transacciones.davivienda.com Open in urlscan Pro
45.60.197.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://transacciones.davivienda.com/transaccional/dashboard/ruxitagentjs_ICA237QSVfghijoqrtux_10223210811140219.js
Submission Tags: falconsandbox
Submission: On September 25 via api (September 25th 2021, 7:06:13 am UTC) from US — Scanned from DE

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 45.60.197.231, located in United States and belongs to INCAPSULA, US. The main domain is transacciones.davivienda.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on September 7th 2021. Valid for: 6 months.

This is the only time transacciones.davivienda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	45.60.197.231 45.60.197.231		19551 (INCAPSULA) (INCAPSULA)
1	1

1 45.60.197.231 (United States)

ASN19551 (INCAPSULA, US)

transacciones.davivienda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	davivienda.com transacciones.davivienda.com	121 KB
1	1

	Domain	Requested by
1	transacciones.davivienda.com
1	1

This site contains no links.

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-07` - `2022-03-09`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://transacciones.davivienda.com/transaccional/dashboard/ruxitagentjs_ICA237QSVfghijoqrtux_10223210811140219.js
Frame ID: 27B7281DEC84FA1F8E78AD9FB400298A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

121 kB
Transfer

329 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ruxitagentjs_ICA237QSVfghijoqrtux_10223210811140219.js Show response transacciones.davivienda.com/transaccional/dashboard/	329 KB 121 KB	467ms 115ms	Document text/javascript	45.60.197.231 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://transacciones.davivienda.com/transaccional/dashboard/ruxitagentjs_ICA237QSVfghijoqrtux_10223210811140219.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.197.231 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `9301123f0f43e43a4cf1335d3fc29f54071d7061744bf77c49c7256accd88142` Request headers :method GET :authority transacciones.davivienda.com :scheme https :path /transaccional/dashboard/ruxitagentjs_ICA237QSVfghijoqrtux_10223210811140219.js pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers etag "38fc63aa" last-modified Wed, 03 Mar 2010 07:01:40 GMT content-type text/javascript; charset=utf-8 content-length 121968 content-encoding gzip cache-control max-age=30836218, public expires Sat, 17 Sep 2022 04:43:05 GMT date Sat, 25 Sep 2021 07:06:07 GMT set-cookie visid_incap_2645236=AlXvysFoRjyt9/iTMvEz+l/KTmEAAAAAQUIPAAAAAADKNCwguLUykxpiomUeMsDZ; expires=Sat, 24 Sep 2022 23:39:03 GMT; HttpOnly; path=/; Domain=.davivienda.com incap_ses_1309_2645236=I2nSfTqeUGzVGdAO24AqEl/KTmEAAAAADcv5sPIwO6RQaXOrkpRKkw==; path=/; Domain=.davivienda.com x-cdn Imperva content-security-policy-report-only default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com www.googletagmanager.com tags.bkrtx.com; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: img03.en25.com www.gstatic.com tags.bkrtx.com dxj.davivienda.com www.googletagmanager.com www.google-analytics.com www.google.com; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: static3.avast.com fonts.gstatic.com; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google-analytics.com .doubleclick.net dxw.davivienda.com dxl.davivienda.com; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: 1.c81358859121583b7adf2ace89cb39f44.com www.google.com mbaas.co.davivienda.com www.youtube.com stags.bluekai.com 1.b406929acabac9b095f124c81bdfcf57f.com www.googletagmanager.com 1.a79ab95c1589a13f8a4cab612bc71f9f7.com; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.ca www.googletagmanager.com cdnjs.cloudflare.com www.google-analytics.com www.gstatic.com www.google.es www.google.com.co www.google.com.mx s1585023691.t.eloqua.com stags.bluekai.com www.google.com www.google.co.ve www.davivienda.com www.google.cl; form-action transacciones.davivienda.com mbaas.co.davivienda.com; report-uri /csp_report x-iinfo* 12-25396451-25395250 3CNN RT(1632553567587 0) q(0 0 0 0) r(1 1) U18

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.davivienda.com/	1970-01-20 06:14:22	Name: visid_incap_2645236 Value: AlXvysFoRjyt9/iTMvEz+l/KTmEAAAAAQUIPAAAAAADKNCwguLUykxpiomUeMsDZ
			.davivienda.com/	1969-12-31 23:59:59	Name: incap_ses_1309_2645236 Value: I2nSfTqeUGzVGdAO24AqEl/KTmEAAAAADcv5sPIwO6RQaXOrkpRKkw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

transacciones.davivienda.com
45.60.197.231
9301123f0f43e43a4cf1335d3fc29f54071d7061744bf77c49c7256accd88142

transacciones.davivienda.com Open in urlscan Pro 45.60.197.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

121 kBTransfer

329 kBSize

2 Cookies

0 Outgoing links

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

transacciones.davivienda.com Open in urlscan Pro
45.60.197.231 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

121 kB
Transfer

329 kB
Size

2
Cookies

1 HTTP transactions
0 data transactions