acesso-online.com Open in urlscan Pro
2606:4700:3031::681f:5ba7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://acesso-online.com/~~/authenticity.php
Submission: On May 15 via automatic, source openphish (May 15th 2020, 12:24:29 pm UTC)

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3031::681f:5ba7, located in United States and belongs to CLOUDFLARENET, US. The main domain is acesso-online.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 12th 2020. Valid for: 5 months.

This is the only time acesso-online.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::681f:5ba7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	54.72.105.230 54.72.105.230	16509 (AMAZON-02) (AMAZON-02)
5	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	54.76.213.229 54.76.213.229	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
3	95.101.104.150 95.101.104.150	16625 (AKAMAI-AS) (AKAMAI-AS)
23	23.37.43.25 23.37.43.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::681a:4c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.202.93.59 18.202.93.59	16509 (AMAZON-02) (AMAZON-02)
3	52.211.89.62 52.211.89.62	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
49	15

1 2606:4700:3031::681f:5ba7 (United States)

ASN13335 (CLOUDFLARENET, US)

acesso-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.105.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-105-230.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.213.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-213-229.eu-west-1.compute.amazonaws.com

wpp.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.104.150 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-104-150.deploy.static.akamaitechnologies.com

www.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.37.43.25 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-43-25.deploy.static.akamaitechnologies.com

estatico.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4c4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.clipart.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.93.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-93-59.eu-west-1.compute.amazonaws.com

itau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.89.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	itau.com.br www.itau.com.br estatico.itau.com.br	1 MB
7	krxd.net beacon.krxd.net cdn.krxd.net consumer.krxd.net wpp.krxd.net	86 KB
5	demdex.net itau.demdex.net dpm.demdex.net	10 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	facebook.com www.facebook.com	360 B
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	182 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	152 B
1	clipart.email cdn.clipart.email	137 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	acesso-online.com acesso-online.com	12 KB
0	Failed function sub() { [native code] }. Failed
49	14

	Domain	Requested by
23	estatico.itau.com.br	acesso-online.com
4	cdn.krxd.net	acesso-online.com
3	dpm.demdex.net	www.itau.com.br acesso-online.com
3	www.itau.com.br	acesso-online.com
3	www.google-analytics.com	acesso-online.com
2	www.facebook.com
2	itau.demdex.net	acesso-online.com www.itau.com.br
1	cm.everesttech.net	1 redirects
1	www.google.de	acesso-online.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	cdn.clipart.email	acesso-online.com
1	www.googletagmanager.com	acesso-online.com
1	wpp.krxd.net	acesso-online.com
1	consumer.krxd.net	acesso-online.com
1	beacon.krxd.net	acesso-online.com
1	ajax.googleapis.com	acesso-online.com
1	acesso-online.com
0	jaoafpkngncfpfggjefnekilbkcpjdgp Failed	acesso-online.com
49	19

This site contains links to these domains. Also see Links.

Domain
www.itau.com.br
www.facebook.com
twitter.com
www.youtube.com
chrome.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-05-12` - `2020-10-09`	5 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
wpp.krxd.net DigiCert SHA2 Secure Server CA	`2019-09-30` - `2020-09-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
www.itau.com.br DigiCert SHA2 Extended Validation Server CA	`2020-03-12` - `2022-06-11`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
www.google.de GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://acesso-online.com/~~/authenticity.php
Frame ID: 1D088319EF06A10F073FD6475097CEA4
Requests: 47 HTTP requests in this frame

Frame: https://itau.demdex.net/dest5.html?d_nsid=0
Frame ID: EB7311241559026EFF6AECD13E0CCBD7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 1CA6A27ED88CA3AE5F800F93D20A5C22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

49
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

19
Subdomains

15
IPs

6
Countries

1625 kB
Transfer

5360 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.itau.com.br/cartoes
Title: Sobre o Itaú

Search URL Search Domain Scan URL

URL: https://www.itau.com.br/seguranca/
Title: Mais segurança

Search URL Search Domain Scan URL

URL: https://www.itau.com.br/atendimento-itau/para-voce/cartao-de-credito/
Title: Precisa de ajuda?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itau
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/itau
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BancoItau
Title:

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/uvpn-free-and-unlimited-v/jaoafpkngncfpfggjefnekilbkcpjdgp/reviews
Title: Rate Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&uid=2E534380E754D927EA6EEC0D0084C95F&gjid=395401262&_gid=45226018.1589545451&_u=aGBAgUAB~&z=1415004905 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905&slf_rd=1&random=689103403

Request Chain 45

https://cm.everesttech.net/cm/dd?d_uuid=48378459455214899571703720183763851473 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xr6J6wAAAfEOMi3-

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request authenticity.php Show response
acesso-online.com/~~/ 66 KB
12 KB 611ms
446ms Document
text/html 2606:4700:3031::681f:5ba7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681f:5ba7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.5
Resource Hash: aff1bc33a7ba227318fa6fdbd174c263f71d439a046eb45723835dcad06bb3bf

Request headers

:method: GET
:authority: acesso-online.com
:scheme: https
:path: /~~/authenticity.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 12:24:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1f7559a99fd712342566ff2c1cc27e3f1589545450; expires=Sun, 14-Jun-20 12:24:10 GMT; path=/; domain=.acesso-online.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.5
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 593cd5970c3f1f55-FRA
content-encoding: br
cf-request-id: 02b9e3d26400001f55db0b1200000001

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 17:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1881903
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 17:39:07 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 66 B
225 B 90ms
28ms Script
text/javascript 54.72.105.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.itauunibanco.kxjsonp_optOutCheck
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.105.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-105-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f9bd735383ca0bc2798733db2a8ba7dc484eca13199a0a42a0f0f3402fba7b91

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 12:24:10 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=36 t=1589545450
content-type: text/javascript
x-served-by: beacon-n015-dub-prod.krxd.net

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 308 B
550 B 151ms
129ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20&technographics=1&callback=Krux.ns.itauunibanco.kxjsonp_userdata
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 720192adcc298fa9644834c3b01ef80e66134ac5e5fa6bb9d00ee56f1706fab5

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Fri, 15 May 2020 12:24:10 GMT
content-encoding: gzip
age: 0
x-cache: MISS, MISS
status: 200
x-age: 0
content-length: 246
x-served-by: userdata-a002-ash-prod.krxd.net, cache-hhn4030-HHN
x-timer: S1589545451.558880,VS0,VE122
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response
consumer.krxd.net/consent/get/ 240 B
432 B 58ms
36ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?idt=device&dt=kxcookie&callback=Krux.ns.itauunibanco.kxjsonp_consent_get_0
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3de5179eaa69599a8bf2310b16c9855159ecaf9213ee7797aa95ba4e1e1fc01e

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:10 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a005-dub-prod.krxd.net, cache-hhn4022-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1589545451.560857,VS0,VE27
content-length: 193
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response
wpp.krxd.net/psegs/ 51 B
428 B 124ms
31ms Script
application/javascript 54.76.213.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wpp.krxd.net/psegs/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?callback=kruxPsegsCallback

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.213.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-213-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7d29d58334bd7bfea9bf59b8f7e2ec588291f23ccb3c96323d000fc1170de46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: HIT
status: 200
x-age: 122
content-length: 71
x-xss-protection: 1; mode=block
x-served-by: wpp-api-a005-dub-prod.krxd.net
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 22

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 9ms
9ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: gzip
age: 5606816
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 5265455
content-length: 81295
x-served-by: cache-hhn4030-HHN
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1589545451.153126,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5272
date: Fri, 15 May 2020 10:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 12:56:19 GMT

GET
H2 200 u2is39xyw.js Show response
cdn.krxd.net/controltag/ 13 KB
5 KB 10ms
8ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/u2is39xyw.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 935a4e01aed4bbcacb7900ba85c21ae213f3debf81e33fa2b963be7f421ab177

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: gzip
age: 1203
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 4559
x-served-by: config-service-a005-ash-prod.krxd.net, cache-bwi5134-BWI, cache-hhn4030-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1589545451.302602,VS0,VE1
etag: "e021edd242a48a61ac4dcae187c1407d51736ea2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
46 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3ZMXKJ

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30cf4b184f41b13dfb6cdd50c4178833c5977495f1e0b44b90f495576011b936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47251
x-xss-protection: 0
last-modified: Fri, 15 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 12:24:11 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3238
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 15 May 2020 12:30:13 GMT

GET
H2 200 satelliteLib-403a2354a460957e299dace709c16f99daea5f60.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/metricas/ncc/8c717b434098baa16315c685ff81572aae207a9b/ 0
195 B 241ms
182ms Script
application/x-javascript 95.101.104.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/metricas/ncc/8c717b434098baa16315c685ff81572aae207a9b/satelliteLib-403a2354a460957e299dace709c16f99daea5f60.js

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.104.150 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:10 GMT
last-modified: Fri, 31 Jan 2020 17:38:22 GMT
status: 200
etag: "6a8e1-0-59d730a3b1f80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: internet.itau.com.br
accept-ranges: bytes
content-length: 0

GET
H2 200 importLibJSFrameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 119 KB
38 KB 526ms
468ms Script
application/x-javascript 95.101.104.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?K3ZMXKJ

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.104.150 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a0875dc45285559620fcd78e4d0c42688204399b666bb34ae84f08df7c835a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 02 Mar 2020 21:24:20 GMT
status: 200
etag: "12979-1dab9-59fe5cf6e6900"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: internet.itau.com.br
accept-ranges: bytes
content-length: 38348

GET
H2 200 frameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 2 KB
1 KB 522ms
464ms Script
application/x-javascript 95.101.104.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/frameworkDA.js?K3ZMXKJ

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.101.104.150 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-150.deploy.static.akamaitechnologies.com

Software

Resource Hash

faf426235e376f5036f08d5dbc32810354888c510b7a0058e8561e936bad8cd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 13:22:18 GMT
status: 200
x-frame-options: SAMEORIGIN
etag: "12985-9a3-59f8e9c2e3680"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: internet.itau.com.br
accept-ranges: bytes
content-length: 899

GET
H/1.1 200
OK modernizr.js Show response
estatico.itau.com.br/ibanking/commons/js/modernizr/2.8.3/ 15 KB
7 KB 75ms
10ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/js/modernizr/2.8.3/modernizr.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ab292789c477798ae95e7241f91535b9789122661a094f3c0dcfd3730185c055

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:58 GMT
ETag: "20803-3b8b-5a44a5966d580"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=72147
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6539
Expires: Sat, 16 May 2020 08:26:37 GMT

GET
H/1.1 200
OK normalize.css
estatico.itau.com.br/ibanking/commons/css/ 8 KB
4 KB 62ms
8ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/normalize.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5da2535938d1f28235c349dfd95e602eab8e837b885c8fc5459818b28897917

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:28 GMT
ETag: "1020a4-1e37-5a44a579d1200"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=77141
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3333
Expires: Sat, 16 May 2020 09:49:51 GMT

GET
H/1.1 200
OK itau-style-mono.css
estatico.itau.com.br/ibanking/commons/css/monoproduto/1.0.2/ 261 KB
58 KB 63ms
10ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/monoproduto/1.0.2/itau-style-mono.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 249d8919c21c7554229fb01ac86a5a5b13d644ded37d5547b8978507ad649c81

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:28 GMT
ETag: "a0598-413d0-5a44a579d1200"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=73818
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58871
Expires: Sat, 16 May 2020 08:54:28 GMT

GET
H/1.1 200
OK font-itau.css
estatico.itau.com.br/ibanking/commons/css/ 26 KB
4 KB 66ms
13ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/font-itau.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb2e6b7af74ac53cb2ac07c82d9c8986c9e28b7ec8e115a957f14d36bea2780b

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:25 GMT
ETag: "1020a9-69b7-5a44a576f4b40"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=78322
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3917
Expires: Sat, 16 May 2020 10:09:32 GMT

GET
H/1.1 200
OK itau-warning.css
estatico.itau.com.br/ibanking/commons/css/ 548 KB
53 KB 67ms
14ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/itau-warning.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33c20e5ec5eee8180a6a8f526914cfa6581275b08b1fb7a26f9f698f88d9fc73

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:28 GMT
ETag: "626e5-891dc-5a44a579d1200"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=77191
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54379
Expires: Sat, 16 May 2020 09:50:41 GMT

GET
H/1.1 200
OK itau-footer.css
estatico.itau.com.br/ibanking/commons/css/ 4 KB
1 KB 65ms
12ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/itau-footer.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 93622f43a63e42bf97f01bb7010e660412f54c4d5d3d6f84ce50333beebc8fad

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:27 GMT
ETag: "1020a6-ed8-5a44a578dcfc0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=72626
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1052
Expires: Sat, 16 May 2020 08:34:36 GMT

GET
H/1.1 200
OK chosen.css
estatico.itau.com.br/ibanking/commons/css/chosen-mono/ 13 KB
3 KB 63ms
10ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/chosen-mono/chosen.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4abe68aa7e398c60c6bac185d2e2f37031770b78d1c1c099b7c7acfa92135f28

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:24 GMT
ETag: "1020a1-3251-5a44a57600900"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=76599
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2759
Expires: Sat, 16 May 2020 09:40:49 GMT

GET
H/1.1 200
OK itau-header-mono.css
estatico.itau.com.br/ibanking/commons/css/ 53 KB
10 KB 71ms
9ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/itau-header-mono.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8aab5ced08773a36f53a5e93a3d632b5a8d712a573f4bb9b38a2105781e564be

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:28 GMT
ETag: "626e9-d49e-5a44a579d1200"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=76586
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9471
Expires: Sat, 16 May 2020 09:40:36 GMT

GET
H/1.1 200
OK libs.js Show response
estatico.itau.com.br/ibanking/distribution/libs/1.0.20/ 2 MB
682 KB 76ms
10ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/distribution/libs/1.0.20/libs.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ccea02bf148755b8c027d18b5e8e153573715b6e0c5a52c1f0f3b8ac821d347

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 20:01:59 GMT
ETag: "102418-22cab9-58a347cb93bc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=74113
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 698429
Expires: Sat, 16 May 2020 08:59:23 GMT

GET
H/1.1 200
OK core.js Show response
estatico.itau.com.br/ibanking/distribution/core/2.3.2/ 57 KB
28 KB 76ms
10ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/distribution/core/2.3.2/core.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb504bb90434322347dfb9f182dd10fa97219f51e65e00a7e91062c05b3e101c

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2019 21:15:49 GMT
ETag: "a0427-e22b-597f5eb004b40"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=74069
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28719
Expires: Sat, 16 May 2020 08:58:39 GMT

GET
H/1.1 200
OK seguranca.js Show response
estatico.itau.com.br/ibanking/distribution/seguranca/1.4.2-RC1/ 307 KB
80 KB 85ms
13ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/distribution/seguranca/1.4.2-RC1/seguranca.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db3931e2700c9f64b017b68a6243e18948468750897a4f4f0f210d0c0b2b22bd

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:02:50 GMT
ETag: "a042c-4ccab-5a44a5c804a80"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=74068
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81463
Expires: Sat, 16 May 2020 08:58:38 GMT

GET
H/1.1 200
OK front.js Show response
estatico.itau.com.br/ibanking/distribution/front/1.1.1/ 332 KB
86 KB 81ms
9ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/distribution/front/1.1.1/front.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f04eaa27c9555248f6d3a0c02b551d878797415342114e275f342fde652014fb

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 21:31:53 GMT
ETag: "a0590-52f19-5a22d4bd48440"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=72081
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87374
Expires: Sat, 16 May 2020 08:25:31 GMT

GET
H/1.1 200
OK logo-itau.png
estatico.itau.com.br/ibanking/commons/img/ 6 KB
7 KB 11ms
10ms Image
image/png 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estatico.itau.com.br/ibanking/commons/img/logo-itau.png
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c489fc6a4d1005640a88bfc3f670615236d9a28f2d024a309a5967502be49ac

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Last-Modified: Mon, 27 Apr 2020 19:01:39 GMT
ETag: "61aa4-19f6-5a44a5844eac0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=77246
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6646
Expires: Sat, 16 May 2020 09:51:37 GMT

GET
H2 200 1f405fb0e29d60dfcfdfb03ab6296e13_loading-gif-png-picture-654656-loading-gif-png_1181-1181.gif
cdn.clipart.email/ 136 KB
137 KB 168ms
143ms Image
image/gif 2606:4700:20::681a:4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clipart.email/1f405fb0e29d60dfcfdfb03ab6296e13_loading-gif-png-picture-654656-loading-gif-png_1181-1181.gif
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fedd1fb82b84388842da3755d3b8da143446afe92bc4a2f9cfe5ce962cc71e88

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT
x-openstack-request-id: tx1a28cf671f4149d588bc2-005ebe89eb
cf-cache-status: DYNAMIC
x-trans-id: tx1a28cf671f4149d588bc2-005ebe89eb
x-iplb-instance: 28796
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 139441
cf-request-id: 02b9e3d73d0000644fe51c5200000001
last-modified: Mon, 06 Apr 2020 23:47:09 GMT
server: cloudflare
etag: e4b6323e19e57f6761b1ce47b7d329e0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
x-timestamp: 1586216828.29153
cache-control: max-age=29030400
accept-ranges: bytes
cf-ray: 593cd59eccee644f-FRA

GET
H/1.1 200
OK jquery.rc4.js Show response
estatico.itau.com.br/ibanking/commons/js/appdesktop/jquery/ 3 KB
2 KB 9ms
8ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/js/appdesktop/jquery/jquery.rc4.js
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 357ba91a1e8670ab6e3de2b75a650ef58ba18258384b05ce5c5c56f1776c0083

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:42 GMT
ETag: "e00ee-aff-5a44a5872b180"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=80234
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217
Expires: Sat, 16 May 2020 10:41:25 GMT

GET
H/1.1 200
OK plugin.js Show response
estatico.itau.com.br/ibanking/commons/js/appdesktop/ 49 KB
10 KB 9ms
9ms Script
text/javascript 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/js/appdesktop/plugin.js?06042013
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf0b4625e927fc0997fd74001da56dfba1abf2df122b01cb905efbb154e49b28

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:42 GMT
ETag: "400d4-c4da-5a44a5872b180"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=80218
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9759
Expires: Sat, 16 May 2020 10:41:09 GMT

GET 128.png
jaoafpkngncfpfggjefnekilbkcpjdgp/img/ 0
0

GET
H/1.1 200
OK bootstrap.min.css
estatico.itau.com.br/ibanking/commons/css/ 203 KB
28 KB 10ms
9ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/bootstrap.min.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: df81555903269b534df2fc03456df06262033741338bb9293db14175fc978b38

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:24 GMT
ETag: "6291e-32d19-5a44a57600900"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=77170
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28739
Expires: Sat, 16 May 2020 09:50:21 GMT

GET
H/1.1 200
OK acessibilidade-novainternet.css
estatico.itau.com.br/ibanking/commons/css/ 55 KB
11 KB 11ms
10ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/acessibilidade-novainternet.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 372fa34a79e23974775697d0d2fe45d9c707655a7c307ea7aee7873d353a6cce

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:24 GMT
ETag: "6299c-ddb9-5a44a57600900"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=77205
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10679
Expires: Sat, 16 May 2020 09:50:56 GMT

GET
H/1.1 200
OK angularjs-iwebcomponents-pf.css
estatico.itau.com.br/ibanking/commons/css/ 272 KB
140 KB 11ms
10ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/angularjs-iwebcomponents-pf.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 462ac6899df479288deeed4501c6f4b9e2574599f81db4cab6ce6a75d3a2725f

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:24 GMT
ETag: "1022f1-43e2b-5a44a57600900"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=77209
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142718
Expires: Sat, 16 May 2020 09:51:00 GMT

GET
H/1.1 200
OK itau-fonts.css
estatico.itau.com.br/ibanking/commons/css/ 102 B
443 B 9ms
8ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/itau-fonts.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dbf6db2a6028b606243bb78a728f0531777bf3de58f2646335047e099b5d2870

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:27 GMT
ETag: "101f70-66-5a44a578dcfc0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=78326
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69
Expires: Sat, 16 May 2020 10:09:37 GMT

GET
H/1.1 200
OK font-itau-display.css
estatico.itau.com.br/ibanking/commons/css/ 5 KB
981 B 9ms
8ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/font-itau-display.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a488440bb753b69fae447f6d1a6b8316fae716b8ee7f6aaa7e001086b648136a

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:25 GMT
ETag: "1020b5-1328-5a44a576f4b40"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=78313
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 604
Expires: Sat, 16 May 2020 10:09:24 GMT

GET
H/1.1 200
OK font-itau-text.css
estatico.itau.com.br/ibanking/commons/css/ 3 KB
855 B 10ms
9ms Stylesheet
text/css 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://estatico.itau.com.br/ibanking/commons/css/font-itau-text.css
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3dcf302e919ebd374d16f1308af2d9b34590156e3a3094585c97aed6a08a35d

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 19:01:25 GMT
ETag: "62595-bfa-5a44a576f4b40"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=78386
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 480
Expires: Sat, 16 May 2020 10:10:37 GMT

GET
H/1.1 200
OK bg-itau.gif
estatico.itau.com.br/ibanking/commons/img/ 22 KB
22 KB 9ms
8ms Image
image/gif 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estatico.itau.com.br/ibanking/commons/img/bg-itau.gif
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4de407fc76d38586d90abfe4dae2528b49066ba4745db0c38fa78c99c939f8e8

Request headers

Referer: https://estatico.itau.com.br/ibanking/commons/css/monoproduto/1.0.2/itau-style-mono.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Last-Modified: Mon, 27 Apr 2020 19:01:30 GMT
ETag: "101290-589e-5a44a57bb9680"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=72106
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22686
Expires: Sat, 16 May 2020 08:25:57 GMT

GET
H/1.1 200
OK sprite-social.png
estatico.itau.com.br/ibanking/commons/img/ 3 KB
3 KB 15ms
14ms Image
image/png 23.37.43.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://estatico.itau.com.br/ibanking/commons/img/sprite-social.png
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.43.25 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-43-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c39a17d06e60246090b71f94008de8ef7bcd2ad59189376f02e3273ae9e9de4

Request headers

Referer: https://estatico.itau.com.br/ibanking/commons/css/itau-footer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 12:24:11 GMT
Last-Modified: Mon, 27 Apr 2020 19:01:40 GMT
ETag: "1013b7-af8-5a44a58542d00"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=72727
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2808
Expires: Sat, 16 May 2020 08:36:18 GMT

GET
H/1.1 200
OK dest5.html
itau.demdex.net/ Frame EB73 0
0 120ms
31ms Document
text/html 18.202.93.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.93.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-93-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: itau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://acesso-online.com/~~/authenticity.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://acesso-online.com/~~/authenticity.php

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 14 May 2020 10:13:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: dnmgwNveSZ4=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 1CA6 0
0 9ms
8ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://acesso-online.com/~~/authenticity.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://acesso-online.com/~~/authenticity.php

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 15 May 2020 12:24:11 GMT
via: 1.1 varnish
age: 28040214
x-served-by: cache-hhn4030-HHN
x-cache: HIT
x-cache-hits: 1671291
x-timer: S1589545451.454588,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 122ms
35ms XHR
application/json 52.211.89.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4435697753736FB20A490D45%40AdobeOrg&d_nsid=0&ts=1589545451460

Requested by

Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?K3ZMXKJ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8af4c905859bfc85bb58bb9b0a0c55986cddd43b7524b38fb97cefa9ea002747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v069-0fbf4805e.edge-irl1.demdex.com 5.71.1.20200513095924 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: VGtuCvB1Qn4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://acesso-online.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1201
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=908011059&t=pageview&_s=1&dl=https%3A%2F%2Facesso-online.com%2F~~%2Fauthenticity.php&dp=%2FIT%2FNL%2FNCC%2FLogin%2FSenhaEletronica&ul=en-us&de=UTF-8&dt=Banco%20Ita%C3%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAB~&jid=930698527&gjid=395401262&cid=755205032.1589545451&uid=2E534380E754D927EA6EEC0D0084C95F&tid=UA-140135526-14&_gid=45226018.1589545451&gtm=2wg561K3ZMXKJ&cd2=IT%3ANL%3ANCC%3ALogin%3ASenhaEletronica&cd6=15&cd9=2E534380E754D927EA6EEC0D0084C95F&cd19=varejo&cd26=GTM-K3ZMXKJ&cd29=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&cd51=NCC&cd52=&cd61=LG&z=1502280745

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 00:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 818962
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&uid=2E534380E754D927EA6EEC0D0084C95F&gjid=395401262&_gid=45226018.158...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905&slf_rd=1&random=689103403

42 B
106 B

23ms
23ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905&slf_rd=1&random=689103403

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 12:24:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 May 2020 12:24:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-140135526-14&cid=755205032.1589545451&jid=930698527&_v=j82&z=1415004905&slf_rd=1&random=689103403
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 39ms
38ms XHR
application/json 52.211.89.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=4435697753736FB20A490D45%40AdobeOrg&d_nsid=0&d_mid=48468664656560922021712538174679951070&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=itau_crm%012E534380E754D927EA6EEC0D0084C95F%011&ts=1589545451590

Requested by

Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?K3ZMXKJ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cf2cdcf3f5ae2f2b41e313c6058ee983dc3562b9acde17f6407d515ea1af4978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v069-0c2a0a14b.edge-irl1.demdex.com 5.71.1.20200513095924 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: WGcztVPoSHg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://acesso-online.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1203
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK event Show response
itau.demdex.net/ 5 KB
5 KB 41ms
41ms XHR
application/json 18.202.93.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itau.demdex.net/event?d_dil_ver=9.3&_ts=1589545451476

Requested by

Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?K3ZMXKJ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.93.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-93-59.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e828340172be48816f9fdd0765a329334aa340b9a6a003bac973b4485be8fdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v069-027aa2dbb.edge-irl1.demdex.com 5.71.1.20200513095924 11ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Hcp8wKVXQYI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://acesso-online.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 4780
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xr6J6wAAAfEOMi3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=48378459455214899571703720183763851473
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xr6J6wAAAfEOMi3-

42 B
915 B

31ms
30ms

Image
image/gif

52.211.89.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xr6J6wAAAfEOMi3-

Requested by

Host: acesso-online.com
URL: https://acesso-online.com/~~/authenticity.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.89.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-89-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v069-098ee3cb2.edge-irl1.demdex.com 5.71.1.20200513095924 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: +RsG9pBnSRk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 15 May 2020 12:24:11 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xr6J6wAAAfEOMi3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
254 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499492574214323&ev=AdobeAudienceManagerSegment&cd[segID]=11965347&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT, Fri, 15 May 2020 12:24:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 May 2020 12:24:11 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2510815985703970&ev=AdobeAudienceManagerSegment&cd[segID]=11386148,11386149&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://acesso-online.com/~~/authenticity.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 12:24:11 GMT, Fri, 15 May 2020 12:24:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 15 May 2020 12:24:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jaoafpkngncfpfggjefnekilbkcpjdgp
URL: chrome-extension://jaoafpkngncfpfggjefnekilbkcpjdgp/img/128.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

514 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krxd.net/	1970-01-19 13:51:37	Name: _kuid_ Value: NZ5suMBx
.demdex.net/	1970-01-19 13:51:37	Name: demdex Value: 48378459455214899571703720183763851473
.acesso-online.com/	1970-01-20 03:03:37	Name: AMCV_4435697753736FB20A490D45%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18398%7CMCMID%7C48468664656560922021712538174679951070%7CMCAAMLH-1590150251%7C6%7CMCAAMB-1590150251%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1936668064%7CMCOPTOUT-1589552651s%7CNONE%7CMCSYNCSOP%7C411-18405%7CvVersion%7C4.4.0
.acesso-online.com/	1970-01-19 10:15:37	Name: aam_uuid Value: 48378459455214899571703720183763851473
.acesso-online.com/	1969-12-31 23:59:59	Name: AMCVS_4435697753736FB20A490D45%40AdobeOrg Value: 1
.acesso-online.com/	1970-01-19 09:32:25	Name: _dc_gtm_UA-140135526-14 Value: 1
.acesso-online.com/	1970-01-19 09:33:51	Name: _gid Value: GA1.2.45226018.1589545451
.acesso-online.com/	1970-01-19 10:15:37	Name: __cfduid Value: d1f7559a99fd712342566ff2c1cc27e3f1589545450
.acesso-online.com/	1970-01-20 03:03:37	Name: _ga Value: GA1.2.755205032.1589545451
.acesso-online.com/	1970-01-19 11:42:01	Name: _gcl_au Value: 1.1.1636285026.1589545451

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://estatico.itau.com.br/ibanking/distribution/seguranca/1.4.2-RC1/seguranca.js(Line 2583) Message: Flash Player >= 11.1.0 is required.
console-api	log	URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?K3ZMXKJ(Line 30) Message: visitor.publishDestinations() result: The destination publishing iframe is already attached and loaded.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acesso-online.com
ajax.googleapis.com
beacon.krxd.net
cdn.clipart.email
cdn.krxd.net
cm.everesttech.net
consumer.krxd.net
dpm.demdex.net
estatico.itau.com.br
itau.demdex.net
jaoafpkngncfpfggjefnekilbkcpjdgp
stats.g.doubleclick.net
wpp.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.itau.com.br
jaoafpkngncfpfggjefnekilbkcpjdgp
151.101.114.133
18.202.93.59
23.37.43.25
2606:4700:20::681a:4c4
2606:4700:3031::681f:5ba7
2a00:1450:4001:800::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:81e::200a
2a00:1450:400c:c0b::9b
2a03:2880:f11c:8183:face:b00c:0:25de
52.211.89.62
54.72.105.230
54.76.213.229
66.117.28.86
95.101.104.150
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0c489fc6a4d1005640a88bfc3f670615236d9a28f2d024a309a5967502be49ac
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
249d8919c21c7554229fb01ac86a5a5b13d644ded37d5547b8978507ad649c81
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30cf4b184f41b13dfb6cdd50c4178833c5977495f1e0b44b90f495576011b936
33c20e5ec5eee8180a6a8f526914cfa6581275b08b1fb7a26f9f698f88d9fc73
357ba91a1e8670ab6e3de2b75a650ef58ba18258384b05ce5c5c56f1776c0083
372fa34a79e23974775697d0d2fe45d9c707655a7c307ea7aee7873d353a6cce
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3de5179eaa69599a8bf2310b16c9855159ecaf9213ee7797aa95ba4e1e1fc01e
462ac6899df479288deeed4501c6f4b9e2574599f81db4cab6ce6a75d3a2725f
4abe68aa7e398c60c6bac185d2e2f37031770b78d1c1c099b7c7acfa92135f28
4de407fc76d38586d90abfe4dae2528b49066ba4745db0c38fa78c99c939f8e8
6a0875dc45285559620fcd78e4d0c42688204399b666bb34ae84f08df7c835a5
720192adcc298fa9644834c3b01ef80e66134ac5e5fa6bb9d00ee56f1706fab5
7c39a17d06e60246090b71f94008de8ef7bcd2ad59189376f02e3273ae9e9de4
7d29d58334bd7bfea9bf59b8f7e2ec588291f23ccb3c96323d000fc1170de46d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8aab5ced08773a36f53a5e93a3d632b5a8d712a573f4bb9b38a2105781e564be
8af4c905859bfc85bb58bb9b0a0c55986cddd43b7524b38fb97cefa9ea002747
8ccea02bf148755b8c027d18b5e8e153573715b6e0c5a52c1f0f3b8ac821d347
935a4e01aed4bbcacb7900ba85c21ae213f3debf81e33fa2b963be7f421ab177
93622f43a63e42bf97f01bb7010e660412f54c4d5d3d6f84ce50333beebc8fad
a488440bb753b69fae447f6d1a6b8316fae716b8ee7f6aaa7e001086b648136a
ab292789c477798ae95e7241f91535b9789122661a094f3c0dcfd3730185c055
aff1bc33a7ba227318fa6fdbd174c263f71d439a046eb45723835dcad06bb3bf
b5da2535938d1f28235c349dfd95e602eab8e837b885c8fc5459818b28897917
bb504bb90434322347dfb9f182dd10fa97219f51e65e00a7e91062c05b3e101c
bf0b4625e927fc0997fd74001da56dfba1abf2df122b01cb905efbb154e49b28
cf2cdcf3f5ae2f2b41e313c6058ee983dc3562b9acde17f6407d515ea1af4978
db3931e2700c9f64b017b68a6243e18948468750897a4f4f0f210d0c0b2b22bd
dbf6db2a6028b606243bb78a728f0531777bf3de58f2646335047e099b5d2870
df81555903269b534df2fc03456df06262033741338bb9293db14175fc978b38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e828340172be48816f9fdd0765a329334aa340b9a6a003bac973b4485be8fdf8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04eaa27c9555248f6d3a0c02b551d878797415342114e275f342fde652014fb
f3dcf302e919ebd374d16f1308af2d9b34590156e3a3094585c97aed6a08a35d
f9bd735383ca0bc2798733db2a8ba7dc484eca13199a0a42a0f0f3402fba7b91
faf426235e376f5036f08d5dbc32810354888c510b7a0058e8561e936bad8cd2
fb2e6b7af74ac53cb2ac07c82d9c8986c9e28b7ec8e115a957f14d36bea2780b
fedd1fb82b84388842da3755d3b8da143446afe92bc4a2f9cfe5ce962cc71e88

acesso-online.com Open in urlscan Pro 2606:4700:3031::681f:5ba7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

53 %IPv6

14 Domains

19 Subdomains

15 IPs

6 Countries

1625 kBTransfer

5360 kBSize

10 Cookies

7 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

acesso-online.com Open in urlscan Pro
2606:4700:3031::681f:5ba7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

19
Subdomains

15
IPs

6
Countries

1625 kB
Transfer

5360 kB
Size

10
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!