www.login-credicard.quitar-aymore.com Open in urlscan Pro
162.241.2.156  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.login-credicard.quitar-aymore.com/	54 KB 15 KB	749ms 352ms	Document text/html	162.241.2.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.241.2.156 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-2-156.unifiedlayer.com Software Apache / Resource Hash 79e656f9eb7d60dc00fbfa45f063e36e2e9d165a44e985b872a1013abad14017 Request headers :method GET :authority www.login-credicard.quitar-aymore.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Tue, 03 Mar 2020 17:29:26 GMT server Apache vary Accept-Encoding content-encoding gzip content-length 15014 content-type text/html; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	16 KB 1 KB	16ms 15ms	Stylesheet text/css	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 12703f5b33aee4a01e3f1f57c4637f5924e2dd24739a157cc50a5a117f57c891 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 03 Mar 2020 17:29:26 GMT server ESF date Tue, 03 Mar 2020 17:29:26 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 03 Mar 2020 17:29:26 GMT
GET H2	200	select2.min.css cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/	14 KB 3 KB	13ms 11ms	Stylesheet text/css	2606:4700::6811:4004 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 03 Mar 2020 17:29:26 GMT content-encoding br cf-cache-status HIT age 27890479 cf-ray 56e514646ad9d6b1-FRA status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:25:33 GMT server cloudflare etag W/"5afd4a8d-38aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css access-control-allow-origin * expires Sun, 21 Feb 2021 17:29:26 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.027
GET H2	200	$9tzbrpc7ohj d335luupugsy2.cloudfront.net/cms/files/148013/1583252471/	3 KB 3 KB	931ms 873ms	Image image/jpeg	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d335luupugsy2.cloudfront.net/cms/files/148013/1583252471/$9tzbrpc7ohj Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a9de0efda5ba78557f8b5fba99fecb41ae4815cd87df593740958c8d906da394 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:28 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) last-modified Tue, 03 Mar 2020 17:01:53 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "3270f1d3b864e4156e11d14148706980" x-cache Miss from cloudfront x-amz-version-id q4ToBT0EXPl2wBKo5fUeJcMKV7XCX2_C status 200 accept-ranges bytes content-type image/jpeg content-length 2901 x-amz-cf-id XEXSKT6dOUk657bRyjdtOMOINJHfS31EKLgeh94ngXG8Zy5YVzkkMg==
GET H2	200	baloes-ilustracao-401844c80fb8ede2343de6ff7da35754.png www.geru.com.br/_next/static/images/	24 KB 24 KB	101ms 15ms	Image image/png	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/baloes-ilustracao-401844c80fb8ede2343de6ff7da35754.png Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash 1927c31125739f11ef94b6f2774168b81e25a2b640a701636d911b696a63de22 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 08:40:33 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) age 118133 x-powered-by Express x-cache Hit from cloudfront status 200 content-length 24081 last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 etag W/"5e11-1708cd5f0e0" content-type image/png cache-control public, max-age=31536000, immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id rXP7U0S6sAb8-Hb9Q0-garKtCFplSNGp_h_EB5OPMszCD0KM-PY9tg== expires Tue, 02 Mar 2021 08:40:33 GMT
GET H2	200	illustration-tablet-d9f15e52b886c758d3d62318c2987b5c.png www.geru.com.br/_next/static/images/	17 KB 17 KB	909ms 843ms	Image image/png	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/illustration-tablet-d9f15e52b886c758d3d62318c2987b5c.png Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash d821fb444070cc31b38d15ec99464fc695490d8a87f1f2af2b8117f9a32abe39 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:27 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 x-amz-cf-pop FRA50-C1 x-powered-by Express etag W/"42cb-1708cd5f0e0" x-cache Miss from cloudfront content-type image/png status 200 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 17099 x-amz-cf-id iHX3IoDl6jtY-XEndXR6CJCA7N7AVLfpDf8wQZTsA6LZqO4hQmPriA== expires Wed, 03 Mar 2021 17:29:27 GMT
GET H2	200	illustration-computer-0450d82e85c3118187de48d45bfd6443.png www.geru.com.br/_next/static/images/	12 KB 13 KB	714ms 656ms	Image image/png	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/illustration-computer-0450d82e85c3118187de48d45bfd6443.png Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash 013f007a64243c95d6cdf5d0e7734a80052676950ecfe7299e5f5d4e4d596c3b Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:27 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 x-amz-cf-pop FRA50-C1 x-powered-by Express etag W/"31cf-1708cd5f0e0" x-cache Miss from cloudfront content-type image/png status 200 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 12751 x-amz-cf-id 4Vpqj2vPzHJNnNhIbJ6HjPx-HLoUVlD4gKF13dHKgp6NrnXebAA6Mw== expires Wed, 03 Mar 2021 17:29:27 GMT
GET H2	200	illustration-search-70be4594ceede0e05cd32bac531e89ac.png www.geru.com.br/_next/static/images/	12 KB 12 KB	683ms 636ms	Image image/png	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/illustration-search-70be4594ceede0e05cd32bac531e89ac.png Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash 7a9fe88f490c922d7c6ab70c1258e09b6738cc5a32666631eef3a9a0c467647d Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:27 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 x-amz-cf-pop FRA50-C1 x-powered-by Express etag W/"2e42-1708cd5f0e0" x-cache Miss from cloudfront content-type image/png status 200 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 11842 x-amz-cf-id 1qLJBCTep8zzYGdUJdKNsWZBFF6wCpyhiopAJws_PS5BKQZItOLY_w== expires Wed, 03 Mar 2021 17:29:27 GMT
GET H2	200	illustration-mobile-c2b0e814b497f864e12db6d1a8b20d0a.png www.geru.com.br/_next/static/images/	12 KB 13 KB	687ms 640ms	Image image/png	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/illustration-mobile-c2b0e814b497f864e12db6d1a8b20d0a.png Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash 260509a8a1a27006a6acd7727af5853d423ad1a6a68689540dedd1482e2b6b02 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:27 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 x-amz-cf-pop FRA50-C1 x-powered-by Express etag W/"30c1-1708cd5f0e0" x-cache Miss from cloudfront content-type image/png status 200 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 12481 x-amz-cf-id f_KrEpmouTL50zkkwcpJWA2_8V8wjtUWoNKup9VEN5bwxQ-7GOaedQ== expires Wed, 03 Mar 2021 17:29:27 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.2/	94 KB 33 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 04 Feb 2020 06:20:20 GMT content-encoding gzip x-content-type-options nosniff age 2459346 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 33495 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Feb 2021 06:20:20 GMT
GET H2	200	jquery.validate.min.js Show response d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/	21 KB 7 KB	69ms 31ms	Script application/x-javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/jquery.validate/1.9/jquery.validate.min.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 02 Aug 2019 19:25:29 GMT content-encoding gzip last-modified Tue, 24 Jul 2012 19:23:28 GMT server AmazonS3 age 18482638 vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id null status 200 cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 content-type application/x-javascript x-amz-cf-id cqBNGXfRD8FKp9EL_eRzgbB9q9RnlYs0WYtYKA9_eTINawRBIywmSw== via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
GET H2	200	jquery.form.js Show response d335luupugsy2.cloudfront.net/js/jquery.form/2.02/	31 KB 9 KB	79ms 41ms	Script application/x-javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/jquery.form/2.02/jquery.form.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash eba027d59d9bb46f605599febf927a74079c645c808f5ee3bb783af909801fdb Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 02 Aug 2019 19:25:29 GMT content-encoding gzip last-modified Tue, 24 Jul 2012 19:23:27 GMT server AmazonS3 age 18482638 vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id null status 200 cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 content-type application/x-javascript x-amz-cf-id USFv7hgFYcUX6Uz7KJ9JG10ZY3eXCN6dm4LnOt-EzukXXFPn9AaCJQ== via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
GET H2	200	select2.min.js Show response cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/	65 KB 17 KB	19ms 17ms	Script application/javascript	2606:4700::6811:4004 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 17:29:26 GMT content-encoding br cf-cache-status HIT age 10837906 cf-ray 56e514649b37d6b1-FRA status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 last-modified Thu, 17 May 2018 09:26:42 GMT server cloudflare etag W/"5afd4ad2-10424" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 21 Feb 2021 17:29:26 GMT cache-control public, max-age=30672000 timing-allow-origin * served-in-seconds 0.003
GET H2	200	jquery.cookie.v1.4.1.min.js Show response d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/	1 KB 1 KB	67ms 29ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/jquery.cookie.v1.4.1.min.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sun, 23 Feb 2020 05:59:33 GMT content-encoding gzip age 818994 x-cache Hit from cloudfront status 200 content-length 697 last-modified Wed, 26 Oct 2016 16:53:49 GMT server AmazonS3 etag "bac86a22d09cf057b53c6a659592ac0d" x-amz-version-id bREjeT6RWwdSVDNRZsm9DM9XoAml6XZP via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id Bc6lT1vf0FEhydVaM5TVlvWWirsDPGLF1kELMTnHNSYZN23hAMRCVA==
GET H2	200	math.uuid.v1.4.min.js Show response d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/	876 B 985 B	68ms 30ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/plugins/math.uuid.v1.4.min.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 09e62de51ee41b28720d7c1d7e0b00b5cd191fc6fcc047d702ce2232ccdfd04c Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 01:44:48 GMT content-encoding gzip age 56679 x-cache Hit from cloudfront status 200 content-length 569 last-modified Wed, 26 Oct 2016 16:54:00 GMT server AmazonS3 etag "73fb69ebd144308f821f3c4f357459c0" x-amz-version-id RP1uHWfCghp53Dg7Bw0k.8n7GWbl5nn7 via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id 9JkauiXnLLE_nSCqCTgTfYSvu1VpKts6X0hADWC7csJysX74KerhOA==
GET H2	200	rdlps.min.js Show response d335luupugsy2.cloudfront.net/js/rd/stable/	160 KB 44 KB	87ms 49ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/rd/stable/rdlps.min.js?t=1583255489 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash af5c39567816f4bed49727daaa7df0f16ebff538acd0f91a917ff57cf152c36c Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 01:52:07 GMT content-encoding gzip last-modified Tue, 10 Dec 2019 11:45:28 GMT server AmazonS3 age 56240 etag "be1a79fe70b6ca03de8deacdacc8c57d" x-cache Hit from cloudfront x-amz-version-id aEhIUDJx3f4EPFGfTHXTMmrX._fNV_Gd status 200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 44785 via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) x-amz-cf-id _WxpZmMpJHpcHzw8kKLaaYlGCnrJ07Q8IPfFbInSrICpjZsxkzv4ow==
GET H2	200	rdlps-progressive-profiling.min.js Show response d335luupugsy2.cloudfront.net/js/rd/stable/	977 B 936 B	29ms 28ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-progressive-profiling.min.js?t=1583255489 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 6ee3d01f7b460cf45b6deac43df70ee7787e133dda8021481207741bfe19aea3 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 01:35:40 GMT content-encoding gzip last-modified Tue, 10 Dec 2019 11:45:27 GMT server AmazonS3 age 57227 etag "1ce3fbfc59e0fcc0211ccbec6bea6f64" x-cache Hit from cloudfront x-amz-version-id Jy6U2P6JbybLqNXGTotS3gZ7LKNI9hd1 status 200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 545 via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) x-amz-cf-id F61CiaN6JYtWZ2UdP51pqqWQbYobQjSeXfMlW7cL9EabD0m46Vx2QA==
GET H2	200	rdlps-autofill.min.js Show response d335luupugsy2.cloudfront.net/js/rd/stable/	1 KB 1 KB	30ms 29ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/rd/stable/rdlps-autofill.min.js?t=1583255489 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 1aca40ef862b8001f0280e3fd0e91151c839854c65dc5fca6de098becf018b42 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 01:30:43 GMT content-encoding gzip last-modified Tue, 10 Dec 2019 11:45:27 GMT server AmazonS3 age 57524 etag "3108b5c77d390170dea86ca79a6561a0" x-cache Hit from cloudfront x-amz-version-id HM55VteyaKOl7nFesUip8jL_ZCCR8RPu status 200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 685 via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) x-amz-cf-id ssFbsUKzeNB1CSsGzx8WEJu55-jkExWXPn6O3O8lqPjvP2wST8tEJw==
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v17/	9 KB 9 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto Origin https://www.login-credicard.quitar-aymore.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Jan 2020 02:11:57 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 19:30:49 GMT server sffe age 2906249 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9132 x-xss-protection 0 expires Fri, 29 Jan 2021 02:11:57 GMT
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto Origin https://www.login-credicard.quitar-aymore.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 23 Jan 2020 18:51:41 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 3451065 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14044 x-xss-protection 0 expires Fri, 22 Jan 2021 18:51:41 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 fonts.gstatic.com/s/sourcesanspro/v13/	13 KB 13 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto Origin https://www.login-credicard.quitar-aymore.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 02 Mar 2020 13:13:24 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:46:19 GMT server sffe age 101762 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13324 x-xss-protection 0 expires Tue, 02 Mar 2021 13:13:24 GMT
GET H2	200	4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 fonts.gstatic.com/s/ubuntu/v14/	13 KB 14 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Droid+Sans|Droid+Serif|Lato|Lobster|Open+Sans|Oswald|PT+Sans|Raleway|Source+Sans+Pro|Ubuntu|Roboto Origin https://www.login-credicard.quitar-aymore.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 23 Jan 2020 10:24:14 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:17:45 GMT server sffe age 3481512 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13720 x-xss-protection 0 expires Fri, 22 Jan 2021 10:24:14 GMT
GET H2	200	$p7q5ahbubu d335luupugsy2.cloudfront.net/cms/files/148013/1583252471/	3 KB 3 KB	870ms 869ms	Image image/jpeg	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d335luupugsy2.cloudfront.net/cms/files/148013/1583252471/$p7q5ahbubu Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a9de0efda5ba78557f8b5fba99fecb41ae4815cd87df593740958c8d906da394 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:28 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) last-modified Tue, 03 Mar 2020 17:01:33 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "3270f1d3b864e4156e11d14148706980" x-cache Miss from cloudfront x-amz-version-id NOk5IVedNF6k8_f8N4PXS9Ivr92rtPGX status 200 accept-ranges bytes content-type image/jpeg content-length 2901 x-amz-cf-id PU_EjywY1j7PfUr-dptB9DJdfgvZmBOGA7n-RjjNuKGCAMpY8mKYvw==
GET H2	200	097f4be0-241a-4f36-843f-93adc0329b87-loader.js Show response d335luupugsy2.cloudfront.net/js/loader-scripts/	3 KB 1 KB	883ms 883ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/loader-scripts/097f4be0-241a-4f36-843f-93adc0329b87-loader.js Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 5d14da178c7eb0d0ff8b252c58dacbe269379b0f3afcf81e849536a395331989 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 03 Mar 2020 17:29:28 GMT content-encoding gzip last-modified Tue, 03 Mar 2020 17:11:35 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 vary Accept-Encoding x-cache Miss from cloudfront x-amz-version-id zozOjbhOzTOOvCp9Jkj.NqsCQkklCYsp status 200 cache-control max-age=2592000 content-type application/javascript x-amz-cf-id 3H6VjDd2VK9UEuP4eXWwRQMYjt6ZIQHSZALv15iFkFDCPonopSTbpw== via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
GET H2	200	y9ba_PT7a_U www.youtube.com/embed/ Frame E43E	0 0	130ms 130ms	Document text/html	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/y9ba_PT7a_U?autoplay=0&rel=0 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/y9ba_PT7a_U?autoplay=0&rel=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://www.login-credicard.quitar-aymore.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://www.login-credicard.quitar-aymore.com/ Response headers status 200 x-content-type-options nosniff expires Tue, 27 Apr 1971 19:44:06 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." strict-transport-security max-age=31536000 content-encoding br cache-control no-cache content-type text/html; charset=utf-8 date Tue, 03 Mar 2020 17:29:26 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=HOQFJtyNASo; path=/; domain=.youtube.com; secure; expires=Sun, 30-Aug-2020 17:29:26 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=HOQFJtyNASo; path=/; domain=.youtube.com; secure; expires=Sun, 30-Aug-2020 17:29:26 GMT; httponly; samesite=None YSC=3WxyegM_B4s; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 03-Mar-2020 17:59:26 GMT alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	geru-office-600f08074d490925cb8fd05b6f9b5f50.jpg www.geru.com.br/_next/static/images/	413 KB 414 KB	29ms 29ms	Image image/jpeg	2600:9000:2156:7800:3:4a99:df80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.geru.com.br/_next/static/images/geru-office-600f08074d490925cb8fd05b6f9b5f50.jpg Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:7800:3:4a99:df80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.15.8.1 / Express Resource Hash 324b3b988e9901c5392a9e89cf64187b889fc0dee5691682f538e2aba56b63b7 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 16:44:51 GMT via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) age 2675 x-powered-by Express x-cache Hit from cloudfront status 200 content-length 423051 last-modified Fri, 28 Feb 2020 17:26:36 GMT server openresty/1.15.8.1 etag W/"6748b-1708cd5f0e0" content-type image/jpeg cache-control public, max-age=31536000, immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id yQpKyUKK8cHcs19k5y__FtaghzHG05JjynVthWLqS7DUGTC95W1q8w== expires Wed, 03 Mar 2021 16:44:51 GMT
GET H2	200	traffic-source-cookie.min.js Show response d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/	2 KB 1 KB	29ms 29ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/097f4be0-241a-4f36-843f-93adc0329b87-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sun, 23 Feb 2020 18:45:14 GMT content-encoding gzip age 773054 x-cache Hit from cloudfront status 200 content-length 912 last-modified Mon, 06 Feb 2017 16:35:04 GMT server AmazonS3 etag "57ab0bbd7fce16f93e97fc33ff6ec7dc" x-amz-version-id inXXjDFoqD4i5dbZCPHdHZe2iZD88xAn via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id z3VtTErGiWIxQkR3Od2sYkVw9eimsfB8mg4HChjSKGgexyV_sLxQrw==
GET H2	200	select2.png cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/	518 B 669 B	14ms 14ms	Image image/png	2606:4700::6811:4004 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.png Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 03 Mar 2020 17:29:27 GMT cf-cache-status HIT age 2193070 cf-ray 56e5146adf76d6b1-FRA status 200 strict-transport-security max-age=15780000; includeSubDomains alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 content-length 518 last-modified Thu, 17 May 2018 09:25:33 GMT server cloudflare etag "5afd4a8d-206" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Sun, 21 Feb 2021 17:29:27 GMT cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * served-in-seconds 0.000
GET H/1.1	200 OK	br.svg dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/	8 KB 3 KB	99ms 25ms	Image image/svg+xml	143.204.98.48 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/br.svg?t=1560538149 Requested by Host: www.login-credicard.quitar-aymore.com URL: https://www.login-credicard.quitar-aymore.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.48 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-48.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 03 Mar 2020 02:13:11 GMT Content-Encoding gzip Last-Modified Tue, 18 Jun 2019 14:20:28 GMT Server AmazonS3 Age 54977 ETag "80934471d745e9f7973f57260ff17e39" X-Cache Hit from cloudfront Content-Type image/svg+xml Via 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Connection keep-alive Accept-Ranges bytes Content-Length 2818 X-Amz-Cf-Id qqYJfIRbAsP8cQ22_4R692TQHSYtZCxLazlD7a3bZQof3163aNRHAA==
GET H2	200	rd-js-integration.min.js Show response d335luupugsy2.cloudfront.net/js/integration/stable/	8 KB 4 KB	27ms 27ms	Script application/javascript	143.204.98.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1 Requested by Host: d335luupugsy2.cloudfront.net URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/097f4be0-241a-4f36-843f-93adc0329b87-loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.98.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-126.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768 Request headers Referer https://www.login-credicard.quitar-aymore.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id Ct5pRk0iGs7oJaBC5h1pY6mayReHXkIR content-encoding gzip age 81834 x-cache Hit from cloudfront status 200 date Mon, 02 Mar 2020 18:46:02 GMT content-length 3270 last-modified Wed, 21 Nov 2018 11:44:19 GMT server AmazonS3 etag "b0aec5eeb2956da5ea014d2b9bc7da31" content-type application/javascript; charset=utf-8 via 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront) cache-control max-age=86400, must-revalidate x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id _q8NTRpmveqgMAqFQUMW-w8xrYgdbqNuRyuq7K_2hj9rtjt1q4Sy_g==

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| Select2 function| createCookie function| readCookie function| eraseCookie function| conversionSuccess function| parseOpenCityAndState function| initRdlps function| CityInputFieldHandler object| fieldFormatPhone function| generateRDCaptcha object| RdForms object| RdlpsEventListener function| RdlpsFormStore function| Nibbler object| B32 object| CityPreloader object| jQuery111205527555463141232 object| RdlpsProgressiveProfiling function| getDefaultCountry object| RdlpsAutofill function| origConversionSuccess object| RDStation boolean| RDStationTrackingCodeChecker object| TrafficSourceCookie function| _classCallCheck function| RDStationFormIntegration object| FormFields function| _createClass function| RDErrorNotifier object| RDIntegrationCreditCard function| _typeof object| FieldMapping object| RdIntegrationIdentifier object| RdIntegration

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1970-01-19 07:47:38	Name: GPS Value: 1
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 3WxyegM_B4s
			.youtube.com/	1970-01-19 12:06:48	Name: VISITOR_INFO1_LIVE Value: HOQFJtyNASo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/097f4be0-241a-4f36-843f-93adc0329b87-loader.js(Line 1) Message: TrafficSourceCookie initialized

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
d335luupugsy2.cloudfront.net
dk9suync0k2va.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.geru.com.br
www.login-credicard.quitar-aymore.com
www.youtube.com
143.204.98.126
143.204.98.48
162.241.2.156
2600:9000:2156:7800:3:4a99:df80:93a1
2606:4700::6811:4004
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81c::200a
013f007a64243c95d6cdf5d0e7734a80052676950ecfe7299e5f5d4e4d596c3b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
09e62de51ee41b28720d7c1d7e0b00b5cd191fc6fcc047d702ce2232ccdfd04c
12703f5b33aee4a01e3f1f57c4637f5924e2dd24739a157cc50a5a117f57c891
1927c31125739f11ef94b6f2774168b81e25a2b640a701636d911b696a63de22
1aca40ef862b8001f0280e3fd0e91151c839854c65dc5fca6de098becf018b42
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
23c49eb1402fa6afe843b8dade085148af4d890f11d09d572ce970585e42f17c
260509a8a1a27006a6acd7727af5853d423ad1a6a68689540dedd1482e2b6b02
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
324b3b988e9901c5392a9e89cf64187b889fc0dee5691682f538e2aba56b63b7
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d14da178c7eb0d0ff8b252c58dacbe269379b0f3afcf81e849536a395331989
6ee3d01f7b460cf45b6deac43df70ee7787e133dda8021481207741bfe19aea3
719e041a7309a18d7038a356664f0fe96054d879ad6009277fcdfd5489402768
79e656f9eb7d60dc00fbfa45f063e36e2e9d165a44e985b872a1013abad14017
7a9fe88f490c922d7c6ab70c1258e09b6738cc5a32666631eef3a9a0c467647d
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a931d758e10b5f646f42e4b1100ee31b7ce4cdf5a86d59133424b65c8802788b
a9de0efda5ba78557f8b5fba99fecb41ae4815cd87df593740958c8d906da394
af5c39567816f4bed49727daaa7df0f16ebff538acd0f91a917ff57cf152c36c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641
d821fb444070cc31b38d15ec99464fc695490d8a87f1f2af2b8117f9a32abe39
eba027d59d9bb46f605599febf927a74079c645c808f5ee3bb783af909801fdb
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3