ffc93c484514e4ee5646d5328ae6fb17bc02b509d426008af6115955

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"2e8-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
744
Keep-Alive
timeout=5, max=96
gtm.js
www.googletagmanager.com/
162 KB
56 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVRZPFJ
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c67f744988e3a15b4491574c5f329b7a15c9f3dc9bd6bbf468bae677f8e7a887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56716
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jul 2022 10:55:50 GMT
gtm.js
www.googletagmanager.com/
290 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7M63B7
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55ec3a84753b3b8db6f50ec5447f09c16c96b963fc57563493c4efd79ac981b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85764
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jul 2022 10:55:50 GMT
/
api.ipify.org/
65 B
249 B
Script
General
Full URL
https://api.ipify.org/?format=jsonp&callback=jQuery33101578516307553548_1658228150361&_=1658228150362
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/resources/js/NLR/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
8d3978d9b2b46345c714335296c164701fb8a9547965c3bfb3308c9152bd9ad6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
65
Vary
Origin
Content-Type
application/javascript
4ad5a107-ec48-4bf7-b4cd-70559698027d.json
cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/4ad5a107-ec48-4bf7-b4cd-70559698027d.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65fcc8e19276a0bfb2fab82b8cc26249ee89cd0ef5abda055e4cd6a74a9b3e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8JHegCp2ljY12QIQHNAS5A==
age
2353
vary
Accept-Encoding
content-length
1430
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 12:36:15 GMT
server
cloudflare
etag
0x8DA52B977CA456A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f1b108cc-701e-001d-59a2-84010c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed552f2e37cd-MAD
expires
Tue, 19 Jul 2022 14:55:50 GMT
logo_EROSKI.png
areacliente.eroski.es/areacliente/resources/img/NLR/
5 KB
5 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/logo_EROSKI.png
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/resources/css/NLR/newEroskiSignUP.css?v=729
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
d04632916fe0497e7724508d954e1481b0a3eb121ddd32ca560d2f4215b1f039

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/resources/css/NLR/newEroskiSignUP.css?v=729
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"1228-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
4648
Keep-Alive
timeout=5, max=97
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://areacliente.eroski.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:07:14 GMT
x-content-type-options
nosniff
age
582516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jul 2023 17:07:14 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://areacliente.eroski.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:07:14 GMT
x-content-type-options
nosniff
age
582516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Jul 2023 17:07:14 GMT
okcheck.png
areacliente.eroski.es/areacliente/resources/img/NLR/
736 B
1 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/okcheck.png
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/resources/css/NLR/newEroskiSignUP.css?v=729
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
6230ecb5c3394debd670600373997547adac7fff672228e1129f9c09997fe4cf

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/resources/css/NLR/newEroskiSignUP.css?v=729
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"2e0-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
736
Keep-Alive
timeout=5, max=98
/
api.ipify.org/
65 B
249 B
Script
General
Full URL
https://api.ipify.org/?format=jsonp&callback=jQuery33101578516307553548_1658228150363&_=1658228150364
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/resources/js/NLR/jquery-3.3.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
94b72b339153db018a7a938a0b48b47023921ddc2622669b21ba681da1b625e6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
65
Vary
Origin
Content-Type
application/javascript
returnArrow.png
areacliente.eroski.es/areacliente/resources/img/NLR/
1 KB
2 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/returnArrow.png?version=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
3378c8717fc5e90c8e5a70758177c5849e405687cc30f899b9223f21ae802d5e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"5ff-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
1535
Keep-Alive
timeout=5, max=95
ajax-loader.gif
areacliente.eroski.es/areacliente/resources/img/
9 KB
10 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/ajax-loader.gif?version=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
4ce2b7efac2bb99d363f0fa84d1c19ca629bc8f1e71202b4dc63526d12b21d93

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 19 Dec 2017 16:23:20 GMT
ETag
"25fd-560b3e28f2e00"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
9725
Keep-Alive
timeout=5, max=98
x.png
areacliente.eroski.es/areacliente/resources/img/NLR/
744 B
1 KB
Image
General
Full URL
https://areacliente.eroski.es/areacliente/resources/img/NLR/x.png?version=729
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.224.110.11 Lloret de Mar, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
11.red-194-224-110.customer.static.ccgg.telefonica.net
Software
/
Resource Hash
cd64e1d3ffc93c484514e4ee5646d5328ae6fb17bc02b509d426008af6115955

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/areacliente/es/nlrLogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:50 GMT
Last-Modified
Tue, 13 Nov 2018 12:45:30 GMT
ETag
"2e8-57a8b31512e80"
Vary
Origin
Access-Control-Allow-Methods
PUT, GET, POST, OPTIONS
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept, Origin, X-Requested-With, Content-Type, Last-Modified, X-AUTH-TOKEN, Set-Cookie
Content-Length
744
Keep-Alive
timeout=5, max=98
all.js
connect.facebook.net/es_ES/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/es_ES/all.js?_=1658228150365
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/resources/js/NLR/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86d4a97849d09b351c63afd81395632cbe3492c73d58df6a8cac2ad63bd5c0e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YasZW60AA1kdqvT5j2Swmg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Jul 2022 11:15:50 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
1jrQHvK8yEXUlhdcJxGQKKOlotjmOpwDi1azDO8Jl1JRTYWsxnhPmKry4rRX4neY/7+qSykdiWdx1O8H+bSloQ==
x-fb-trip-id
686109401
x-fb-content-md5
30e8cd2343e99a7d9f4fa31818a1d3a8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 10:55:50 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-content-cdn-origin-ts
1658228150762
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"eb11bb9eda588562a3e394e632662824"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
173 B
451 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd12d2fa3ff28cce10fa3f8184478a33a8f7c8ec1bb60e92ca0adfbe16fe76d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://areacliente.eroski.es/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72d2ed55ea5c37d9-MAD
access-control-allow-headers
Content-Type
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.9NxwC-PXr0k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9y11DgN7LUKz-ChEXjmXNOVNlawg/
108 KB
36 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.9NxwC-PXr0k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9y11DgN7LUKz-ChEXjmXNOVNlawg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onLoadGoogleCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbfbe16b916f118b149f1722034768caf8fe4bf686494afe518b69c4134da5fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 23:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36570
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 15:25:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 23:49:54 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.35.0/
360 KB
85 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bDp57sS049dDkRqCL4m53Q==
age
2626
vary
Accept-Encoding
content-length
87115
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:06 GMT
server
cloudflare
etag
0x8DA4784BD4AE529
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed56395c37cd-MAD
hotjar-658942.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-658942.js?sv=658942
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-113.dus51.r.cloudfront.net
Software
/
Resource Hash
bed4424c479dfef00d1e92ac6434da0994f63d12aa28e12c84408e69262593e0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/3dc08f9102316a5a8add5eb69bbdc446
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
lXxK3UbKBsh3wq5EsOIVOg9meWPOJnE2Q8MaGQEtkKuJj31SvXoobQ==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVRZPFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2984
date
Tue, 19 Jul 2022 10:06:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 19 Jul 2022 12:06:06 GMT
all.js
connect.facebook.net/es_ES/
296 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/es_ES/all.js?hash=e552f8f68029c17cf0aba8f2ab12f4f0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js?_=1658228150365
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8917746c208056b7c75a0e0298774731a65abb82f156a142ea490156a42cff6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://areacliente.eroski.es/
Origin
https://areacliente.eroski.es
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GJfUe5YnpaQSoYpFxpVi9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 19 Jul 2023 10:43:25 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85901
x-fb-rlafr
0
x-fb-debug
HzJVPY+u6B+su9LAam8fHWbsaIC/tsZPsJQGB3RKnvasvqcYJIJIbQ/hPQEt4G5wBkr1VC29cy/HT4eYaf8zLw==
x-fb-content-md5
0790e24e0e8f7c76361bfeb78725c822
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 10:55:50 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b1ef1a52244afdd1440da5ed8f005942"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
iframe
accounts.google.com/o/oauth2/ Frame 3D2E
280 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.9NxwC-PXr0k.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9y11DgN7LUKz-ChEXjmXNOVNlawg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c31fd549659e5cd6f350d8042699b28b8066d532e9273c472a3d641a1eca78fc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-wloYSAw7GR1BB4wW_d1SvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://areacliente.eroski.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-wloYSAw7GR1BB4wW_d1SvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 10:55:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
en.json
cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/bc925567-19a8-4697-9cc0-e392aa3f0a00/
110 KB
21 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/4ad5a107-ec48-4bf7-b4cd-70559698027d/bc925567-19a8-4697-9cc0-e392aa3f0a00/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b878ac92d4041ffde4e6b96bd79dc71c892ddb7adc73bed7463e0afc775e3893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2OuuarWk/S8stY0gI39v7Q==
age
8120
vary
Accept-Encoding
content-length
21785
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 12:36:24 GMT
server
cloudflare
etag
0x8DA52B97D023BA2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0c65306d-801e-0107-5ba2-846836000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed56eac037cd-MAD
expires
Tue, 19 Jul 2022 14:55:50 GMT
activityi;src=4378219;type=ero_visi;cat=reg_e00;ord=247969932070;gtm=2wg7i0;auiddc=543776166.1658228151;u6=undefined;u8=undefined;~oref=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrL...
4378219.fls.doubleclick.net/ Frame 3BFC
0
0

fbevents.js
connect.facebook.net/en_US/
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
FKRqvoZLBpTI98njODHDbvamPVZhc1/ZFIIHb2yyyahoJzpVJxQoHVf6cu8NbooF0Odfdi89WhSnkH4h1Sv/Gg==
x-frame-options
DENY
date
Tue, 19 Jul 2022 10:55:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixie.js
acdn.adnxs.com/dmp/up/
9 KB
4 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-226.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:51 GMT
Content-Encoding
gzip
X-Check-Cacheable
YES
Server
nginx/1.18.0 (Ubuntu)
ETag
"60b79de0-23b3"
X-Serial
1
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Connection
keep-alive
Content-Length
3340
Expires
Wed, 20 Jul 2022 10:55:53 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.35.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zJSOtjdWnPd+0Wb9iMNyXw==
age
9203
vary
Accept-Encoding
content-length
2959
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:20:56 GMT
server
cloudflare
etag
0x8DA4784B7908BBB
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e9aa8211-c01e-00ea-4fa5-8027e7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed574baa37cd-MAD
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/
60 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FpnL0cFFASD+AoL9ZhPlUA==
age
8373
vary
Accept-Encoding
content-length
13730
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:20:59 GMT
server
cloudflare
etag
0x8DA4784B9294352
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6bb0cdca-601e-00ec-25a5-80d09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
72d2ed574bad37cd-MAD
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.35.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
age
9203
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
5491a3ce-001e-0091-66a5-804c57000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
72d2ed574baf37cd-MAD
collect
stats.g.doubleclick.net/j/
1 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36762741-7&cid=1353426555.1658228151&jid=848311322&gjid=139484596&_gid=1352294434.1658228151&_u=YGBAgUABAAAAAE~&z=1698895550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://areacliente.eroski.es/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 10:55:51 GMT
content-type
text/plain
access-control-allow-origin
https://areacliente.eroski.es
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
72 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-111258381-1&cid=1353426555.1658228151&jid=1569130789&gjid=68446439&_gid=1352294434.1658228151&_u=YGDAgUABAAAAAE~&z=8577202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://areacliente.eroski.es/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Jul 2022 10:55:51 GMT
content-type
text/plain
access-control-allow-origin
https://areacliente.eroski.es
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1662017477&t=pageview&_s=1&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=848311322&gjid=139484596&cid=1353426555.1658228151&tid=UA-36762741-7&_gid=1352294434.1658228151&gtm=2wg7i0KVRZPFJ&cg2=n%2Fa&cg3=areacliente&cg4=login_registro&cd3=No&cd6=&cd7=undefined&cd8=undefined&cd9=undefined&cd12=undefined&cd13=undefined&cd14=false&z=647867605
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36332
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1662017477&t=pageview&_s=1&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAAE~&jid=1569130789&gjid=68446439&cid=1353426555.1658228151&tid=UA-111258381-1&_gid=1352294434.1658228151&gtm=2wg7i0M7M63B7&cg2=n%2Fa&cg3=areacliente&cg4=login_registro&cd2=undefined&cd3=undefined&cd4=0&cd6=&cd7=areacliente&cd8=undefined&cd9=undefined&cd5=false&cd17=GTM-M7M63B7&cd18=198&z=30758057
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36332
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Jul 2022 10:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
6257
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 14 Jul 2022 19:31:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
63f5e491-f01e-0084-5fd6-978ece000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
72d2ed57dcc937cd-MAD
modules.19a1bc5ec8df84a3470e.js
script.hotjar.com/
246 KB
64 KB
Script
General
Full URL
https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-658942.js?sv=658942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
/
Resource Hash
1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 10:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
88245
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64601
access-control-allow-origin
*
last-modified
Mon, 18 Jul 2022 10:24:19 GMT
etag
"818397aba2bb3d5a64e919a30e128d23"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EG1397qa0m6jjj-XwbZ3Sgf0aaVrxwZ263W6LlOMW4__TQAX9M1kQQ==
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 3D2E
2 KB
848 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9c747e1a3c79768875438231052346f012f17102268e2754ed2fcb8cf92a73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 10:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.oy0e2vZye-E.es5.O/d=1/rs=AOaEmlGR-u5aoRv8oGUplvuCmYdg1LaXnA/ Frame 3D2E
98 KB
34 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.oy0e2vZye-E.es5.O/d=1/rs=AOaEmlGR-u5aoRv8oGUplvuCmYdg1LaXnA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ab1213bc3ac9716cf48eb4e9b6771fae8895e2e7306968f8351ec982579ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 18:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34457
x-xss-protection
0
last-modified
Fri, 08 Jul 2022 23:41:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 18:53:14 GMT
box-0004cb77850b00d4aa7e1e08ff61e8f0.html
vars.hotjar.com/ Frame 749F
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-658942.js?sv=658942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-122.dus51.r.cloudfront.net
Software
/
Resource Hash
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://areacliente.eroski.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
age
333824
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Jul 2022 14:12:07 GMT
etag
"d2caf2e569940c65a88268a169f3facf"
last-modified
Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
x-amz-cf-id
9qA3fpHCyatuRVG5ORuSYZz_1q3-XEGmKvVKS5Gd_6k-d7l6zlVzNw==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1590403067868532&input_token&origin=1&redirect_uri=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js?hash=e552f8f68029c17cf0aba8f2ab12f4f0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
PT+C5tLwIoQwp3+LC4Mh6iWo6Yxp73G2GHRl6ppkZhA6ohUj65y8gVmpeFh18PbmIG+KCjKf2UhphMvl209KOQ==
fb-s
unknown
date
Tue, 19 Jul 2022 10:55:51 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://areacliente.eroski.es
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
252027318670671
connect.facebook.net/signals/config/
291 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/252027318670671?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d02a393ea82ad042f6cf05ebeef042799da239bbdfbff9d831fc1b5aad836cc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85602
x-xss-protection
0
pragma
public
x-fb-debug
bb45OIyePjLrv00jdq68tZn1iKSOLhRWy++wBAEV9alUUafwMi47oEfNhGJNe22hbkpwDMZ6wRXpRbQYRkEsSA==
x-frame-options
DENY
date
Tue, 19 Jul 2022 10:55:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111258381-1&cid=1353426555.1658228151&jid=1569130789&_u=YGDAgUABAAAAAE~&z=1554039472
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 10:55:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.es/ads/
42 B
501 B
Image
General
Full URL
https://www.google.es/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111258381-1&cid=1353426555.1658228151&jid=1569130789&_u=YGDAgUABAAAAAE~&z=1554039472
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 10:55:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/
42 B
347 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=e3d493b2-64a3-48ec-a9f1-b374c04661d3&it=1658228151113&v=0.0.20&u=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&st=1658228151113&et=1658228151113&if=0
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.154 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
955.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 10:55:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
45.152.183.46; 45.152.183.46; 955.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
2184731448478727
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2184731448478727?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
234d0b57faeb151b81bebcdcdacc7debfe63196eeab3a3a85cc51e5fc34251c3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85616
x-xss-protection
0
pragma
public
x-fb-debug
XAEUDv/NG5AzrPlpyzqGJkZ0csY8nM1fxR9uEWTj2R9kQX/x2ZnfA09jR7sYZkTbIik+hE2zH3RqPwYcg7D65Q==
x-frame-options
DENY
date
Tue, 19 Jul 2022 10:55:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
406 B
Image
General
Full URL
https://www.facebook.com/tr/?id=252027318670671&ev=PageView&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&rl=&if=false&ts=1658228151231&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1658228151230.1407911069&it=1658228151088&coo=false&exp=u0&rqm=GET
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 19 Jul 2022 10:55:51 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2184731448478727&ev=PageView&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&rl=&if=false&ts=1658228151316&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658228151230.1407911069&it=1658228151088&coo=false&exp=u0&rqm=GET
Requested by
Host: areacliente.eroski.es
URL: https://areacliente.eroski.es/areacliente/es/nlrLogin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 19 Jul 2022 10:55:51 GMT
658942
vc.hotjar.io/sessions/
0
257 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/658942?s=0.25&r=0.008051430502504786
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.19a1bc5ec8df84a3470e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
kFxr-xzY04QNjbVeRkjY_lK6DpFUKWPMj-nV53C31KgxysHfzA2XdQ==
iframerpc
accounts.google.com/o/oauth2/ Frame 3D2E
49 B
96 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fareacliente.eroski.es&client_id=277223809512-8cod3gcaq35b0q7u0kvin1lgukub6566.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.oy0e2vZye-E.es5.O/d=1/rs=AOaEmlGR-u5aoRv8oGUplvuCmYdg1LaXnA/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vxrYoOJilBFDJBeAgnTgrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-vxrYoOJilBFDJBeAgnTgrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Tue, 19 Jul 2022 10:55:51 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=252027318670671&ev=Microdata&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&rl=&if=false&ts=1658228151734&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Area%20Cliente%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fresources%2Fimg%2FlogoEroskiContigoOgImage_es.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1658228151230.1407911069&it=1658228151088&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 19 Jul 2022 10:55:51 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2184731448478727&ev=Microdata&dl=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&rl=&if=false&ts=1658228151817&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Area%20Cliente%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fresources%2Fimg%2FlogoEroskiContigoOgImage_es.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1658228151230.1407911069&it=1658228151088&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://areacliente.eroski.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:55:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 19 Jul 2022 10:55:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
areacliente.eroski.es
URL
https://areacliente.eroski.es/areacliente/resources/img/ajax-loader.gif
Domain
4378219.fls.doubleclick.net
URL
https://4378219.fls.doubleclick.net/activityi;src=4378219;type=ero_visi;cat=reg_e00;ord=247969932070;gtm=2wg7i0;auiddc=543776166.1658228151;u6=undefined;u8=undefined;~oref=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin?

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Validator object| ParsleyConfig object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| getBaseUrl function| getSearchParams function| getCookie function| getSuperPorIdioma function| getDecodeValueOfDigitCardNumber function| validateCard function| showCondicionesClub function| validateLuhn function| validateClubCardAnverso function| validateCardAnverso function| invertirCadena function| validateClubCardReverso function| ponerElCursorAlFinal function| validateFecha function| validateFechaHora function| formatFechaHora function| validarHoneypot function| isCorrectCardNumberSize function| saveLogGTM function| sendNLRRegistroGTM function| sendAltaRegistroGTM function| sendB_RegistroGTM boolean| inyectadoGTM object| dataLayer function| postWithLoader function| postCallMovilServiceManteniendoControl function| postWithoutLoader function| post_to_url function| post_to_url_with_loader function| postMultipartFormWithLoader function| post_to_url2 string| fromApp string| ip function| slideUpDown function| RefreshDocumentPlaceholder function| refreshDocumentMaxLenght function| validateCodDoc function| reajustLenghtsByDocumentType function| showLayer function| existeDoc function| cerrarLayerShowMsgReactivacionAppclub function| cerrarLayerDniYaExisteMcommerce function| cerrarLayerDniYaExiste function| getDateFormatDefault function| existeLaFecha function| fechaMayor18Anyos function| setAndinitDatepicker function| changeFormatDate function| setLocaleParsleyMessages function| validFormatNroDoc function| showPopup function| hidePopup function| resetCodigoControlTEC function| getQueryVariable function| noNavigateAndNoHref function| soloNumeros function| trimInput function| getUrlParameter function| linkVolver function| isAsciiPrintableEmail function| postToUrl function| putTooltipClaveSegura string| hayTagManager function| getSSOUrl function| getSSOData function| changeLocale function| localeCallback function| topMenuDespl2 function| clickTopMenu2 function| showLoginOptions function| logout function| updateLocalLogin string| _this_url function| setCookie function| deleteCookie function| changeLocaleView function| urlCambioIdiomaCondiciones object| OneTrustStub function| OptanonWrapper function| facebookSync function| facebookSyncManagerResult function| facebookDesvincular function| facebookLoginNLR function| facebookRegistroNLR function| facebookCallLoginControllerNLR function| facebookRegistroNLR_v1 function| facebookCallRegistroControllerNLR function| redirigirFacebookAappclub function| onLoadGoogleCallback function| onSyncGoogleCallback function| googleSync function| googleSyncManagerResult function| googleDesvincular function| redirigirAappclub function| syncGoogleAppclub function| appleCallback function| redirigirAppleAappclub function| appleSyncManagerResult function| syncAppleAppclub function| appleDesvincular function| appleSync object| AppleID function| reactivarCuentaSocial function| reactivarCuenta function| volver function| reenviarEmailRecordatorio function| irAContactaConNosotros function| recuperarCuenta function| recuperarCuentaContinue function| irAlRegistroConLogout function| regenerarToken function| managerRedirect function| login function| showSmsInputText function| checkDobleVerificacion function| managerErrorLogin string| idioma object| _monthNames object| _dayNames object| _dayNamesMin object| gapi object| ___jsl object| element string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager function| postscribe object| google_tag_manager_external function| hj object| _hjSettings function| sha1 object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB function| fbAsyncInit object| osapi object| auth2 function| fbq function| _fbq undefined| cookieName undefined| cookieValue function| pixie object| buttons string| n object| Optanon object| OneTrust object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __buffer

20 Cookies

Domain/Path Name / Value
areacliente.eroski.es/areacliente/ Name: JSESSIONID
Value: 40555DB946A58E59F813027BFC0E7F2B
areacliente.eroski.es/areacliente/ Name: TS0192bb9c
Value: 01301e525bcfac5577389401d20a443a27d613ba8e6aa7dbd16c00cd9e5847aed49090355b349e7128fce0e379ab779977044ec8ae
areacliente.eroski.es/ Name: LocaleCookie
Value: es
areacliente.eroski.es/ Name: BIGipServer~DMZ_EROSKI~CLUBEROSKI_AREACLIENTE_farm
Value: rd4o00000000000000000000ffffc0a8b2aao443
.eroski.es/ Name: TS0190b8ad
Value: 01301e525bcfac5577389401d20a443a27d613ba8e6aa7dbd16c00cd9e5847aed49090355b349e7128fce0e379ab779977044ec8ae
.areacliente.eroski.es/ Name: G_ENABLED_IDPS
Value: google
.eroski.es/ Name: _gcl_au
Value: 1.1.543776166.1658228151
.eroski.es/ Name: _ga
Value: GA1.2.1353426555.1658228151
.eroski.es/ Name: _gid
Value: GA1.2.1352294434.1658228151
.eroski.es/ Name: _dc_gtm_UA-36762741-7
Value: 1
.eroski.es/ Name: _dc_gtm_UA-111258381-1
Value: 1
.eroski.es/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jul+19+2022+10%3A55%3A51+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&consentId=4bc4f303-c20b-4336-8735-081454fa20e8&interactionCount=0&landingPath=https%3A%2F%2Fareacliente.eroski.es%2Fareacliente%2Fes%2FnlrLogin&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0%2CC0007%3A0
.eroski.es/ Name: _fbp
Value: fb.1.1658228151230.1407911069
.facebook.com/ Name: fr
Value: 05Ni0dwibenbixZoO..Bi1o23...1.0.Bi1o23.
.eroski.es/ Name: _hjSessionUser_658942
Value: eyJpZCI6ImJiNTk5ZmUzLWU3YjktNWYyNS04NzMwLTc3NmVmZmRhZGNjMCIsImNyZWF0ZWQiOjE2NTgyMjgxNTEzOTYsImV4aXN0aW5nIjpmYWxzZX0=
.eroski.es/ Name: _hjFirstSeen
Value: 1
areacliente.eroski.es/ Name: _hjIncludedInSessionSample
Value: 0
.eroski.es/ Name: _hjSession_658942
Value: eyJpZCI6Ijc3ZGM0NDA0LTdiZTItNGVhZS04ZDdjLWE1YTYzMDMwZDhiOCIsImNyZWF0ZWQiOjE2NTgyMjgxNTE0MTIsImluU2FtcGxlIjpmYWxzZX0=
.eroski.es/ Name: _hjAbsoluteSessionInProgress
Value: 1
.google.com/ Name: NID
Value: 511=XgfNX6tCKyCdric1zoUpjmV7OJhFvo3WX4n2sfZarXX_AlzW3yvLJ4jqJE3zf4GmxiJMQSmRLaNCvsqNkLItlfbW_CqIM62OyQFf-6hNbj8AKRvjEkMm8ELTMDqF--0gOsLcEtILfsUpO7Bx_HqhMMnk5JVmSZ9PQuUvl2GZuU8

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4378219.fls.doubleclick.net
accounts.google.com
acdn.adnxs.com
api.ipify.org
apis.google.com
appleid.cdn-apple.com
areacliente.eroski.es
cdn.cookielaw.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.es
www.googletagmanager.com
www.gstatic.com
4378219.fls.doubleclick.net
areacliente.eroski.es
104.90.104.226
108.157.4.113
108.157.4.122
13.224.189.42
13.225.78.127
185.89.210.154
194.224.110.11
2001:4860:4802:32::178
2606:4700:4400::6812:2962
2606:4700::6810:9440
2a00:1450:4001:801::2003
2a00:1450:4001:806::200d
2a00:1450:4001:80b::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.220.57.224
96.16.134.158
02029f985d3f4902e965cbed952b8f988ce894d35a4ee1cd2adab90bdfbbaef8
0a1212cb083ea0615c9f8ba1b0c47a7ac1ac213fb8689d5ef6acb4f2dcd089e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
185fd74322b679645665bf87986cda2bd2a33cca1ba2a5e854e743921efc3454
1d44c70e9b719bf6984e7cbaaf6027d12d05ada6ffdebd0bea9ce018b28b10e5
22f79e0a02219096f8e9f8de5fb63bdb1662d4de723c2fc32c26ee50dc232dc3
234d0b57faeb151b81bebcdcdacc7debfe63196eeab3a3a85cc51e5fc34251c3
3378c8717fc5e90c8e5a70758177c5849e405687cc30f899b9223f21ae802d5e
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ce2b7efac2bb99d363f0fa84d1c19ca629bc8f1e71202b4dc63526d12b21d93
559671286e80efeb7d8ecf407297c5f56011ac01aa6ce9fc41e91486e393b62e
55ec3a84753b3b8db6f50ec5447f09c16c96b963fc57563493c4efd79ac981b8
6230ecb5c3394debd670600373997547adac7fff672228e1129f9c09997fe4cf
65ae65b2d156cd2c98e3166a6480d181d9705f9a7729417eec1c690835819d6e
66bdef0724e5306421bcc7e0910e41b5645228119ad9096ca4a6099e48d94e6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6e5c83964b27ee4293317d043979c938465eb8c7aef3bab3ea07587f10d60981
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
82dd9f15d6dd6cdee4c21885830e15dd338b3ad40ae9fc6d56c4d1621b9874f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d4a97849d09b351c63afd81395632cbe3492c73d58df6a8cac2ad63bd5c0e5
8917746c208056b7c75a0e0298774731a65abb82f156a142ea490156a42cff6f
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8d02a393ea82ad042f6cf05ebeef042799da239bbdfbff9d831fc1b5aad836cc
8d3978d9b2b46345c714335296c164701fb8a9547965c3bfb3308c9152bd9ad6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94b72b339153db018a7a938a0b48b47023921ddc2622669b21ba681da1b625e6
94dcf5556e059d9e35d347a9fdd7c295ec5d8001d8c00693dfc2a7d18f9fb0f3
a18d763869963333c5ea059740c6080e265629909bc96f5daaed3fe7ea663f28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a38adc41c4dcf12d566d778e7fed6ab065d7531aa14ca9c62143f48cd803a5
ae4fc8ad588fcbde2908ed2bbdbda8e3dcfb3571b47671f9861d244aa72ed5ef
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b878ac92d4041ffde4e6b96bd79dc71c892ddb7adc73bed7463e0afc775e3893
b8ab1213bc3ac9716cf48eb4e9b6771fae8895e2e7306968f8351ec982579ef2
bd0e71d5183bdb15c999a75e631bec85c4e52d22d7e730d5be641765a336652f
bed4424c479dfef00d1e92ac6434da0994f63d12aa28e12c84408e69262593e0
c31fd549659e5cd6f350d8042699b28b8066d532e9273c472a3d641a1eca78fc
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c65fcc8e19276a0bfb2fab82b8cc26249ee89cd0ef5abda055e4cd6a74a9b3e2
c67f744988e3a15b4491574c5f329b7a15c9f3dc9bd6bbf468bae677f8e7a887
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cd12d2fa3ff28cce10fa3f8184478a33a8f7c8ec1bb60e92ca0adfbe16fe76d4
cd64e1d3ffc93c484514e4ee5646d5328ae6fb17bc02b509d426008af6115955
d04632916fe0497e7724508d954e1481b0a3eb121ddd32ca560d2f4215b1f039
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
dbfbe16b916f118b149f1722034768caf8fe4bf686494afe518b69c4134da5fb
e1de5ecc2cdf36ca16dfc5946f0800fa6c0bda034886725fcb3fa7be7025632e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f568972568b02c36e87b5ef049ead53a3cb775704534779a134a97876396be4a
f813311527c2a9caeb4c6361db8e44dceef5e476540f06904450eea4a659fef8
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
f9c747e1a3c79768875438231052346f012f17102268e2754ed2fcb8cf92a73c