openid.itau.com.br Open in urlscan Pro
138.59.163.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ic360.com.br/
Effective URL:
https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2...
Submission: On November 21 via manual (November 21st 2022, 8:43:26 pm UTC) from BR — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 138.59.163.74, located in Brazil and belongs to Itau Unibanco S.A., BR. The main domain is openid.itau.com.br.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 8th 2022. Valid for: a year.

This is the only time openid.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:225... 2600:9000:2251:e800:3:6e7f:8f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 9	2600:9000:225... 2600:9000:2251:c200:3:6e7f:8f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	138.59.163.74 138.59.163.74	15256 (Itau Unib...) (Itau Unibanco S.A.)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
13	4

1 2600:9000:2251:e800:3:6e7f:8f80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

ic360.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2251:c200:3:6e7f:8f80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

ic360.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.59.163.74 (Brazil)

ASN15256 (Itau Unibanco S.A., BR)

openid.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ic360.com.br 2 redirects ic360.com.br	1 MB
3	itau.com.br openid.itau.com.br	127 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	53 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	869 B
13	4

	Domain	Requested by
10	ic360.com.br	2 redirects ic360.com.br
3	openid.itau.com.br	ic360.com.br openid.itau.com.br
1	www.googletagmanager.com	ic360.com.br
1	fonts.googleapis.com	ic360.com.br
13	4

This site contains no links.

Subject Issuer	Validity	Valid
canal360i.cloud.itau.com.br Amazon RSA 2048 M01	`2022-11-19` - `2023-12-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
openid.itau.com.br GlobalSign RSA OV SSL CA 2018	`2022-07-08` - `2023-08-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code
Frame ID: 925AAAF08AFEABE69D0653023184F6CB
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STS Itaú

Page URL History Show full URLs

http://ic360.com.br/ HTTP 301
https://ic360.com.br/ HTTP 301
https://ic360.com.br/login/auth-partner-sts/ Page URL
https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redi... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

13
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1531 kB
Transfer

6731 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ic360.com.br/ HTTP 301
https://ic360.com.br/ HTTP 301
https://ic360.com.br/login/auth-partner-sts/ Page URL
https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ic360.com.br/ HTTP 301
https://ic360.com.br/ HTTP 301
https://ic360.com.br/login/auth-partner-sts/

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ic360.com.br/login/auth-partner-sts/
Redirect Chain

http://ic360.com.br/
https://ic360.com.br/
https://ic360.com.br/login/auth-partner-sts/

1 KB
1 KB

1784ms
1784ms

Document
text/html

2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9bb06596d7c5eb4b16e818c60e581b61967dae3e710899ca2f3d271b1545d50c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Mon, 21 Nov 2022 20:43:20 GMT
etag: W/"a738ce573d35a47b6ecf1f01426f0a63"
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-id: 0vHy9Y-b3vSBm8gVykoTmuG-sBrlPdnUB2Zq17BPF3th3r3bHVvhOg==
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 6DxaSPZ1uedtn1tqfUyqGTPfonH0Beu8
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: frame-ancestors 'self'
date: Mon, 21 Nov 2022 20:43:17 GMT
location: /login/auth-partner-sts/
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-id: 7OoLgqg8bBWphHmtBbs42CPuUp7vuKB9uVMoUZeu98PQDH7oDKZdUg==
x-amz-cf-pop: FRA60-P3
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 65ms
25ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Nov 2022 20:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 20:43:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Nov 2022 20:43:19 GMT

GET
H2 200 styles.791cf306561ec5287560.css
ic360.com.br/ 59 KB
9 KB 1130ms
1129ms Stylesheet
text/css 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/styles.791cf306561ec5287560.css

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7d71df2bf102b6c15683f9fc4ab44a6606753e94ba765b428a590ea38201f50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:43:21 GMT
x-amz-version-id: oWt7UFQPMOHR6fkJzSeaHdzDaQKOVZbc
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: W/"f54a46a47e67d7c7518c9ad183e21d6b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-amz-cf-id: xKFjbTEsoB_H22KS3acndw84tBz0z1Q1vtCI_3NmOts9GnLvwnUx1A==

GET
H2 200 runtime.39dd6857b4e4ba62d71b.js Show response
ic360.com.br/ 2 KB
2 KB 1107ms
1106ms Script
application/javascript 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/runtime.39dd6857b4e4ba62d71b.js

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28ee6455492702afc36139dd073012fd7c5dbd964940b793b538c4d940cfdfc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: 4HIdbH9EuX.JMEahy9rJi0ulODfcgL2M
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 20:43:21 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Nov 2022 01:11:56 GMT
server: AmazonS3
etag: W/"2347e15540c2c3cd9208819cd116e314"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: H61BNM-nEKfPoMgNP-8ITXKqQ2Rkw38YH7pV-qdxNi9mBn-GTBFqKA==

GET
H2 200 polyfills.4f43c3fc6d8152191d13.js Show response
ic360.com.br/ 179 KB
60 KB 1107ms
1106ms Script
application/javascript 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/polyfills.4f43c3fc6d8152191d13.js

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0af221155161362437ff6e8b8b6d9f12148b3a7da7ad18f7640d8cb3b9bece05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: ZnUII36vU7Oy_FrOepwvlpy40KhjKUlH
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 20:43:21 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: W/"6c6e4269d5575c3381e9abe64baebd6b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: R-UcidkBxkL4acfwro4Xzl4Uvykfck05ZMMVdZWGTt0Zl26TaYE5sQ==

GET
H2 200 scripts.8683e1124b735272044c.js Show response
ic360.com.br/ 220 KB
69 KB 1106ms
1105ms Script
application/javascript 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/scripts.8683e1124b735272044c.js

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b784b497a08fb6086f8bcae7c99b2aec1e20cbb5c183945c4b145efb36f1eb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: CrXZbEvyt.ghC47pWe0O97cqVmAPwspZ
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 20:43:21 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: W/"d628385928094b21bae85116555fbd0e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 4gYhPwt4EUEgMVhlFLF1TrZq29iwv2FraPOvaCdtaaYZt4PkhkTclQ==

GET
H2 200 main.dd76d0e7ce182c0a93db.js Show response
ic360.com.br/ 6 MB
1 MB 871ms
871ms Script
application/javascript 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/main.dd76d0e7ce182c0a93db.js

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/login/auth-partner-sts/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fef8b8a3524768e3f41e174500fd2d80115c4d6b4a8a8a5f6b7e3ef3cc7d2417

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: q3C_cepVhCPcx08nJCCmiH3U0od0jb6X
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 20:43:21 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: RefreshHit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: W/"37b8066d6c939870f4139dc624a6fd35"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: 9A5XldOY7e3wtwVg4sgUVOa142WwItMs2ThV99CXl2qQtPlX9pi9sQ==

GET
H2 200 6.926cfd381f9fddf29c3c.js Show response
ic360.com.br/ 63 KB
14 KB 960ms
960ms Script
application/javascript 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/6.926cfd381f9fddf29c3c.js

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/runtime.39dd6857b4e4ba62d71b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57928782cb804768fce87e2c8129cef0d241fa0cc3bff4afbb129a57f5f07bec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/login/auth-partner-sts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:43:22 GMT
x-amz-version-id: _Gfwd7slvqvTsxL65X8fipXh9xPFdo4w
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: W/"a498d170fcd74187fdc3e3ca437374ef"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: um_3kBeBt9XTTl16f4wyTlV-SvhV-ixxGk4EC_nfrvF6QoR7_O9oEQ==

GET
H2 200 ItauText_W_Rg.ca35c07a3ef58514b6dd.woff2
ic360.com.br/ 17 KB
18 KB 973ms
972ms Font
font/woff2 2600:9000:2251:c200:3:6e7f:8f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ic360.com.br/ItauText_W_Rg.ca35c07a3ef58514b6dd.woff2

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/styles.791cf306561ec5287560.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:c200:3:6e7f:8f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ic360.com.br/styles.791cf306561ec5287560.css
Origin: https://ic360.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:43:22 GMT
x-amz-version-id: Uxd9Xk1F_9H5WIVqpefAVy9r5S.zJa.l
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 17892
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Nov 2022 01:18:33 GMT
server: AmazonS3
etag: "4c9045c151fd584835340bef1292fa48"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: ArUi2GRyJIlh007yTKGN0w8PuHdBcI0cDLSYqOUQI3oDTTxcd87coQ==

GET
H/1.1 200
OK Primary Request authorize Show response
openid.itau.com.br/services/oauth/ 4 KB
5 KB 2011ms
249ms Document
text/html 138.59.163.74
Itau Unibanco S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/main.dd76d0e7ce182c0a93db.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.59.163.74 , Brazil, ASN15256 (Itau Unibanco S.A., BR),

Reverse DNS

Software

Resource Hash

7627e5a68476f2eed971f207f57c2f8aa0ab91a02072e40328fae0384e26ffeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ic360.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Mon, 21 Nov 2022 20:43:24 GMT
Max-Forwards: 20
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Via: 1.1 STSItau ()
X-Content-Type-Options: nosniff
X-CorrelationID: Id-ece27b63f4267cdee9369321 0; Id-ece27b63f526796b4c8b861a 0
X-Servlet-Version: 1.6.6-50
x-itau-Limit: 150
x-itau-Remaining: 148
x-itau-Reset: 1669063405

GET
H2 200 gtm.js
www.googletagmanager.com/ 152 KB
53 KB 86ms
41ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJL46TC

Requested by

Host: ic360.com.br
URL: https://ic360.com.br/main.dd76d0e7ce182c0a93db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ic360.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 20:43:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53667
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Nov 2022 20:43:23 GMT

GET
H/1.1 200
OK bootstrap.min.css
openid.itau.com.br/services/oauth/bootstrap/css/ 119 KB
120 KB 487ms
486ms Stylesheet
text/css 138.59.163.74
Itau Unibanco S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://openid.itau.com.br/services/oauth/bootstrap/css/bootstrap.min.css

Requested by

Host: openid.itau.com.br
URL: https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.59.163.74 , Brazil, ASN15256 (Itau Unibanco S.A., BR),

Reverse DNS

Software

Resource Hash

1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 20:43:24 GMT
Via: 1.1 STSItau ()
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-CorrelationID: Id-ece27b6302272e20ba6af6a7 0; Id-ece27b6303273f0464b5c3ea 0
X-Servlet-Version: 1.6.6-50
x-itau-Reset: 1669063405
x-itau-Limit: 150
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Max-Forwards: 20
x-itau-Remaining: 147

GET
H/1.1 200
OK styles.css
openid.itau.com.br/services/oauth/ 2 KB
3 KB 256ms
255ms Stylesheet
text/css 138.59.163.74
Itau Unibanco S.A.

General

Check archive.org

Show headers Download Go to

Full URL

https://openid.itau.com.br/services/oauth/styles.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.59.163.74 , Brazil, ASN15256 (Itau Unibanco S.A., BR),

Reverse DNS

Software

Resource Hash

91150f74882e5573db3cc2b41a08cd0723de7c4508f808002aafa32fc2c8ee2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://openid.itau.com.br/services/oauth/authorize?client_id=f3c7c3bc-b4bb-48a4-8dad-07e0489cce70&redirect_uri=https:%2F%2Fic360.com.br%2Flogin%2Fcallback-partner-sts&scope=openid&response_type=code
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 20:43:24 GMT
Via: 1.1 STSItau ()
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-CorrelationID: Id-ece27b63052724312a695cfe 0; Id-ece27b63062740d4a4582814 0
X-Servlet-Version: 1.6.6-50
x-itau-Reset: 1669063405
x-itau-Limit: 150
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Max-Forwards: 20
x-itau-Remaining: 146

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
openid.itau.com.br/services	1970-01-20 07:37:43	Name: ClientID Value: f3c7c3bc-b4bb-48a4-8dad-07e0489cce70
openid.itau.com.br/services	1969-12-31 23:59:59	Name: TS0134ed20 Value: 01ca9250c729d999d5c64ea0ed3ebc92d3bacef3502c3435cf23625eac3c6dd4d95b658b190b33ff68ca81108a3f2b2321fe85b6287477852538c191555a03e035023fedee
.openid.itau.com.br/	1969-12-31 23:59:59	Name: TS01164259 Value: 01ca9250c7f4486ed00419d81d429283491bf824742c3435cf23625eac3c6dd4d95b658b19c3f0f7f3286cbf9902d1023cac431063

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
ic360.com.br
openid.itau.com.br
www.googletagmanager.com
138.59.163.74
2600:9000:2251:c200:3:6e7f:8f80:93a1
2600:9000:2251:e800:3:6e7f:8f80:93a1
2a00:1450:4001:811::2008
2a00:1450:4001:831::200a
0af221155161362437ff6e8b8b6d9f12148b3a7da7ad18f7640d8cb3b9bece05
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
28ee6455492702afc36139dd073012fd7c5dbd964940b793b538c4d940cfdfc5
3b784b497a08fb6086f8bcae7c99b2aec1e20cbb5c183945c4b145efb36f1eb4
57928782cb804768fce87e2c8129cef0d241fa0cc3bff4afbb129a57f5f07bec
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
7627e5a68476f2eed971f207f57c2f8aa0ab91a02072e40328fae0384e26ffeb
91150f74882e5573db3cc2b41a08cd0723de7c4508f808002aafa32fc2c8ee2b
9bb06596d7c5eb4b16e818c60e581b61967dae3e710899ca2f3d271b1545d50c
d7d71df2bf102b6c15683f9fc4ab44a6606753e94ba765b428a590ea38201f50
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
fef8b8a3524768e3f41e174500fd2d80115c4d6b4a8a8a5f6b7e3ef3cc7d2417

openid.itau.com.br Open in urlscan Pro 138.59.163.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

80 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1531 kBTransfer

6731 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

openid.itau.com.br Open in urlscan Pro
138.59.163.74 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1531 kB
Transfer

6731 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions