urlscan.io logo urlscan.io
SecurityTrails logo

www.hipercard.com.br Open in urlscan Pro
104.109.77.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mobile-hipercard.com/
Effective URL: https://www.hipercard.com.br/
Submission: On November 25 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 104.109.77.88, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.hipercard.com.br.
TLS certificate: Issued by GeoTrust RSA CA 2018 on October 3rd 2019. Valid for: 8 months.
This is the only time www.hipercard.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:4780:dea... 204915 (AWEX)
15 104.109.77.88 20940 (AKAMAI-ASN1)
3 72.247.225.88 16625 (AKAMAI-AS)
1 2 108.128.130.224 16509 (AMAZON-02)
19 3
Apex Domain
Subdomains		 Transfer
15 hipercard.com.br
www.hipercard.com.br
673 KB
3 adobedtm.com
assets.adobedtm.com
60 KB
2 omtrdc.net
itau.d2.sc.omtrdc.net
1 KB
1 mobile-hipercard.com
mobile-hipercard.com
279 B
19 4
Domain Requested by
15 www.hipercard.com.br www.hipercard.com.br
3 assets.adobedtm.com www.hipercard.com.br
assets.adobedtm.com
2 itau.d2.sc.omtrdc.net 1 redirects
1 mobile-hipercard.com 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
www.personnalite.com.br
GeoTrust RSA CA 2018		 2019-10-03 -
2020-05-20		 8 months crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
*.d2.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hipercard.com.br/
Frame ID: 6A0C1031E398BE0E12629578750E9437
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hipercard

Page URL History Show full URLs

  1. https://mobile-hipercard.com/ HTTP 302
    https://www.hipercard.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*aem-Grid/i
Overall confidence: 100%
Detected patterns
  • html /<div class="[^"]*aem-Grid/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

734 kB
Transfer

1937 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mobile-hipercard.com/ HTTP 302
    https://www.hipercard.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=1&.d&ce=UTF-8&pageName=IT%3ANL%3AHIP%3A&g=https%3A%2F%2Fwww.hipercard.com.br%2F&cc=BRL&ch=Home&h1=IT%3ANL%3AHIP&c2=D%3Dv1&c6=D%3Dv9&v9=IT%3ANL%3AHIP%3A&c13=D%3Dv13&c44=D%3Dv79&v79=AEM&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&pccr=true&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=1&.d&ce=UTF-8&pageName=IT%3ANL%3AHIP%3A&g=https%3A%2F%2Fwww.hipercard.com.br%2F&cc=BRL&ch=Home&h1=IT%3ANL%3AHIP&c2=D%3Dv1&c6=D%3Dv9&v9=IT%3ANL%3AHIP%3A&c13=D%3Dv13&c44=D%3Dv79&v79=AEM&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hipercard.com.br/
Redirect Chain
  • https://mobile-hipercard.com/
  • https://www.hipercard.com.br/
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
224e2c85f55ba87f91d3d6f821c931d60f53c36717a2c2b322d51e9cac017d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.hipercard.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
accept-ranges
bytes
cache-control
no-cache="set-cookie"
content-encoding
gzip
content-type
text/html; charset=UTF-8
etag
"385a-59830d234df25-gzip"
last-modified
Mon, 25 Nov 2019 19:32:16 GMT
server
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
content-length
3423
date
Mon, 25 Nov 2019 20:00:56 GMT
vary
Accept-Encoding

Redirect headers

status
302
date
Mon, 25 Nov 2019 20:00:55 GMT
content-type
text/html; charset=UTF-8
location
https://www.hipercard.com.br/
refresh
2;url=home.php?Ol1H36e4fAOju2FR7mbXVZaRZG8jebiw/B-mT3ck6JPoQNAASLdJGXRu4Y64IJT66VNDSEghH4MO0jbVYvYTxouPWKep/PJYs#ex
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
bf15dbb59a30febb06e6fae619791a1c
clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/ 		533 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
694065f3dc7bbf9664d679124f4e399a2de3face9e7eda750205e71631e2c653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 18:20:25 GMT
server
etag
"85395-597df59ea7215-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
56995
clientlib-base.min.458e4581a0508876a64872989e22de60.css
www.hipercard.com.br/etc.clientlibs/hipercard/clientlibs/ 		113 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/hipercard/clientlibs/clientlib-base.min.458e4581a0508876a64872989e22de60.css
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d451b0059254bdf6c954493dbca5837892475f9b5bc63acf27e06e569d0ea5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 15 Nov 2019 06:14:27 GMT
server
etag
W/"1c217-5975c82988d0d-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
13330
launch-EN19fad8b041be4675ad4a3153242f0473.min.js
assets.adobedtm.com/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN19fad8b041be4675ad4a3153242f0473.min.js
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.88 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-88.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c3d0b91657fe82a15a7164cdac12fa965487261cf23d296af5d87dd7dd2d14d

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 20:00:56 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 23:47:32 GMT
server
AkamaiNetStorage
etag
"3b56602e3cb86cbd2fa458d838a26c5c:1574120852.330048"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
39369
expires
Mon, 25 Nov 2019 21:00:56 GMT
hipercard.png
www.hipercard.com.br/content/dam/hipercard/logo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipercard.com.br/content/dam/hipercard/logo/hipercard.png
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da32fc6adc4ec9225afdaaf1440b448517c56f43cd9592f11e13742972d5e430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 29 Oct 2019 16:12:42 GMT
server
etag
"28a9-5960ee2c7b280"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
10409
imagem-cartoes-540x345.jpg
www.hipercard.com.br/content/dam/hipercard/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipercard.com.br/content/dam/hipercard/imagem-cartoes-540x345.jpg
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f13e0f4f836829355d5ad18c3a4368b5ab6e2a185ff5bad30c59eba07024ec8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Nov 2019 05:09:59 GMT
server
etag
"1f43c-5975b9c0d9476"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
128060
close-de-mulher-sorridente-encostada-em-parede.jpg
www.hipercard.com.br/content/dam/ibba/quem-somos/ 		848 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipercard.com.br/content/dam/ibba/quem-somos/close-de-mulher-sorridente-encostada-em-parede.jpg
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Nov 2019 20:00:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
no-cache
content-length
570
imagem-bandeira-540x345.jpg
www.hipercard.com.br/content/dam/hipercard/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipercard.com.br/content/dam/hipercard/imagem-bandeira-540x345.jpg
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1bc3d4cd64f19a2840bc6776e185353f61a77be6e12ce43ceb2bbb4b884d2541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Nov 2019 05:09:59 GMT
server
etag
"20a83-5975b9c0ec525"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
133763
clientlib-base.min.b01d6b0a041858d4834cbba9235307eb.js
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/ 		638 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.b01d6b0a041858d4834cbba9235307eb.js
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a471648cee9a22023e344620f52d2f1852ff8aa46713954c4eeda94285003d86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 19:04:57 GMT
server
etag
"9f7db-597dff9303560-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
172184
clientlib-base.min.00963111973acd9e6cd20dec0011557c.js
www.hipercard.com.br/etc.clientlibs/hipercard/clientlibs/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/hipercard/clientlibs/clientlib-base.min.00963111973acd9e6cd20dec0011557c.js
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8c6ea4687405f36442a71668698deb29471d15c7059540e58866b73fc48cee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 15 Nov 2019 06:14:28 GMT
server
etag
W/"9e64-5975c82a7949f-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
8975
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN19fad8b041be4675ad4a3153242f0473.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.88 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-88.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 20:00:56 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2019 23:03:32 GMT
server
Apache
etag
"72404253c27255247028f0ba11022cf8:1559603012"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12916
expires
Mon, 25 Nov 2019 21:00:56 GMT
imagem-banner-home-desk-1440x450.jpg
www.hipercard.com.br/content/dam/hipercard/cartoes/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hipercard.com.br/content/dam/hipercard/cartoes/imagem-banner-home-desk-1440x450.jpg
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1c38080e796fa15c091d4ffbc8591922a2b8e3a96ea9b352c6c0149a2378f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Nov 2019 05:09:59 GMT
server
x-akamai-pragma-client-ip
10.62.238.235, 200.196.153.33
etag
"f4c9-5975b9c0f3a55"
x-serial
8211
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-check-cacheable
YES
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
62665
ItauText_Rg.woff2
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Origin
https://www.hipercard.com.br

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 18:33:03 GMT
server
etag
W/"45e4-597df87147176-gzip"
x-frame-options
SAMEORIGIN
status
200
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
17915
ItauText_Bd.woff2
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Origin
https://www.hipercard.com.br

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 19:09:51 GMT
server
etag
"46dc-597e00ab09b94-gzip"
x-frame-options
SAMEORIGIN
status
200
cache-control
no-cache="set-cookie"
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
18156
itaudisplay_bd-webfont.woff2
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6941f9570d5085cfa2ddba639611d4a5ab3e9aded5e3eb2139dc23e613b20067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Origin
https://www.hipercard.com.br

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 22:30:22 GMT
server
etag
"500c-597e2d7cabc2c-gzip"
x-frame-options
SAMEORIGIN
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
20515
itaudisplay_xbd-webfont.woff2
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauDisplay/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcd743060b3c09ccf5003db3bb4b85fbe7a71d176638dabbf089669ef3f787c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Origin
https://www.hipercard.com.br

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 22:30:22 GMT
server
etag
"4f14-597e2d7cac3fc-gzip"
x-frame-options
SAMEORIGIN
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
20267
ItauText_Lt.woff2
www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2
Requested by
Host: www.hipercard.com.br
URL: https://www.hipercard.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.77.88 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-77-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f898f65ddbfb8e0b9ecf86132b0fa3ed23b5cfa87d599e7b5364c5b3ef7e5c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.hipercard.com.br/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.46e8b7cc3d55f619b0c0565b85c4f06f.css
Origin
https://www.hipercard.com.br

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 Nov 2019 22:31:01 GMT
server
etag
"4464-597e2da2202b9-gzip"
x-frame-options
SAMEORIGIN
status
200
date
Mon, 25 Nov 2019 20:00:56 GMT
accept-ranges
bytes
content-length
17531
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN19fad8b041be4675ad4a3153242f0473.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.88 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-88.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 20:00:56 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2019 23:03:35 GMT
server
Apache
etag
"e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8640
expires
Mon, 25 Nov 2019 21:00:56 GMT
s62571368256233
itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/
Redirect Chain
  • https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=1&.d&ce=UT...
  • https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&pccr=true&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=...
111 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&pccr=true&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=1&.d&ce=UTF-8&pageName=IT%3ANL%3AHIP%3A&g=https%3A%2F%2Fwww.hipercard.com.br%2F&cc=BRL&ch=Home&h1=IT%3ANL%3AHIP&c2=D%3Dv1&c6=D%3Dv9&v9=IT%3ANL%3AHIP%3A&c13=D%3Dv13&c44=D%3Dv79&v79=AEM&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.130.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-108-128-130-224.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
226f1e9e1b79e75d50b5ebf9e1d75b3c8dc91d35f1dc1f9c12eb67bd3df35cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hipercard.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 20:00:56 GMT
x-content-type-options
nosniff
x-c
master-1061.Iecc33a.M0-311
p3p
CP="This is not a P3P policy"
status
200
content-length
111
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 26 Nov 2019 20:00:56 GMT
server
jag
xserver
anedge-65bcc487c6-jmmqr
etag
3381668390653755392-4618132144547382935
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 24 Nov 2019 20:00:56 GMT

Redirect headers

date
Mon, 25 Nov 2019 20:00:56 GMT
x-content-type-options
nosniff
x-c
master-1061.Iecc33a.M0-311
p3p
CP="This is not a P3P policy"
status
302
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 26 Nov 2019 20:00:56 GMT
server
jag
xserver
anedge-65bcc487c6-86g67
location
https://itau.d2.sc.omtrdc.net/b/ss/it-itau/10/JS-2.14.0-L9UP/s62571368256233?AQB=1&pccr=true&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F10%2F2019%2021%3A0%3A56%201%20-60&d.&nsid=0&jsonv=1&.d&ce=UTF-8&pageName=IT%3ANL%3AHIP%3A&g=https%3A%2F%2Fwww.hipercard.com.br%2F&cc=BRL&ch=Home&h1=IT%3ANL%3AHIP&c2=D%3Dv1&c6=D%3Dv9&v9=IT%3ANL%3AHIP%3A&c13=D%3Dv13&c44=D%3Dv79&v79=AEM&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 24 Nov 2019 20:00:56 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| analyticsData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL function| isVisible boolean| isSafari boolean| isMac function| isBreakPoint function| setCookie function| getCookie object| navigationMenu function| sizeChildrenIsBigger function| resizeFullImageBanner function| mainBannerInit string| btnHelp function| setDynamicSectionId function| getUrlVars function| getUrlVar function| scrollToElement number| browserMinIe number| browserMinFirefox number| browserMinChrome number| browserMinOpera number| browserMinSafari string| nAgt undefined| nameOffset number| verOffset number| ix undefined| start undefined| end boolean| browserAntigoStatus undefined| htm2 object| regExpLocation undefined| linkDataVideo function| youtubePlayVideo function| verifyInternalSourceVideo function| openVideoSource function| inertAttr function| openInternalVideo function| openExternalVideo function| closeVideo function| createVideoPlayerExternal function| createVideoPlayerInternal function| removeVideoPlayer function| focusInTheLastImg function| listenerVideoClick function| clickDescription function| listeningEscAction function| $ function| jQuery function| MobileDetect object| detectZoom function| Popper object| bootstrap string| youtubeVideoParameters function| logonHipercard object| login object| cookieLogin function| hideContentBelow function| showContentBelow function| analyticsSanitizeLabels object| s_i_it-itau

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js(Line 2)
Message:
Warning: Invalid visitorInstance.publishDestinations version. URL destinations will not be fired

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
itau.d2.sc.omtrdc.net
mobile-hipercard.com
www.hipercard.com.br
104.109.77.88
108.128.130.224
2a02:4780:dead:eca1::1
72.247.225.88
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
0c3d0b91657fe82a15a7164cdac12fa965487261cf23d296af5d87dd7dd2d14d
1bc3d4cd64f19a2840bc6776e185353f61a77be6e12ce43ceb2bbb4b884d2541
224e2c85f55ba87f91d3d6f821c931d60f53c36717a2c2b322d51e9cac017d3c
226f1e9e1b79e75d50b5ebf9e1d75b3c8dc91d35f1dc1f9c12eb67bd3df35cdf
25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
694065f3dc7bbf9664d679124f4e399a2de3face9e7eda750205e71631e2c653
6941f9570d5085cfa2ddba639611d4a5ab3e9aded5e3eb2139dc23e613b20067
a471648cee9a22023e344620f52d2f1852ff8aa46713954c4eeda94285003d86
a8c6ea4687405f36442a71668698deb29471d15c7059540e58866b73fc48cee2
d451b0059254bdf6c954493dbca5837892475f9b5bc63acf27e06e569d0ea5b5
da32fc6adc4ec9225afdaaf1440b448517c56f43cd9592f11e13742972d5e430
dcd743060b3c09ccf5003db3bb4b85fbe7a71d176638dabbf089669ef3f787c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f13e0f4f836829355d5ad18c3a4368b5ab6e2a185ff5bad30c59eba07024ec8d
f1c38080e796fa15c091d4ffbc8591922a2b8e3a96ea9b352c6c0149a2378f4e
f898f65ddbfb8e0b9ecf86132b0fa3ed23b5cfa87d599e7b5364c5b3ef7e5c1c