www.bancomercedes-benz.com.br Open in urlscan Pro
2a02:26f0:3500:3::b818:4d40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bancomercedes-benz.com.br/
Submission: On March 26 via manual (March 26th 2024, 8:35:04 pm UTC) from BR — Scanned from DE

Summary HTTP 50 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a02:26f0:3500:3::b818:4d40, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.bancomercedes-benz.com.br.
TLS certificate: Issued by R3 on February 2nd 2024. Valid for: 3 months.

This is the only time www.bancomercedes-benz.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
50	11

25 2a02:26f0:3500:3::b818:4d40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bancomercedes-benz.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	bancomercedes-benz.com.br www.bancomercedes-benz.com.br	2 MB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 457	155 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 108	347 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 246	126 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	274 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 203	255 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 899	304 B
0	google.de Failed www.google.de Failed
50	9

	Domain	Requested by
25	www.bancomercedes-benz.com.br	www.bancomercedes-benz.com.br
12	cdn.cookielaw.org	www.bancomercedes-benz.com.br cdn.cookielaw.org
4	www.googletagmanager.com	www.bancomercedes-benz.com.br www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	www.bancomercedes-benz.com.br connect.facebook.net cdn.cookielaw.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.facebook.com	www.bancomercedes-benz.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
0	www.google.de Failed	www.bancomercedes-benz.com.br
50	9

This site contains links to these domains. Also see Links.

Domain
internetbanking.bancomercedes-benz.com.br
extranet.bancomercedes-benz.com.br
digital.bancomercedes-benz.com.br
locacoes.bancomercedes-benz.com.br
www.showroommercedes-benz.com.br
www.onetrust.com

Subject Issuer	Validity	Valid
www.bancomercedes-benz.com.br R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bancomercedes-benz.com.br/
Frame ID: CE97C8603457515F5C013325E0E13639
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco Mercedes-Benz - Home page

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

50
Requests

98 %
HTTPS

80 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

2609 kB
Transfer

4517 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://internetbanking.bancomercedes-benz.com.br/
Title: Internet Banking

Search URL Search Domain Scan URL

URL: https://extranet.bancomercedes-benz.com.br/
Title: Extranet

Search URL Search Domain Scan URL

URL: https://digital.bancomercedes-benz.com.br/
Title: BMB Digital

Search URL Search Domain Scan URL

URL: https://locacoes.bancomercedes-benz.com.br/

Search URL Search Domain Scan URL

URL: https://www.showroommercedes-benz.com.br/

Search URL Search Domain Scan URL

URL: https://internetbanking.bancomercedes-benz.com.br/internetbanking/
Title: 2ª via de boleto

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bancomercedes-benz.com.br/ 17 KB
6 KB 4541ms
4337ms Document
text/html 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

64a5f524afd5f0218c4e0dbb342b2e7e34d6bd8a286aa56ee2d9ef7e61a35765

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 5256
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 20:34:57 GMT
expires: Tue, 26 Mar 2024 20:34:57 GMT
pragma: no-cache
referrer-policy: no-referrer
server-timing: cdn-cache; desc=MISS edge; dur=1294 origin; dur=2969 ak_p; desc="1711485293179_389467968_807694321_426374_9280_34_96_255";dur=1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-akamai-transformed: 9 17844 0 pmb=mRUM,1
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/ 5 KB
2 KB 470ms
426ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/OtAutoBlock.js

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5446b2d0120dc4737c7593f47b9474b724bbe985b5e5231eb75e5bbbf7762880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 49POeekKpn73Z/k/QUioRg==
content-length: 1963
x-ms-lease-status: unlocked
last-modified: Thu, 18 Jan 2024 20:28:39 GMT
server: cloudflare
etag: 0x8DC18640E2443CF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d65467da-c01e-0020-6516-7c4224000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9eca64fc28f32-FRA
expires: Wed, 27 Mar 2024 20:34:58 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 87ms
43ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 18112
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 07:07:50 GMT
server: cloudflare
etag: 0x8DC4C9A4865CEDE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8a21b288-301e-001b-41ce-7e0780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9eca64fbe8f32-FRA

GET
H2 200 tcm-core
www.bancomercedes-benz.com.br/content/ 1 KB
2 KB 686ms
685ms Stylesheet
text/css 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/content/tcm-core?v=zM6Ykv4XdKN3EWcHUOgetBBY45GDr_rIg7u0AxDdnAE1

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dceced3dcadd7497e468610ec37eccb7677157658299f4bb8cf760f4a0c5b18d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
server-timing: cdn-cache; desc=MISS, edge; dur=616, origin; dur=21, ak_p; desc="1711485297619_389467968_807698568_63803_7692_36_0_255";dur=1
content-length: 519
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:58 GMT
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-cache, no-store
expires: Tue, 26 Mar 2024 20:34:58 GMT

GET
H2 200 inc
www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/bootstrap/ 113 KB
20 KB 729ms
728ms Stylesheet
text/css 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/bootstrap/inc?v=DImIdduf5hLROAdZfWAFfwX_e_PMI0L34oAaOax7dYo1

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5facd3a5740084a3ef95a738f422e00aef284b165f0b3c728e231b60f16be85d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
server-timing: cdn-cache; desc=MISS, edge; dur=202, origin; dur=20, ak_p; desc="1711485297619_389467968_807698570_22177_7487_35_0_255";dur=1
content-length: 19304
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:57 GMT
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-cache, no-store
expires: Tue, 26 Mar 2024 20:34:58 GMT

GET
H2 200 inc
www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/custom/ 35 KB
8 KB 1140ms
1139ms Stylesheet
text/css 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/custom/inc?v=u8JAfnmUIounouo23mirgHlZOFg07NAIINpA-hqlCqk1

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d7e047f38c407d34a533da75487826f62c33357f264ca96f1f1f7ff0ba64ed4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
server-timing: cdn-cache; desc=MISS, edge; dur=596, origin; dur=25, ak_p; desc="1711485297621_389467968_807698571_62265_9484_35_0_255";dur=1
content-length: 6944
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:58 GMT
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=0, no-cache, no-store
expires: Tue, 26 Mar 2024 20:34:58 GMT

GET
H2 200 bmbinternet-js-head Show response
www.bancomercedes-benz.com.br/ 98 KB
36 KB 1438ms
1438ms Script
text/javascript 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/bmbinternet-js-head?v=bMWuCjFvObvmR0OPEgB3g9WTL2lzehppZqKp8AQgtjM1

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8881b0d42e78973fc7a859cc5b23871765a6a9e32b28deecb9c12a300b013d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
server-timing: cdn-cache; desc=MISS, edge; dur=605, origin; dur=21, ak_p; desc="1711485297619_389467968_807698572_62617_7431_35_0_219";dur=1
content-length: 35928
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:58 GMT
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 banco-mercedes-benz.png
www.bancomercedes-benz.com.br/custom/site-BMBInternet/images/logo/ 4 KB
5 KB 171ms
170ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/custom/site-BMBInternet/images/logo/banco-mercedes-benz.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d38d184714892f39ea8d05eed8ea95ae0c568459ba10a3a678a2af0a637e8864

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 20:41:27 GMT
date: Tue, 26 Mar 2024 20:34:57 GMT
etag: "52e967df473da1:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2250
server-timing: cdn-cache; desc=HIT, edge; dur=65, origin; dur=0, ak_p; desc="1711485297619_389467968_807698573_6555_7387_34_0_182";dur=1
accept-ranges: bytes
content-length: 4326
x-xss-protection: 1; mode=block

GET
H2 200 20240301121542003_103715.png
www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/ 412 KB
413 KB 86ms
86ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/20240301121542003_103715.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d3d162fbc8c0ca33f4a7ea818b565b1002f3be2bc7938a05e41b9b5c554b57d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Fri, 01 Mar 2024 15:15:42 GMT
date: Tue, 26 Mar 2024 20:34:57 GMT
etag: "7bc66b53eb6bda1:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2324
server-timing: cdn-cache; desc=HIT, edge; dur=41, origin; dur=0, ak_p; desc="1711485297619_389467968_807698574_4045_7373_34_0_182";dur=1
accept-ranges: bytes
content-length: 422027
x-xss-protection: 1; mode=block

GET
H2 200 20240207120048797_103714.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/ 608 KB
609 KB 158ms
158ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/20240207120048797_103714.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e4799124aa283cfb40b6c1c2273ea9449210a7227e96e61b5aa81734686fd3d

Security Headers

Name

Value

X-Content-Type-Options

nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:57 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;
last-modified: Wed, 07 Feb 2024 15:00:49 GMT
etag: "467f896fd659da1:0"
content-type: image/jpeg
cache-control: max-age=2369
server-timing: cdn-cache; desc=HIT, edge; dur=115, origin; dur=0, ak_p; desc="1711485297800_389467968_807698759_11526_7126_34_0_182";dur=1
accept-ranges: bytes
content-length: 622083

GET
H2 200 20231213144520280_103684.png
www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/ 387 KB
388 KB 94ms
94ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/20231213144520280_103684.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

971701dfa10ea8110baa4d8bbbb89a58575eb5543fe8d0eaf20dee5e20df36cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Wed, 13 Dec 2023 17:45:20 GMT
date: Tue, 26 Mar 2024 20:34:57 GMT
etag: "6af04124ec2dda1:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=3415
server-timing: cdn-cache; desc=HIT, edge; dur=46, origin; dur=0, ak_p; desc="1711485297827_389467968_807698786_4679_8148_34_0_182";dur=1
accept-ranges: bytes
content-length: 395881
x-xss-protection: 1; mode=block

GET
H2 200 20230703120446736_103397.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/ 53 KB
54 KB 115ms
115ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/20230703120446736_103397.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

efb78e205c4758227e4b8ba4a9d714cc9ce82ed342d974b57c1d9b868d3e0d9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 03 Jul 2023 15:04:46 GMT
date: Tue, 26 Mar 2024 20:34:57 GMT
etag: "2ccfd1b4bfadd91:0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=384
server-timing: cdn-cache; desc=HIT, edge; dur=36, origin; dur=0, ak_p; desc="1711485297942_389467968_807698900_3600_8496_34_0_182";dur=1
accept-ranges: bytes
content-length: 54163
x-xss-protection: 1; mode=block

GET
H2 200 20230717181032586_103617.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/ 41 KB
42 KB 119ms
119ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/top-banner/main/20230717181032586_103617.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff536a3f9dfc9529868372fe67134a864ede5212657419476ab401834c87b672

Security Headers

Name

Value

X-Content-Type-Options

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;
last-modified: Mon, 17 Jul 2023 21:10:32 GMT
etag: "5d6a541ff3b8d91:0"
content-type: image/jpeg
cache-control: max-age=872
server-timing: cdn-cache; desc=HIT, edge; dur=75, origin; dur=0, ak_p; desc="1711485299061_389467968_807700077_7532_8017_34_0_146";dur=1
accept-ranges: bytes
content-length: 42386

GET
H2 200 20231101110830918_103651.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/ 57 KB
58 KB 122ms
120ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/20231101110830918_103651.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2d0a2d3934607a7f8203691383740596533a9f4eaa7745170456a4206459eda5

Security Headers

Name

Value

X-Content-Type-Options

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;
last-modified: Wed, 01 Nov 2023 14:08:31 GMT
etag: "b0f3c9e4cccda1:0"
content-type: image/jpeg
cache-control: max-age=1156
server-timing: cdn-cache; desc=HIT, edge; dur=71, origin; dur=0, ak_p; desc="1711485299088_389467968_807700095_7621_7375_34_0_219";dur=1
accept-ranges: bytes
content-length: 58391

GET
H2 200 20220615172334218_103359.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/ 54 KB
55 KB 74ms
72ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/20220615172334218_103359.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

046e2dabaac8eba3437c9b3e785bc63e38d1854fcb7a5fba1596e9a1178fc845

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
last-modified: Wed, 15 Jun 2022 20:23:34 GMT
etag: "4d199bc9f580d81:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2254
server-timing: cdn-cache; desc=HIT, edge; dur=29, origin; dur=0, ak_p; desc="1711485299082_389467968_807700096_3027_5917_34_0_219";dur=1
accept-ranges: bytes
content-length: 55712

GET
H2 200 20220617125750092_103367.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/ 57 KB
58 KB 245ms
243ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/20220617125750092_103367.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

331bc3d6a17a370710416b053fcba68a3119bf0610f0f7f04f66ad367c99d1ef

Security Headers

Name

Value

X-Content-Type-Options

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;
last-modified: Fri, 17 Jun 2022 15:57:50 GMT
etag: "da99dcfe6282d81:0"
content-type: image/jpeg
cache-control: max-age=872
server-timing: cdn-cache; desc=HIT, edge; dur=199, origin; dur=0, ak_p; desc="1711485299081_389467968_807700097_19940_6679_35_0_219";dur=1
accept-ranges: bytes
content-length: 58648

GET
H2 200 20231101111827381_103652.jpg
www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/ 63 KB
63 KB 97ms
95ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/home-highlight/main/20231101111827381_103652.jpg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

50b757a8c26fa7d511668a57431dbed62a712c066229ed63c158d9e54f44558e

Security Headers

Name

Value

X-Content-Type-Options

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cook/elaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval"; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.testa.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self'" https://www.google-analytics. com https://analytics.google.comhttps://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com; frame-src 'self" https://www.google.com;
last-modified: Wed, 01 Nov 2023 14:18:27 GMT
etag: "c1bc5f48cecda1:0"
content-type: image/jpeg
cache-control: max-age=996
server-timing: cdn-cache; desc=HIT, edge; dur=52, origin; dur=0, ak_p; desc="1711485299081_389467968_807700098_5261_6506_34_0_219";dur=1
accept-ranges: bytes
content-length: 64004

GET
H2 200 20151130163227018_100706.png
www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/ 380 B
1 KB 82ms
80ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/20151130163227018_100706.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d30a682400e41c61a1ac524c59441fb60eaa02a3917c9418e7081b3d9d70f136

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
last-modified: Mon, 30 Nov 2015 18:32:27 GMT
etag: "bfd9a769d2bd11:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2338
server-timing: cdn-cache; desc=HIT, edge; dur=37, origin; dur=0, ak_p; desc="1711485299082_389467968_807700099_3761_7376_34_0_219";dur=1
accept-ranges: bytes
content-length: 380

GET
H2 200 20151130163312678_100707.png
www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/ 477 B
1 KB 66ms
64ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/20151130163312678_100707.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8f0794ec6d2e5d6aa267bfd8abf21da3bfca06d37fa153ba2c4a9472e0804b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
last-modified: Mon, 30 Nov 2015 18:33:12 GMT
etag: "db7dd4919d2bd11:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2372
server-timing: cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1711485299082_389467968_807700100_2224_5607_34_0_146";dur=1
accept-ranges: bytes
content-length: 477

GET
H2 200 20180619140656877_102022.png
www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/ 395 B
1 KB 96ms
95ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/media/links/thumb/20180619140656877_102022.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2075a715f798a3105db3ee04e9e0df7aabc8d5c3ef83057f85a1b98253c78509

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
last-modified: Tue, 19 Jun 2018 17:06:56 GMT
etag: "2671d1edef7d41:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2351
server-timing: cdn-cache; desc=HIT, edge; dur=52, origin; dur=0, ak_p; desc="1711485299081_389467968_807700101_5317_6400_34_0_219";dur=1
accept-ranges: bytes
content-length: 395

GET
H2 200 js-file Show response
www.bancomercedes-benz.com.br/scripts/tcm/ 14 KB
5 KB 935ms
935ms Script
text/javascript 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/scripts/tcm/js-file?v=8nuFwlkq-MaOg2HuA3dE-1CN6d7g8uvjDpg-wdjHEqA1

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db47ff542d4462e0d7ee1330a9fdc197392edcf75176f7d9dc756e60ff48625b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
server-timing: cdn-cache; desc=MISS, edge; dur=622, origin; dur=20, ak_p; desc="1711485298059_389467968_807699016_64187_10599_35_0_182";dur=1
content-length: 3774
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:58 GMT
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
expires: Tue, 26 Mar 2024 20:34:58 GMT

GET
H2 200 bmbinternet-js-footer Show response
www.bancomercedes-benz.com.br/ 323 KB
89 KB 1706ms
1706ms Script
text/javascript 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/bmbinternet-js-footer?v=SpzUkgNMUi0s8UMXGCQdI9CmmZdjTawB8KJIgKOveB01

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b295cdcdb4f53f14d98127868cfc61c2e05f183b38c88ba548bf1bc54427681

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Tue, 26 Mar 2024 20:34:58 GMT
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
x-frame-options: sameorigin
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=601, origin; dur=48, ak_p; desc="1711485298073_389467968_807699033_65062_8709_50_0_182";dur=1
x-xss-protection: 1; mode=block
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
73 KB 170ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NL7VXSP

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92adaa53d0644879733464bba4f41db465cd7a7865031570a7771fd795878609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73990
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 18:39:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 313e83c6-2b2b-4918-b570-ff2fbc0f6d6c.json Show response
cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/ 4 KB
2 KB 83ms
42ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bcb0cd7ffe87f03655f15acabd2cd870a87b6b209ddca96038aaf13b79b5f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 21276
content-md5: WNDNH9UuN80Qu6+R5PQQCA==
content-length: 1553
x-ms-lease-status: unlocked
last-modified: Thu, 18 Jan 2024 20:28:38 GMT
server: cloudflare
etag: 0x8DC18640DB5177E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b30be279-c01e-000f-6827-614fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9eca938e24d70-FRA
expires: Wed, 27 Mar 2024 20:34:58 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 241ms
45ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 86a9ecaabf692bac-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 429 KB
104 KB 36ms
35ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g8NxcYp0IaoBIOhpMNVD1w==
age: 7374
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106568
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:22 GMT
server: cloudflare
etag: 0x8DC3E88CB118B87
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1933329b-701e-0025-1157-7990ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9ecaf29958f32-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 143ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 20:34:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1294, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: LJKF2Wy1W1/muWpGE76dWuPbiJR7uTzhI70ckyflPTt1A7S5IYRttvZoBUdY0/GFExL5gInR/b6gIcL45mFRQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icon.png
www.bancomercedes-benz.com.br/custom/site-bmbinternet/images/icon/ 3 KB
4 KB 310ms
310ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/custom/site-bmbinternet/images/icon/icon.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/custom/inc?v=u8JAfnmUIounouo23mirgHlZOFg07NAIINpA-hqlCqk1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36a96f175916b97a559089bdd84d9c999d6ab7e5fdfa7ea5f396c47d609f065f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 20:41:27 GMT
date: Tue, 26 Mar 2024 20:34:59 GMT
etag: "25b4327df473da1:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=6118
server-timing: cdn-cache; desc=HIT, edge; dur=260, origin; dur=0, ak_p; desc="1711485299097_389467968_807700121_26122_6653_36_0_219";dur=1
accept-ranges: bytes
content-length: 2744
x-xss-protection: 1; mode=block

GET
H2 200 deal.png
www.bancomercedes-benz.com.br/custom/site-bmbinternet/images/icon/ 3 KB
4 KB 947ms
947ms Image
image/png 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bancomercedes-benz.com.br/custom/site-bmbinternet/images/icon/deal.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/custom/inc?v=u8JAfnmUIounouo23mirgHlZOFg07NAIINpA-hqlCqk1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1770625a9b3e6e065ee4b4b57796bd581ad7465a309bca71b16f78a8587cd69e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 20:41:26 GMT
date: Tue, 26 Mar 2024 20:35:00 GMT
etag: "b9efe7df473da1:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=7149
server-timing: cdn-cache; desc=MISS, edge; dur=193, origin; dur=711, ak_p; desc="1711485299097_389467968_807700122_90506_6579_34_0_219";dur=1
accept-ranges: bytes
content-length: 2716
x-xss-protection: 1; mode=block

GET
H2 200 corporateacon-reg_2-webfont.woff
www.bancomercedes-benz.com.br/custom/site-bmbinternet/css/fonts/ 31 KB
32 KB 335ms
335ms Font
font/x-woff 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/custom/site-bmbinternet/css/fonts/corporateacon-reg_2-webfont.woff

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/bundle/site-bmbinternet/css/custom/inc?v=u8JAfnmUIounouo23mirgHlZOFg07NAIINpA-hqlCqk1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ed1d033e4ea93c90ce5c92ec956f39716317d3934c325269b8e4b70c4eacc69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://www.bancomercedes-benz.com.br
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.google.com *.googleapis.com *.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' *.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 20:41:25 GMT
date: Tue, 26 Mar 2024 20:34:59 GMT
etag: "2e418c7cf473da1:0"
x-frame-options: sameorigin
content-type: font/x-woff
cache-control: max-age=1676
server-timing: cdn-cache; desc=HIT, edge; dur=257, origin; dur=0, ak_p; desc="1711485299117_389467968_807700139_25811_8296_41_0_255";dur=1
accept-ranges: bytes
content-length: 31656
x-xss-protection: 1; mode=block

GET
H2 200 pt.json Show response
cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/a2a056c7-6979-44c9-83cd-b22633e45fc9/ 39 KB
12 KB 45ms
41ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/313e83c6-2b2b-4918-b570-ff2fbc0f6d6c/a2a056c7-6979-44c9-83cd-b22633e45fc9/pt.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe1867318e80a1e425afbe09174fdbc11e3316b92a53fed66273c82dc0c5988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 21274
content-md5: UI0lyRNBUVhFfTg7vw8cJw==
content-length: 11926
x-ms-lease-status: unlocked
last-modified: Thu, 18 Jan 2024 20:28:41 GMT
server: cloudflare
etag: 0x8DC18640F51E94D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 893d085c-e01e-0018-4ef6-71e6e4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9ecaf98be4d70-FRA
expires: Wed, 27 Mar 2024 20:34:59 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 13 KB
3 KB 42ms
41ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cY5y5oOgkrkmN13/L7bZ7g==
age: 74070
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:16 GMT
server: cloudflare
etag: 0x8DC3E88C74EAA0F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 68a86501-f01e-0059-02af-70be00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9ecaff9484d70-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/ 62 KB
13 KB 40ms
39ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: s2sOOFx0mjDJK9iNqaz9cw==
age: 32100
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:18 GMT
server: cloudflare
etag: 0x8DC3E88C8A3F53C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ead46380-801e-0088-416a-79dc8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9ecaff94d4d70-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 21 KB
4 KB 41ms
41ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 26508
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 16b3539e-101e-0023-6877-79a340000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86a9ecaff94f4d70-FRA

GET
H2 200 377564486700301 Show response
connect.facebook.net/signals/config/ 54 KB
11 KB 382ms
379ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/377564486700301?v=2.9.150&r=stable&domain=www.bancomercedes-benz.com.br&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84503b9127e069a55efb3bb8c66390ceda760196e6e32a82333b73df70818648

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 20:34:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=65, mss=1294, tbw=62817, tp=-1, tpl=-1, uplat=359, ullat=0
pragma: public
x-fb-debug: MHvBAOpXdj/svQw0YGCnPW7Eb4vnSqknBHMWSGj/lBMZg+etN+iQIiYthjR7X1DWYEVKUXKaZi+ZKyOwSXWFgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
92 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X9W3XGKF4B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL7VXSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44bd3f33fc007bcaf15751363389d4d1137c9fc7db83c93b391958d5f79511bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
96 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5942QYW5SM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL7VXSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd6132093d522b1410185a45afe30a1dfd3c608e3bc1e540ad1fbe93dab2a3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97838
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
23ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NL7VXSP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Mar 2024 19:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Mar 2024 21:48:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
231 B 45ms
44ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1607323847&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&ul=en-us&de=UTF-8&dt=Banco%20Mercedes-Benz%20-%20Home%20page&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YEBAAEABAAAAACAAI~&jid=1630126344&gjid=1294317543&cid=211251342.1711485299&tid=UA-203037743-7&_gid=815667907.1711485299&_r=1&_slc=1&gtm=45He43p0n81NL7VXSPv871102291za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=683205945

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

18663b42a90fd8933c4b727a6f3a5fb29bc32b3cbfbcae5736fbe3d6d14f3bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 20:34:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bancomercedes-benz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 89ms
28ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5942QYW5SM&cid=211251342.1711485299&gtm=45je43p0v871704103z8871102291za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5942QYW5SM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 26 Mar 2024 20:34:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bancomercedes-benz.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
87 KB 44ms
44ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CD4VBQ212H&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ab795fd84d524d290339ff5ff26406098df9ebfe8f8b2c3df3dfca5514613bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 20:34:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Mar 2024 20:34:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 74ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=377564486700301&ev=PageView&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&rl=&if=false&ts=1711485299651&sw=800&sh=600&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.2.1711485299651.849733746&ler=empty&cdl=API_unavailable&it=1711485299261&coo=false&rqm=GET

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1294, tbw=2758, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Mar 2024 20:34:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
56 KB 23ms
22ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Mar 2024 20:34:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4601, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: QSjIMQgpxcNGSH3cEH+XyTR/A/NiFKyhQ10kI6Bd5SP8YPWmqljYB4WYIug33nwiWskVuBEFq3E+CPB1VyrXdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 38ms
37ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.bancomercedes-benz.com.br/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 18113
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 19:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 80dc8988-801e-0098-372c-7f19e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86a9ecb46f7c8f32-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 33ms
33ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 74070
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 07:07:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e85ba5a3-601e-0039-2e8f-7ec29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86a9ecb47efa4d70-FRA

GET
H2 200 bmb_logo.png
cdn.cookielaw.org/logos/98b0ffd7-9494-4240-9377-de242ff7e665/85a40137-5592-4258-8fa5-a1446a2db64c/1443c90b-a448-4c47-a871-4a0497e973fd/ 4 KB
4 KB 33ms
32ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/98b0ffd7-9494-4240-9377-de242ff7e665/85a40137-5592-4258-8fa5-a1446a2db64c/1443c90b-a448-4c47-a871-4a0497e973fd/bmb_logo.png

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

151a19950b6bb2160e98a1a999bedbe92426a26225167a0d2e5079113f9e700a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WsUci6jqY/pKWnMRn4pYbg==
age: 15398
content-length: 4078
x-ms-lease-status: unlocked
last-modified: Thu, 22 Oct 2020 13:42:21 GMT
server: cloudflare
etag: 0x8D876904D1D45AC
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5d266f5e-001e-003f-1367-79f120000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86a9ecb48f978f32-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
34ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.bancomercedes-benz.com.br
URL: https://www.bancomercedes-benz.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 26 Mar 2024 20:34:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 9287
x-ms-lease-status: unlocked
last-modified: Mon, 25 Mar 2024 07:07:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 017831e2-801e-0098-50e7-7e19e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86a9ecb48f9c8f32-FRA

GET
H2 200 favicon.ico
www.bancomercedes-benz.com.br/assets/BMBInternet/files/img/ 1 KB
2 KB 250ms
250ms Other
image/x-icon 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/files/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

247634b506c7aea60b5d05d3fe1193a1e288ae3bb69ad5bed8fa799d69f92bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
content-encoding: gzip
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
date: Tue, 26 Mar 2024 20:35:00 GMT
last-modified: Tue, 14 Jul 2015 11:43:49 GMT
etag: "4130e0592abed01:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=6201
server-timing: cdn-cache; desc=HIT, edge; dur=203, origin; dur=0, ak_p; desc="1711485300054_389467968_807701116_20413_8933_34_0_219";dur=1
accept-ranges: bytes
content-length: 685

GET
H2 200 favicon.ico
www.bancomercedes-benz.com.br/assets/BMBInternet/files/img/ 1 KB
2 KB 97ms
97ms Other
image/x-icon 2a02:26f0:3500:3::b818:4d40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bancomercedes-benz.com.br/assets/BMBInternet/files/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

247634b506c7aea60b5d05d3fe1193a1e288ae3bb69ad5bed8fa799d69f92bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age= 86400
X-Content-Type-Options	nosniff: default-src 'self; script-src 'self .google.com .googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age= 86400
content-encoding: gzip
x-content-type-options: nosniff: default-src 'self; script-src 'self *.google.com *.googleapis.com.gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self" https://fonts.googleapis.com 'unsafe-inline'; font-src 'self.googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cockielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics. com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br,onetrust.com; frame-src 'self https://www.google.com;
date: Tue, 26 Mar 2024 20:35:00 GMT
last-modified: Tue, 14 Jul 2015 11:43:49 GMT
etag: "4130e0592abed01:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=6201
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1711485300356_389467968_807701446_257_11086_46_0_219";dur=1
accept-ranges: bytes
content-length: 685

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5942QYW5SM&cid=211251342.1711485299&gtm=45je43p0v871704103z8871102291za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=859735952

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bancomercedes-benz.com.br/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: tuu6BzsV_zwyEs5AgcRmGCzYM3zuRRBjRtLVVNT8rnRB-KxrKVfOb1b-CuiI4G7AZ8pyMA2
.bancomercedes-benz.com.br/	1969-12-31 23:59:59	Name: TCMAntiForgeryToken Value: 2SQX2VWahnfrA6ReDWLIahZKNwBq-rGEcOWuJeBtbOHhvQDVrSX3UQabkuq7yYW__bdjzw2
.bancomercedes-benz.com.br/	1970-01-20 19:26:11	Name: _gid Value: GA1.3.815667907.1711485299
.bancomercedes-benz.com.br/	1970-01-20 19:24:45	Name: _gat_UA-203037743-7 Value: 1
.bancomercedes-benz.com.br/	1970-01-21 05:00:45	Name: _ga_5942QYW5SM Value: GS1.1.1711485299.1.0.1711485299.60.0.0
.bancomercedes-benz.com.br/	1970-01-21 05:00:45	Name: _ga Value: GA1.1.211251342.1711485299
.bancomercedes-benz.com.br/	1970-01-21 05:00:45	Name: _ga_X9W3XGKF4B Value: GS1.1.1711485299.1.0.1711485299.0.0.0
.bancomercedes-benz.com.br/	1970-01-21 05:00:45	Name: _ga_CD4VBQ212H Value: GS1.3.1711485299.1.0.1711485299.0.0.0
.bancomercedes-benz.com.br/	1970-01-20 21:34:21	Name: _fbp Value: fb.2.1711485299651.849733746
.bancomercedes-benz.com.br/	1970-01-21 04:10:21	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Mar+26+2024+21%3A34%3A59+GMT%2B0100+(Central+European+Standard+Time)&version=202401.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=90d9c359-1ca8-487c-8f27-d8f64d9ab12d&interactionCount=0&landingPath=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&groups=C0002%3A0%2CC0001%3A1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-5942QYW5SM&l=dataLayer&cx=c(Line 183) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-5942QYW5SM&gtm=45je43p0v871704103z8871102291za200&_p=1711485297603&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=211251342.1711485299&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711485299&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&dt=Banco%20Mercedes-Benz%20-%20Home%20page&en=page_view&_fv=2&_ss=1&tfd=6383' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-X9W3XGKF4B&l=dataLayer&cx=c(Line 169) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-X9W3XGKF4B&gtm=45je43p0v871112110z8871102291za200&_p=1711485297603&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=211251342.1711485299&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711485299&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&dt=Banco%20Mercedes-Benz%20-%20Home%20page&en=page_view&_fv=1&_ss=1&tfd=6389' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/".
security	error	URL: https://www.bancomercedes-benz.com.br/ Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5942QYW5SM&cid=211251342.1711485299&gtm=45je43p0v871704103z8871102291za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=859735952' because it violates the following Content Security Policy directive: "img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-CD4VBQ212H&cx=c&_slc=1(Line 150) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-CD4VBQ212H&gtm=45je43p0v9134117369za200&_p=1711485297603&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=800x600&cid=211251342.1711485299&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&dt=Banco%20Mercedes-Benz%20-%20Home%20page&sid=1711485299&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6497' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/".
other	warning	URL: https://connect.facebook.net/signals/config/377564486700301?v=2.9.150&r=stable&domain=www.bancomercedes-benz.com.br&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-5942QYW5SM&l=dataLayer&cx=c(Line 183) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-5942QYW5SM&gtm=45je43p0v871704103za200&_p=1711485297603&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=211251342.1711485299&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1711485299&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&dt=Banco%20Mercedes-Benz%20-%20Home%20page&en=user_engagement&_et=5058&tfd=11446' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-X9W3XGKF4B&l=dataLayer&cx=c(Line 169) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-X9W3XGKF4B&gtm=45je43p0v871112110za200&_p=1711485297603&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=211251342.1711485299&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=2&sid=1711485299&sct=1&seg=0&dl=https%3A%2F%2Fwww.bancomercedes-benz.com.br%2F&dt=Banco%20Mercedes-Benz%20-%20Home%20page&en=user_engagement&_et=5058&tfd=11448' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .google.com .googleapis.com .gstatic.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.cookielaw.org https://connect.facebook.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' .googleapis.com https://fonts.googleapis.com https://libs.tesla.com.br fonts.gstatic.com; img-src 'self' *.googleusercontent.com https://ssl.google-analytics.com data: https://cdn.cookielaw.org https://www.facebook.com; connect-src 'self' https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://cdn.cookielaw.org https://geolocation.onetrust.com https://privacyportal-br.onetrust.com http://extranet.bancomercedes-benz.com.br:81/; frame-src 'self' https://www.google.com https://www.youtube.com https://youtube.com;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
connect.facebook.net
geolocation.onetrust.com
stats.g.doubleclick.net
www.bancomercedes-benz.com.br
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.google.de
157.240.252.13
172.217.18.8
2001:4860:4802:34::178
2606:4700:4400::6812:2089
2606:4700::6813:b234
2a00:1450:4001:812::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:3::b818:4d40
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
046e2dabaac8eba3437c9b3e785bc63e38d1854fcb7a5fba1596e9a1178fc845
0bcb0cd7ffe87f03655f15acabd2cd870a87b6b209ddca96038aaf13b79b5f10
151a19950b6bb2160e98a1a999bedbe92426a26225167a0d2e5079113f9e700a
1770625a9b3e6e065ee4b4b57796bd581ad7465a309bca71b16f78a8587cd69e
18663b42a90fd8933c4b727a6f3a5fb29bc32b3cbfbcae5736fbe3d6d14f3bda
2075a715f798a3105db3ee04e9e0df7aabc8d5c3ef83057f85a1b98253c78509
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
247634b506c7aea60b5d05d3fe1193a1e288ae3bb69ad5bed8fa799d69f92bf9
2d0a2d3934607a7f8203691383740596533a9f4eaa7745170456a4206459eda5
331bc3d6a17a370710416b053fcba68a3119bf0610f0f7f04f66ad367c99d1ef
36a96f175916b97a559089bdd84d9c999d6ab7e5fdfa7ea5f396c47d609f065f
3d7e047f38c407d34a533da75487826f62c33357f264ca96f1f1f7ff0ba64ed4
44bd3f33fc007bcaf15751363389d4d1137c9fc7db83c93b391958d5f79511bb
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4fe1867318e80a1e425afbe09174fdbc11e3316b92a53fed66273c82dc0c5988
50b757a8c26fa7d511668a57431dbed62a712c066229ed63c158d9e54f44558e
5446b2d0120dc4737c7593f47b9474b724bbe985b5e5231eb75e5bbbf7762880
5b295cdcdb4f53f14d98127868cfc61c2e05f183b38c88ba548bf1bc54427681
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5facd3a5740084a3ef95a738f422e00aef284b165f0b3c728e231b60f16be85d
64a5f524afd5f0218c4e0dbb342b2e7e34d6bd8a286aa56ee2d9ef7e61a35765
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
7e4799124aa283cfb40b6c1c2273ea9449210a7227e96e61b5aa81734686fd3d
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
84503b9127e069a55efb3bb8c66390ceda760196e6e32a82333b73df70818648
8ed1d033e4ea93c90ce5c92ec956f39716317d3934c325269b8e4b70c4eacc69
8f0794ec6d2e5d6aa267bfd8abf21da3bfca06d37fa153ba2c4a9472e0804b8c
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92adaa53d0644879733464bba4f41db465cd7a7865031570a7771fd795878609
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
971701dfa10ea8110baa4d8bbbb89a58575eb5543fe8d0eaf20dee5e20df36cc
ab795fd84d524d290339ff5ff26406098df9ebfe8f8b2c3df3dfca5514613bec
d30a682400e41c61a1ac524c59441fb60eaa02a3917c9418e7081b3d9d70f136
d38d184714892f39ea8d05eed8ea95ae0c568459ba10a3a678a2af0a637e8864
d3d162fbc8c0ca33f4a7ea818b565b1002f3be2bc7938a05e41b9b5c554b57d1
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d8881b0d42e78973fc7a859cc5b23871765a6a9e32b28deecb9c12a300b013d6
db47ff542d4462e0d7ee1330a9fdc197392edcf75176f7d9dc756e60ff48625b
dceced3dcadd7497e468610ec37eccb7677157658299f4bb8cf760f4a0c5b18d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
efb78e205c4758227e4b8ba4a9d714cc9ce82ed342d974b57c1d9b868d3e0d9b
fd6132093d522b1410185a45afe30a1dfd3c608e3bc1e540ad1fbe93dab2a3b4
ff536a3f9dfc9529868372fe67134a864ede5212657419476ab401834c87b672

www.bancomercedes-benz.com.br Open in urlscan Pro 2a02:26f0:3500:3::b818:4d40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

80 %IPv6

9 Domains

9 Subdomains

11 IPs

3 Countries

2609 kBTransfer

4517 kBSize

10 Cookies

7 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bancomercedes-benz.com.br Open in urlscan Pro
2a02:26f0:3500:3::b818:4d40 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

80 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

2609 kB
Transfer

4517 kB
Size

10
Cookies

50 HTTP transactions
0 data transactions