dkh72tu1v1fbw.cloudfront.net Open in urlscan Pro
13.32.99.11 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dkh72tu1v1fbw.cloudfront.net/
Submission Tags: demotag1 demotag2 Search All
Submission: On February 14 via api (February 14th 2023, 5:47:03 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 87 HTTP transactions. The main IP is 13.32.99.11, located in United States and belongs to AMAZON-02, US. The main domain is dkh72tu1v1fbw.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 8th 2022. Valid for: a year.

This is the only time dkh72tu1v1fbw.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nubank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
24	13.32.99.11 13.32.99.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
3	52.222.139.92 52.222.139.92	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.194.102.220 54.194.102.220	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	108.138.17.45 108.138.17.45	16509 (AMAZON-02) (AMAZON-02)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
4	2.23.97.122 2.23.97.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:41::84 2a04:4e42:41::84	54113 (FASTLY) (FASTLY)
2	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:d200:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
5	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2600:9000:223... 2600:9000:223d:9c00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.252.185.153 34.252.185.153	16509 (AMAZON-02) (AMAZON-02)
1	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
87	31

24 13.32.99.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-11.fra60.r.cloudfront.net

dkh72tu1v1fbw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.139.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-92.ams50.r.cloudfront.net

nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.102.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-102-220.eu-west-1.compute.amazonaws.com

services.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-45.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.97.122 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-122.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d200:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:9c00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.185.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-185-153.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	cloudfront.net dkh72tu1v1fbw.cloudfront.net	641 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 825	3 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5268	884 B
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4098 www.google.com — Cisco Umbrella Rank: 2	987 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 779	98 KB
4	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 26783 usr.navdmp.com — Cisco Umbrella Rank: 31967 cdn.navdmp.com — Cisco Umbrella Rank: 6239	6 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	276 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 412	12 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5555 cm.teads.tv — Cisco Umbrella Rank: 6650 t.teads.tv — Cisco Umbrella Rank: 2831	8 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1004 api2.branch.io — Cisco Umbrella Rank: 580	23 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	92 KB
3	nubank.com.br nubank.com.br — Cisco Umbrella Rank: 92426	154 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 767	21 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 465	7 KB
2	xg4ken.com services.xg4ken.com — Cisco Umbrella Rank: 18643 resources.xg4ken.com — Cisco Umbrella Rank: 5479	8 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41	20 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1241	631 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 644	395 B
1	t.co t.co — Cisco Umbrella Rank: 519	377 B
1	app.link app.link — Cisco Umbrella Rank: 1942	597 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 657	15 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1492	674 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1028	46 KB
87	25

	Domain	Requested by
24	dkh72tu1v1fbw.cloudfront.net	dkh72tu1v1fbw.cloudfront.net
5	ct.pinterest.com	dkh72tu1v1fbw.cloudfront.net s.pinimg.com
5	www.google.de	dkh72tu1v1fbw.cloudfront.net
4	analytics.tiktok.com	dkh72tu1v1fbw.cloudfront.net analytics.tiktok.com
4	www.googletagmanager.com	dkh72tu1v1fbw.cloudfront.net www.googletagmanager.com
3	www.google.com	dkh72tu1v1fbw.cloudfront.net
3	stats.g.doubleclick.net	www.googletagmanager.com dkh72tu1v1fbw.cloudfront.net
3	bat.bing.com	dkh72tu1v1fbw.cloudfront.net bat.bing.com
3	connect.facebook.net	dkh72tu1v1fbw.cloudfront.net connect.facebook.net
3	nubank.com.br	dkh72tu1v1fbw.cloudfront.net
2	api2.branch.io	dkh72tu1v1fbw.cloudfront.net
2	region1.analytics.google.com	www.googletagmanager.com
2	s.pinimg.com	dkh72tu1v1fbw.cloudfront.net s.pinimg.com
2	s.yimg.com	dkh72tu1v1fbw.cloudfront.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	tag.navdmp.com	dkh72tu1v1fbw.cloudfront.net tag.navdmp.com
2	www.google-analytics.com	www.googletagmanager.com dkh72tu1v1fbw.cloudfront.net
1	t.teads.tv	dkh72tu1v1fbw.cloudfront.net
1	cm.teads.tv	dkh72tu1v1fbw.cloudfront.net
1	resources.xg4ken.com	dkh72tu1v1fbw.cloudfront.net
1	cdn.navdmp.com	tag.navdmp.com
1	sp.analytics.yahoo.com	dkh72tu1v1fbw.cloudfront.net
1	www.facebook.com	dkh72tu1v1fbw.cloudfront.net
1	analytics.twitter.com	dkh72tu1v1fbw.cloudfront.net
1	t.co	dkh72tu1v1fbw.cloudfront.net
1	app.link	cdn.branch.io
1	usr.navdmp.com	tag.navdmp.com
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	dkh72tu1v1fbw.cloudfront.net
1	cdn.branch.io	dkh72tu1v1fbw.cloudfront.net
1	services.xg4ken.com	www.googletagmanager.com
1	polyfill.io	dkh72tu1v1fbw.cloudfront.net
1	www.googleoptimize.com	dkh72tu1v1fbw.cloudfront.net
87	33

This site contains links to these domains. Also see Links.

Domain
international.nubank.com.br
esgjourney.nubank.com.br
www.investidores.nu
blog.nubank.com.br
comunidade.nubank.com.br
investnews.com.br
nu.com.mx
nu.com.co
nu.com.ar
www.nuinternational.com
app.nubank.com.br
esg-journey.nuinternational.com
cdn.nubank.com.br
inclusao.pessoalize.com
link.nubank.com.br
www.linkedin.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
nubank.com.br Amazon	`2022-11-09` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-03-08`	2 months	crt.sh
*.branch.io Amazon	`2022-10-11` - `2023-11-09`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://dkh72tu1v1fbw.cloudfront.net/
Frame ID: A77CD077D03B2C6969308B1BECD98889
Requests: 87 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 19A91EE3E9908CEABBCFEEA7A836328E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nubank - Finalmente você no controle do seu dinheiro Login IconArrow RightInternal LinkInternal LinkInternal LinkInternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkExternal LinkInternal LinkInternal LinkInternal LinkApple Store IconGoogle Play IconLinkedInYoutube IconFacebookInstagram IconTwitter IconOpen widget

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

87
Requests

100 %
HTTPS

57 %
IPv6

25
Domains

33
Subdomains

31
IPs

6
Countries

1437 kB
Transfer

4203 kB
Size

24
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://international.nubank.com.br/pt-br/sobre/
Title: Sobre o Nu

Search URL Search Domain Scan URL

URL: https://international.nubank.com.br/pt-br/newsroom/
Title: Sala de imprensa

Search URL Search Domain Scan URL

URL: https://international.nubank.com.br/pt-br/carreiras/
Title: Carreiras

Search URL Search Domain Scan URL

URL: https://esgjourney.nubank.com.br/pt/
Title: Nu Impacto

Search URL Search Domain Scan URL

URL: https://www.investidores.nu/
Title: Investidores

Search URL Search Domain Scan URL

URL: https://blog.nubank.com.br/
Title: Blog

Search URL Search Domain Scan URL

URL: https://blog.nubank.com.br/assinar-newsletter/?utm_content=www_header-nlcta
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://comunidade.nubank.com.br/?utm_content=www_hero
Title: Comunidade

Search URL Search Domain Scan URL

URL: https://investnews.com.br/?utm_source=nubank.com.br&utm_medium=referral&utm_campaign=nu-visitors&utm_content=header
Title: InvestNews

Search URL Search Domain Scan URL

URL: https://nu.com.mx/
Title: México

Search URL Search Domain Scan URL

URL: https://nu.com.co/
Title: Colômbia

Search URL Search Domain Scan URL

URL: https://nu.com.ar/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www.nuinternational.com/
Title: Nu Internacional

Search URL Search Domain Scan URL

URL: https://app.nubank.com.br/
Title: LoginLogin Icon

Search URL Search Domain Scan URL

URL: https://blog.nubank.com.br/sos-nu/
Title: Conheça o SOS NuExternal Link

Search URL Search Domain Scan URL

URL: https://esg-journey.nuinternational.com/pt/
Title: Nu ImpactoExternal Link

Search URL Search Domain Scan URL

URL: https://investnews.com.br/?utm_source=nubank.com.br&utm_medium=referral&utm_campaign=nu-visitors&utm_content=footer
Title: InvestNewsExternal Link

Search URL Search Domain Scan URL

URL: https://blog.nubank.com.br/assinar-newsletter/?utm_content=www_footer-nlcta
Title: NewsletterExternal Link

Search URL Search Domain Scan URL

URL: https://cdn.nubank.com.br/convencao-entre-instituicoes-sistema-financeiro-nacional.pdf
Title: Convenção de boletos

Search URL Search Domain Scan URL

URL: https://inclusao.pessoalize.com/nubank?plutoId=61c4ca69ca877100196fdb12
Title: Canal de atendimento em libras

Search URL Search Domain Scan URL

URL: https://link.nubank.com.br/deferred-link-a
Title: Apple Store Icon

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/nubank
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/nubank
Title: Youtube Icon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nubank
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nubank/
Title: Instagram Icon

Search URL Search Domain Scan URL

URL: https://twitter.com/nubank
Title: Twitter Icon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dkh72tu1v1fbw.cloudfront.net/ 826 KB
237 KB 89ms
10ms Document
text/html 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

24cb57a1c4591d10351357555717c0b6239646ceccf822aa65226ffbcac0a0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65069
content-encoding: br
content-type: text/html
date: Mon, 13 Feb 2023 23:42:20 GMT
etag: W/"06076eef97e11f3707ff8edaff6411f1"
last-modified: Mon, 13 Feb 2023 23:18:09 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-id: sFzUfjd0HT-ZoA4GJa00iJ2JgdIRdsCCqvP-aFNGjahO0Sj6SxSLtg==
x-amz-cf-pop: FRA60-P3
x-amz-storage-class: REDUCED_REDUNDANCY
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 118 KB
46 KB 247ms
86ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NN8JCQ9

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b3382374a881f881b9abfbffdb4410697c12a428bb182a291d1d84920cd75a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 17:46:48 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
674 B 170ms
10ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es5,es6,es7,Intl,Intl.RelativeTimeFormat,Intl.PluralRules.~locale.pt,Intl.DateTimeFormat.~locale.pt,Intl.NumberFormat.~locale.pt,Intl.RelativeTimeFormat.~locale.pt,Intl.RelativeTimeFormat.~locale.en&flags=gated

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 17:46:48 GMT
age: 471372
detected-user-agent: Chrome/110.0.0
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=301, HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Wed, 08 Feb 2023 07:01:52 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/110.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1664201099-home-nubank.jpg
nubank.com.br/images-cms/ 63 KB
63 KB 102ms
9ms Image
image/webp 52.222.139.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nubank.com.br/images-cms/1664201099-home-nubank.jpg?w=1152&dpr=1&auto=compress&fm=webp
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-92.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3752de5f5aac579298d563afc26f9bf3b32ee3ea27d0ba23d74a66016abdc54f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 00:55:22 GMT
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront), 1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7, AMS50-C1
age: 147086
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 64114
x-amz-cf-id: 6KGojrcXNEJOd2BfI7Tg8TGCSZ1dUcaCUmrSuooxRPvv8gZHtDyOHw==

GET
H2 200 webpack-172f8a8f24da2bb8d8c9.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 3 KB
2 KB 14ms
13ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/webpack-172f8a8f24da2bb8d8c9.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f65fc15054f43d5ab7d368d38374a8b2b300dc6399a9d8fbc63ed3fcc7d92879

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66421
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:40 GMT
server: AmazonS3
etag: W/"81bcf3ab0570636c251d435697136cf3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Im8Mpx3rIiAgjNPzPUJYpcmGXruQMIe6UEarWh1MU7qbtl4PiFaRsw==

GET
H2 200 framework.53ef11ff3b8561279010.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 129 KB
42 KB 14ms
14ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/framework.53ef11ff3b8561279010.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c18143462c4eaf7fcc2740591a8175188e699e10618742467d66d64c107ad3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66420
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:37 GMT
server: AmazonS3
etag: W/"f729a69c7e85c9f16295b819c568d7c4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: v_TOW_litdjJiccdx01eXjphGYNyQ0XikL5I8HMr6Knxo0YLQ_joag==

GET
H2 200 commons.df05bb043dbfd84e41c0.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 153 KB
45 KB 29ms
18ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/commons.df05bb043dbfd84e41c0.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b8a88105e726cd50a5b3164a1ac13e6041800aa5efe21a045c2d6d1019c5594e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"2427848cf2cfe991aae4e7c52cf8c6dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 1PTHhO0tc6eM076Ktbx7GQwsiiUCmZYB6CVmBvTbAnAL3EfChogivg==

GET
H2 200 ca53d3ef89244e8d9b5f20960791b5366056f169.e24f6f3494e40002abb8.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 43 KB
14 KB 30ms
18ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ca53d3ef89244e8d9b5f20960791b5366056f169.e24f6f3494e40002abb8.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

607a8b36951a7783594c984016eb7c05a6bc51b10b81229d98e4f07cc63eb482

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66360
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"7a891528c3d50527ac7a50239380ecbf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 2Q24dCLi0xDWRZU6-FT9OAPTSF4-QU6VDdomfLZdZofMlgSGUUEr-A==

GET
H2 200 main-6e60cc4189302c474883.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 26 KB
9 KB 31ms
20ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/main-6e60cc4189302c474883.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a6e1b78358796d17c3050b2ab413fc56a90eac73d8629f35115e5fcebbf44823

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66360
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:37 GMT
server: AmazonS3
etag: W/"993491945208af0f652c46a938332a3d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: YUqamugL3qsItTbHsdHPiCoKZa1H0EzYiMRpzQkNZhbFYP-ZzWAcGA==

GET
H2 200 f7fac692648d82d285f8b696044d33fe41d8a01f.55ee5593d6c62fb9a0d1.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 190 KB
38 KB 35ms
23ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/f7fac692648d82d285f8b696044d33fe41d8a01f.55ee5593d6c62fb9a0d1.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

267d96e10140182099b5acc5cae5bc374d07ecfd946828f44f541feb2fe66fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66419
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"77f452a40e084ede11db617d4fc3554e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 3X6a7cBDK4hERv7pmsSUMO3Z3TdDt_Z42vwwq_yDM-UIc6e9dCfbCg==

GET
H2 200 a62130ed092218176bbdc5498fa6696ef6a0fd93.83dee15105a2a0f167f9.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 138 KB
29 KB 37ms
25ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/a62130ed092218176bbdc5498fa6696ef6a0fd93.83dee15105a2a0f167f9.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cf7eb25d0f4133847ce4b4edfd24c94e2e7ab2178e84c4aa88e8792d1d7c83d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"6a5cd4b9ae4fb0ffb371ad528e7c0e8b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: BmNvP_qg-dA4VQ91HRKfQ2War7WimwRNhy3y8-c56UGAWeN6O5z_QA==

GET
H2 200 8d6727c675f2de55dd3b379f314a516a8c26f11a.73af97b88e9327649d3b.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 31 KB
9 KB 47ms
35ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/8d6727c675f2de55dd3b379f314a516a8c26f11a.73af97b88e9327649d3b.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6efc70bc347a33fefaf7305e770fa3219f2fb1fe596ea8f28b31d5e8381d5ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66360
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"69ce62aaca94a86be1ec4b9536bb1735"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: YZgpNguvI5cjXcBkLPR61mCHzpJZqPG7SxZg5IRSmoG9rBkpXolqBQ==

GET
H2 200 _app-675f76a27f50a9926502.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/ 116 KB
35 KB 72ms
61ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

81c08b54dff5e735737074a01cb221469e6e43efc367d39b470f3ebe6d3fca0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:37 GMT
server: AmazonS3
etag: W/"8de2bd74e55903448a5715df25dc82a0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 2LhTFoePCaHSZRrNZSbCS4V10znM4nPzKV-kRR-DPnFsInJMuItLUg==

GET
H2 200 81ddfca3819bdf84f2db6cfbf19c0a05bf1ba6e3.8b11d2c2bf5bf36888dd.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 31 KB
10 KB 67ms
56ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/81ddfca3819bdf84f2db6cfbf19c0a05bf1ba6e3.8b11d2c2bf5bf36888dd.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

18492ed90edb27574f424d790f3f9ed57b71ca7ff78ea35f02185d8fdf091501

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66360
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"519b8a0fbc2fe25333880fec608119dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: UAtpL32WwIYTFOV5qn9-yhEEjBiv2AVf3GbujmCkckOb36NwwBz3BA==

GET
H2 200 bde0b587f9c96f3d84e6c296eecbc47c003f2a57.fd9057f7bc1479f3d5c1.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 126 KB
40 KB 75ms
65ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/bde0b587f9c96f3d84e6c296eecbc47c003f2a57.fd9057f7bc1479f3d5c1.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3e9f92bde02820a68b48483708337e5fcd25c1c2ad13b30c5e4dfa258a51ee39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66419
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"f4c5fd207cbf9e21984693a335b9d5b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 4H-u3CLQz1QqMU8mkKEr6iABRDMLV5J61vxneklmvFFJgfv4zfoWMg==

GET
H2 200 022c014d02d6e1cb6d01d9014316597dfd2c2759.13d24b115c1bd2f91424.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 57 KB
18 KB 74ms
63ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/022c014d02d6e1cb6d01d9014316597dfd2c2759.13d24b115c1bd2f91424.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6d72ab2649c6eb12d03ffbc80dc90a736a4ac6d659e5d176e8a504b2e892477b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66360
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: W/"f45323a4753be04b65b7cfddd3940f7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 3nX_UrHQ_keDSCMkQgH_UdO6_DCmtLM0OfpnsvgFpYOoh1pUvU_DRg==

GET
H2 200 f2e910d9d45b226544c41253711aedfc0f4e96e5.1a1c4dacf8117404d65a.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 13 KB
4 KB 78ms
68ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/f2e910d9d45b226544c41253711aedfc0f4e96e5.1a1c4dacf8117404d65a.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8c6f79051545dbac66a67d5daa13979ddca2b884d744ee8143ca30de07282180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"b46a5453993f34c32e373120e3445ece"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: ZUFRmhyBdofGNG24qFXCMGfXbfrKUz0ADFS2A6zm5djDMw2oFsjFqA==

GET
H2 200 0a8c2bfb833b1a6820bf9cec2918cc75e610da80.e1f53379f6a0a7938709.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 15 KB
5 KB 79ms
69ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/0a8c2bfb833b1a6820bf9cec2918cc75e610da80.e1f53379f6a0a7938709.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1bd92779407a948d1afaf610c4ed6cad2cc8541e0076223622a2ca197cd72abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:34 GMT
server: AmazonS3
etag: W/"f554dd70f0cff4f722e41662e94cfa7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Elt1koydMNCL0qst5rByhKRExjd6RzIEkkg4goxpgAElTJPWdbgNbA==

GET
H2 200 f81b72d2270f6baf5ae5310af5e8c4d145ca2e63.5a6025373537d0144af7.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 33 KB
10 KB 80ms
70ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/f81b72d2270f6baf5ae5310af5e8c4d145ca2e63.5a6025373537d0144af7.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5865fa735793848e7bf04c9e6fb7c415fef9f53e06a54ad9692d5cc4d57623c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66417
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:36 GMT
server: AmazonS3
etag: W/"95e7ea688428f8c3927248dab903f59a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 3tcrGMNfYxmKjGhUNxZXp6TL83W7rI1RuzFzlN__pYQPFRkHSh_qCw==

GET
H2 200 18ca3fdd7cb1c27bc4c536efcb8490f7dfeb870b.fb40fbd1f8608fc2b60c.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 10 KB
4 KB 75ms
66ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/18ca3fdd7cb1c27bc4c536efcb8490f7dfeb870b.fb40fbd1f8608fc2b60c.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2271cc49829324db8711862adbde6822f51b384c86ab95d734693e69a32a16ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:20:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66359
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: W/"d9e91f5c8e9422f4fa1cdd8391d6190a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: aQwQtqPiTB-Fcv4ZrRyJArxgmYRrzJ_UEumECjgKzaWlV7EhSsczww==

GET
H2 200 index-6aae87a475da5420071d.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/ 31 KB
7 KB 76ms
67ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/index-6aae87a475da5420071d.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e4e9683e480cc988e0eb602beeeeec174828931732fac8cd814d3bec749fff07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:49:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 64642
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:39 GMT
server: AmazonS3
etag: W/"c3453b55702028e67ed5c3ef653a75c8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: H5f8qCAfG4iQ61_uM8JKpvaFhCBQBpZ_ulV0W3efriWrFvDKN1q4ag==

GET
H2 200 _buildManifest.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/ZlzQlcqM0L4N7Q-g8WlLU/ 13 KB
4 KB 76ms
67ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/ZlzQlcqM0L4N7Q-g8WlLU/_buildManifest.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c384861e692f069f2c0a54ad8a291c7db9063addd6b741f982f530c6ded7917

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66417
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: W/"abdb857ada5f95df2fb3adfcb73a60f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: o_T2dxc4K3VoLW-P4-zl27E7XAWIvkFHGX1DH-gp8DaKFzkkJsIeiA==

GET
H2 200 _ssgManifest.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/ZlzQlcqM0L4N7Q-g8WlLU/ 76 B
597 B 76ms
67ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/ZlzQlcqM0L4N7Q-g8WlLU/_ssgManifest.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66417
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 76
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: "abee47769bf307639ace4945f9cfd4ff"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: 5fdv4sKpFFWNZC9WHF5wzOiraTrjilYK7NJkas8dLuBZ7evGlgK62w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
58 KB 217ms
88ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8142e411c699d5108968599c585fccc2ae83526203471d1de6c1acb3067d5d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59407
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 17:46:48 GMT

GET
H2 200 Graphik-Regular.woff2
dkh72tu1v1fbw.cloudfront.net/fonts/Graphik/variants/ 36 KB
36 KB 62ms
54ms Font
binary/octet-stream 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/fonts/Graphik/variants/Graphik-Regular.woff2

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

716779bf1043b9c5e0501cc0cf20e38cda2f865344add4428da2483fdd4c2ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dkh72tu1v1fbw.cloudfront.net/
Origin: https://dkh72tu1v1fbw.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 66420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36561
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 21:30:04 GMT
server: AmazonS3
etag: "7083e156838ef585f3599390ac4941a5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-amz-cf-id: PQYQIeOJrUyHtCEDGBqaM_YFg8ecvnGL03zN60AgqIHIUoIgUdn2zQ==

GET
H2 200 Graphik-Medium.woff2
dkh72tu1v1fbw.cloudfront.net/fonts/Graphik/variants/ 35 KB
35 KB 66ms
58ms Font
binary/octet-stream 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/fonts/Graphik/variants/Graphik-Medium.woff2

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4118254c269b124324e7d2c1ac22a2805c73c3d31a80a08300ee6de735d03a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dkh72tu1v1fbw.cloudfront.net/
Origin: https://dkh72tu1v1fbw.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:19:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 66420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35489
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 21:30:04 GMT
server: AmazonS3
etag: "30b49d4fd4df989453ca2367a4f2cd28"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-amz-cf-id: ghldkR4wjjqScbpUN41sZnWRWlc9SFVHMa4sfmK9q56yY99SfxSPWA==

GET
H2 200 1663260205-replace-roxinho-desk.jpg
nubank.com.br/images-cms/ 43 KB
44 KB 21ms
18ms Image
image/webp 52.222.139.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nubank.com.br/images-cms/1663260205-replace-roxinho-desk.jpg?w=1152&dpr=1&auto=compress&fm=webp
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-92.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 68429fb7627bef70b795b9a8dddc887b2c67504f8485d3e33e1e6a596abdf9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 01:27:30 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront), 1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7, AMS50-C1
age: 145158
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 44192
x-amz-cf-id: W8gqsFPYHrehgRPkJjuEEJDSEQrZOaDH3w00EndGUJp4tmgZhlafCg==

GET
H2 200 1663260349-uvdesk.jpg
nubank.com.br/images-cms/ 47 KB
48 KB 22ms
18ms Image
image/webp 52.222.139.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nubank.com.br/images-cms/1663260349-uvdesk.jpg?w=1152&dpr=1&auto=compress&fm=webp
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-92.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 84cff7d0e9574cfad874dbb222bcc0aab201ec4f884ff01478e50a49de04658a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 01:27:30 GMT
via: 1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront), 1.1 e286b474b1ba30ed08f54fc007fcfa08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7, AMS50-C1
age: 145158
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 48584
x-amz-cf-id: JMGA3Z12QKGaJDGhGErCyjOVTkHpMqJ5sLjgfm1PLgR14S9aolevgg==

GET
H2 200 116.29b997940ab951229971.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 6 KB
3 KB 17ms
16ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/116.29b997940ab951229971.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/webpack-172f8a8f24da2bb8d8c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

315d12592c4ced1bad47208f848b54821178efc8112fd9ed7f90d1158728e0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 23:26:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 66004
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: W/"554a3fa33a30c7b55c46b21b81686aaf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: G62XqawXdAmVgw65TiXAolkBEcxZ5wP-HDPSVKUByMyo6wxRIdhMNg==

GET
H2 200 118.764bbf5ee03742d42c85.js Show response
dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/ 4 KB
2 KB 13ms
13ms Script
application/javascript 13.32.99.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/118.764bbf5ee03742d42c85.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/webpack-172f8a8f24da2bb8d8c9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-11.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dcb7f25c2e925aa9366b43a5e5541b9bf46980c0ba3c39332479d534784481d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dkh72tu1v1fbw.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 11:29:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 22666
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Feb 2023 23:17:35 GMT
server: AmazonS3
etag: W/"a92c61e32f963221094dbedb1a3195ba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: TU4M95CVvvzdHLUbc7NEHW4I_zUsNkH4FO6Gr8XGEN08xO9nKYxkQg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 17:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2083
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 19:12:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
58 KB 79ms
78ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11710c8c1f57525e3a343c3eae9606d027629117143b2faa8eae50f063b410ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59257
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 17:09:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 17:46:49 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 54ms
18ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 2531
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7997a0191f74902e-FRA
expires: Tue, 14 Feb 2023 18:04:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
78 KB 84ms
83ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9e38e26a5bc03965f8926dea1383db1e0a56dc608a3a1fa703f7eec684e6e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79991
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 17:46:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
81 KB 142ms
142ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LQFLJDQXD9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

227c4acec9b1f76b521d62a8195ab0eec707d58397ec2817ff677c0f3f80bab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 17:46:49 GMT

GET
H2 200 53215 Show response
tag.navdmp.com/u/ 783 B
638 B 143ms
143ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/53215
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae210c00ab59b27f51eb4287087bc6fb877083ffd9a758c33a36a0149eb9d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:44:57 GMT
server: cloudflare
etag: W/"6137b329-30f"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7997a0193fa7902e-FRA
expires: Tue, 14 Feb 2023 18:46:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/948317731/ 2 KB
1 KB 200ms
75ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/948317731/?random=1676396809255&cv=11&fst=1676396809255&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&auid=261111916.1676396809&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe9781246d6b1c3f65f2b0cb28763207a608df96246ee6cf5e7b983a488625a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 905
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963026780/ 2 KB
1 KB 230ms
107ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963026780/?random=1676396809260&cv=11&fst=1676396809260&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&auid=261111916.1676396809&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e6618f7888d01fadfaf7d0b969731141d3238f2427d898f2a2ebba64dfdef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 905
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 17:46:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jO9yfFA70VSE4IknT9AdL6cIN+EqdT/0grKZMpzVoV2ClbQFzNyghA3VpQvaSnxmwv4v+VmOzyZdvIzXLECwqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 kenshoo.js Show response
services.xg4ken.com/js/ 10 KB
4 KB 588ms
34ms Script
application/javascript 54.194.102.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.xg4ken.com/js/kenshoo.js?cid=51452f4a-f483-4da2-8cc6-60b2cc17008c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.102.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-102-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 40ba3923b361aaaa47c0433febabc48c6521a57f721b34e81b1acc2ccc4cdcdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 17:42:16 GMT
x-debug-kenshoo-server: ip-10-174-90-182
etag: "0d226e816e7e41d61a5baf75450881b6--gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 99ms
32ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:05:16 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: EM3XGP4585TA8HQ0
age: 2494
x-amz-server-side-encryption: AES256
x-amz-id-2: qqRH/BVb8nS0Lv6QJtT36PXZW45Qqvjh5pBOe/7X3mz0FqFvEtcLX1IbvAUQci0IcbqaBj5/AOM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 59ms
9ms Script
text/javascript 108.138.17.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-45.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
content-encoding: gzip
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
date: Tue, 14 Feb 2023 17:43:02 GMT
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 228
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22048
x-amz-cf-id: 4HXpR3zTkstF9xSuXTlXG0jsX3d7_FLNozk__1_WS9pXJ58KySptKQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 109ms
17ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6383-VIE

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 286ms
166ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1Q5MVUHLSU5AAHCLG10&lib=ttq
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 29f3b7a844af8a8ea38e3c8a4b5a832b2bd75ba42c8616998b2ea5995f4cb0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-akamai-request-id: 2cf3f3ad
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=6, origin; dur=128
content-length: 1136
pragma: no-cache
server: nginx
x-tt-logid: 20230214174649D670871B984F64612A2F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 129,2.23.97.118
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a114ea2e28cbc91c2b2207c8b8ba7d7f662fe129d6b63cb0bd5920d08efb12090b73303b2598461081d76ec1439ff84dc7bd8f11cc78d9df53d2d9225d43ad295ea7df25a5326594b74e1122998678091
expires: Tue, 14 Feb 2023 17:46:49 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 62ms
19ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
x-cdn: fastly
etag: "20dcf873ff1608d745dceb84d6857da6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 1146

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 144ms
18ms Script
application/javascript 23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2JHZMB&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 76adf5f10e53555bc8ab50608288f34c088abae18ea0d1c5a2f9c48d6cfaf075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Tue, 14 Feb 2023 17:46:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 13:03:00 GMT
Server: AmazonS3
x-amz-request-id: NN56WFBAY4ZVANKV
ETag: "52a95d12f789e4537934e239a8adddcb"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=314
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6419
x-amz-id-2: 4wnRW7Iz3ghf3DWydtNrtqdYgCi3rvahfRs0zbJ3uYfcb70MMHwTWJtCKIk2u+ICift1cXfmvcE=

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 78ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 14 Feb 2023 17:46:48 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B0F2BE4AED3492E8E53A852F3D1ECA8 Ref B: FRAEDGE2020 Ref C: 2023-02-14T17:46:49Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

POST
H2 204 collect
region1.analytics.google.com/g/ 0
263 B 67ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZL76F6HX1P&gtm=45je32d0&_p=2021127666&_gaz=1&cid=1980578415.1676396809&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676396809&sct=1&seg=0&dl=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&dt=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
263 B 70ms
21ms Ping
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZL76F6HX1P&cid=1980578415.1676396809&gtm=45je32d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZL76F6HX1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 212ms
86ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZL76F6HX1P&cid=1980578415.1676396809&gtm=45je32d0&aip=1&z=1214656396

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LQFLJDQXD9&gtm=45je32d0&_p=2021127666&_gaz=1&cid=1980578415.1676396809&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676396809&sct=1&seg=0&dl=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&dt=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&en=page_view&_fv=1&_ss=2&ep.is_adblock_enabled=false&ep.website_version=5a006c4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQFLJDQXD9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 19ms
19ms Ping
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQFLJDQXD9&cid=1980578415.1676396809&gtm=45je32d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQFLJDQXD9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 184ms
84ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQFLJDQXD9&cid=1980578415.1676396809&gtm=45je32d0&aip=1&z=473896514

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
18ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-54526048-9&cid=1980578415.1676396809&jid=2052607726&gjid=546161303&_gid=521969214.1676396809&_u=YCDAgEABAAAAAEAAI~&z=1927370832

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 17:46:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 58ms
57ms Image
image/gif 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2021127666&t=pageview&_s=1&dl=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=2052607726&gjid=546161303&cid=1980578415.1676396809&tid=UA-54526048-9&_gid=521969214.1676396809&gtm=45He32d0n71KGFBFP&cd6=0&cd7=www&cd9=&cd11=5a006c4&z=2026721361

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 14:06:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13217
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 53 B
244 B 174ms
148ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=53215&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf26b8692fc1eb73feb7d360e833eba76b05107b034635473c28e9fbfb60d698

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7997a01b19aa902e-FRA
expires: Tue, 14 Feb 2023 18:46:49 GMT

GET
H2 200 1438448073136396 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 62ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1438448073136396?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b50203e296734829f7f550d3533862862c2611053693e728a05d88295e722a24

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 17:46:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bT8Ut8VxiXf3HuYGGigggdmFPZcz0w7D64lSU/5Ahoow1t6om7Wp9dPguiPMZ3wCEYKR96IhbYUkclXHD5KlDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.57992c41.js Show response
s.pinimg.com/ct/lib/ 56 KB
19 KB 29ms
28ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
x-cdn: fastly
etag: "a2989b2a8a5c2cde42b6a5ab4aadbe8c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 19688

GET
H2 200 _r Show response
app.link/ 91 B
597 B 211ms
164ms Script
text/javascript 2600:9000:2057:d200:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.71.0&branch_key=key_live_imKCPsW6WgTDmeZ9wqpK4hdlFqb0Dbcm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:d200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

baf940343bf1ee3d731c4821c088d8f8824ba583e700556de2a062931ba84377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-qnVuRRfGxHzRrVgaKTkc60v4nus"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: txSZRsbJ2VOO63hhZYMhJReUib8wmaeJM1GEv4Y5pSBNYXcF8gshSQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 205ms
82ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54526048-9&cid=1980578415.1676396809&jid=2052607726&_u=YCDAgEABAAAAAEAAI~&z=1155623981

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 125ms
84ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-54526048-9&cid=1980578415.1676396809&jid=2052607726&_u=YCDAgEABAAAAAEAAI~&z=1155623981

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10074207.json Show response
s.yimg.com/wi/config/ 46 B
682 B 97ms
32ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10074207.json

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e4beb03fc1729ebd935a1e8c5fc2789434e9d2d3189875ca79cc73353a5a9bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 11:29:03 GMT
x-amz-version-id: errl8igOJl.kYF2HTqV1pyeh63IP7vJY
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 6AERE3AWTK0SH1FQ
age: 22668
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: EAzPC+HGaXMX84KYGuJbCkxGh25pa9hKrwtD+kdbh3xp6+zeodwSH+E/5GgznL9jGeERG8U9EAM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 18 Nov 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 13 Oct 2022 22:00:32 GMT
server: ATS
etag: "456a0ca85eb46743641580b9fac322f8"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 adsct
t.co/i/ 43 B
377 B 242ms
116ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e94d60d6-6568-4467-b715-c6b2a501b3aa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5410cdb3-870f-4793-ab9a-75ab2ae891a5&tw_document_href=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4inn&type=javascript&version=2.3.29

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 40f8245250f39b19
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 71e168ee7f76d6cd49475e3b3dfc998d3dee84d58a383eb3c2fa3881fe59ecd0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 323ms
115ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e94d60d6-6568-4467-b715-c6b2a501b3aa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5410cdb3-870f-4793-ab9a-75ab2ae891a5&tw_document_href=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4inn&type=javascript&version=2.3.29

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8680dbb03a77767b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 852269417cc5f7671a85629cc69b9288a03efcb64552733f47a86e9eda1fe4cf
content-length: 43

GET
H2 204 52003682.js Show response
bat.bing.com/p/action/ 0
117 B 109ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52003682.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 14 Feb 2023 17:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 897C29FD2A3348939FF535F3F48EE2AD Ref B: FRAEDGE2020 Ref C: 2023-02-14T17:46:49Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52003682&Ver=2&mid=ffc1397e-f33c-4c5d-9400-787df402e1bd&sid=8ed44ae0ac8f11ed81df8d3e35ee49da&vid=8ed47260ac8f11ed9bd771de34f32f8b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&p=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&r=&lt=620&evt=pageLoad&sv=1&rn=186844

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Feb 2023 17:46:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33BD53B90C5D489396BB1FEFEB63CBE6 Ref B: FRAEDGE2020 Ref C: 2023-02-14T17:46:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/948317731/ 42 B
455 B 98ms
77ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/948317731/?random=1676396809255&cv=11&fst=1676394000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&fmt=3&is_vtc=1&random=986208225&rmt_tld=0&ipr=y

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/948317731/ 42 B
455 B 77ms
77ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/948317731/?random=1676396809255&cv=11&fst=1676394000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&fmt=3&is_vtc=1&random=986208225&rmt_tld=1&ipr=y

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963026780/ 42 B
108 B 76ms
76ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963026780/?random=1676396809260&cv=11&fst=1676394000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&fmt=3&is_vtc=1&random=3959820797&rmt_tld=0&ipr=y

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963026780/ 42 B
108 B 84ms
77ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963026780/?random=1676396809260&cv=11&fst=1676394000000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&tiba=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&fmt=3&is_vtc=1&random=3959820797&rmt_tld=1&ipr=y

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
871 B 210ms
70ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613819446648&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1676396809513&dep=2%2CPAGE_LOAD

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.3f17655f.1676396809.eea138b5
x-envoy-upstream-service-time: 4
content-length: 380
x-pinterest-rid: 4856175903400121
pin-unauth: dWlkPU1tUXhOREZpWldRdE5EazNaaTAwWm1aaExUazFObUV0WW1ZMVptWTJZVFE1WVdJNQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
872 B 206ms
67ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22line_items%22%3A%5B%7B%22product_id%22%3A%221414%22%7D%5D%7D&tid=2613819446648&cb=1676396809515&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.3f17655f.1676396809.eea138b6
x-envoy-upstream-service-time: 2
content-length: 380
x-pinterest-rid: 5811552054203531
pin-unauth: dWlkPU5HTTRZMkpqTURjdE9EUTRaQzAwTXpRMExXSmtObUV0TjJNM1lUUXhaR0prT0RoaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dkh72tu1v1fbw.cloudfront.net
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 136ms
68ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613819446648&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1676396809515

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3f17655f.1676396809.eea138b7
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 3559620029508127
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 17:46:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tDdTz5yuClAp+AJ5oE1wdeqSFmEPcNdR6wleZZOQqk55A6nGN/5Ohpv/FVpyHYXDOJks/TjQjf7ag3kTYz6vIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 40ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1438448073136396&ev=PageView&dl=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&rl=&if=false&ts=1676396809569&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.2.1676396809568.1542397485&it=1676396809449&coo=false&rqm=GET

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 17:46:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 128ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2014%20Feb%202023%2017%3A46%3A49%20GMT&n=0&b=Nubank%20-%20Finalmente%20voc%C3%AA%20no%20controle%20do%20seu%20dinheiro&.yp=10074207&f=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 14 Feb 2023 17:46:49 GMT

GET
H2 200 main.MTUwODYwN2I3MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 237 KB
65 KB 108ms
107ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1Q5MVUHLSU5AAHCLG10&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b63d7c43397848d7330f2a1a94e5d15b9733a548e7e3560f048ccb7e6f368dce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-akamai-request-id: 2cf3f5d9
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202302141410381F723D9D7606082BE1D0
vary: Accept-Encoding
x-cache: TCP_HIT from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01443583a87301fd6a0fe9ae5a5250c03df8db465d4fef1c6b9bd29759692ae9c408cf724e3481967d57bc72292b4356e383374a96b25e2020f4ba083bdf21be2686c31ee4117aeb04ce6f367bd253fb80187812bbcaae586073b19db9e2001bcb
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=10
content-length: 66092

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
99 B 456ms
441ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=123c59079d10264111509190cf10%7C0&acc=53215&tit=Nubank%2520-%2520Finalmente%2520voc%25EA%2520no%2520controle%2520do%2520seu%2520dinheiro&url=https%253A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&upd=1&new=1&h1=O%2520futuro%2520%25E9%2520a%2520raz%25E3o%2520que%2520a%2520gente%2520faz%2520planos.
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7997a01c2ac5902e-FRA
content-length: 6
content-type: application/x-javascript

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 open Show response
api2.branch.io/v1/ 319 B
643 B 345ms
313ms XHR
application/json 2600:9000:223d:9c00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:9c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5075c7d570d1fce3d2ed895ae806366fb9c4f53fe537ca16ec258f0a714f55fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Feb 2023 17:46:49 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 319
x-amz-cf-id: jtblgn--Bqsi6BGksD9mh3f2xiLSuqqQ3-LRsfgHesFLDjZ33TcE-A==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 59ms
58ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22line_items%22%3A%5B%7B%22product_id%22%3A%221414%22%7D%5D%7D&tid=2613819446648&cb=1676396809735&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 17:46:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3f17655f.1676396809.eea13b5b
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1729719358365263
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_b415b.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 36ms
35ms Script
application/javascript 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_b415b.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-akamai-request-id: 2cf3f76f
date: Tue, 14 Feb 2023 17:46:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230214141040117D56ECAC95964A6D3D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011557f8ab42bedf06d1720c6382a39b4982aad2a519eb1384c77c669130a434adf7dc32869f9cb812fe6964b2698c1f2dd476d030252d96ddc8d70bea86b0e15c93c70e4c6295dccc4b090611e941a1351dee3201d9a4948ddb8223bb8ea95069
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30838

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
691 B 149ms
148ms Ping
text/plain 2.23.97.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTUwODYwN2I3MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-122.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 49ccd2de.2cf3f81c
date: Tue, 14 Feb 2023 17:46:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 116,2.23.97.118
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230214174649F44D90897286A73734B7
x-cache-remote: TCP_MISS from a23-217-116-247.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.217.116.247
x-tt-trace-host: 012c530cc559a25398cf1de3a2d6225d4a6fe1e7c4d8e222aeca517f57d61d1b3aa648601516d3fe7a34864bf8d64c254cb2b8672143d2505051e8aecbbad777c9176148e2d94f2f4e947a356c8c3e62c2d8eff47ab1fe0491f22076eeba27803cfd6ba6db3178f79789316704493f9544
expires: Tue, 14 Feb 2023 17:46:50 GMT

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 9 KB
4 KB 561ms
30ms Script
application/javascript 34.252.185.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N34AB-3EA

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.185.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-185-153.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 17:46:50 GMT
content-encoding: gzip
last-modified: Mon, 14 Nov 2022 12:23:07 GMT
server: nginx
etag: "6372332b-dd8"
content-type: application/javascript
cache-control: max-age=86400, public
content-length: 3544
x-xss-protection: 1; mode=block
expires: Wed, 15 Feb 2023 17:46:50 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 151 B
880 B 107ms
54ms Fetch
application/json 23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&buyer_pixel_id=3897
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7605aac42cd8f9e5b20dc9b7d0fb714257696ff298c66667004f1b45cd2aedd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Feb 2023 17:46:50 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://dkh72tu1v1fbw.cloudfront.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 151
Expires: Tue, 14 Feb 2023 17:46:50 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 243ms
68ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&buyer_pixel_id=3897&referer=https%3A%2F%2Fdkh72tu1v1fbw.cloudfront.net%2F&user_session_id=7abfb547-f80f-496e-8fc1-5d6352491285
Requested by: Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 14 Feb 2023 17:46:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
433 B 171ms
171ms XHR
application/json 2600:9000:223d:9c00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: dkh72tu1v1fbw.cloudfront.net
URL: https://dkh72tu1v1fbw.cloudfront.net/_next/static/chunks/pages/_app-675f76a27f50a9926502.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:9c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Feb 2023 17:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f556588cc6014c02b6f57966b92d9415-2023021417
content-length: 29
x-amz-cf-id: aVlHK8lPduWRFsMnlvLqWNlmEWF11buuWkloFSM1At54h9c0yp3Wsw==

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 19A9 565 B
591 B 86ms
86ms Document
text/html 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.3f17655f.1676396810.eea157af
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 17:46:50 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 5212697876320351

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nubank (Banking)

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 11:49:32	Name: _gcl_au Value: 1.1.261111916.1676396809
.navdmp.com/	1970-01-20 18:25:53	Name: ac3 Value: 1
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:15:56	Name: _ga_ZL76F6HX1P Value: GS1.1.1676396809.1.0.1676396809.60.0.0
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:15:56	Name: _ga_LQFLJDQXD9 Value: GS1.1.1676396809.1.0.1676396809.60.0.0
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:15:56	Name: _ga Value: GA1.3.1980578415.1676396809
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 09:41:23	Name: _gid Value: GA1.3.521969214.1676396809
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 09:39:56	Name: _dc_gtm_UA-54526048-9 Value: 1
.doubleclick.net/	1970-01-20 09:39:57	Name: test_cookie Value: CheckForPermission
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 09:41:23	Name: _uetsid Value: 8ed44ae0ac8f11ed81df8d3e35ee49da
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:01:32	Name: _uetvid Value: 8ed47260ac8f11ed9bd771de34f32f8b
.bing.com/	1970-01-20 19:01:32	Name: MUID Value: 05447DF69A1B67CE36FE6F4E9BC966FF
.tiktok.com/	1970-01-20 19:01:32	Name: _ttp Value: 2LjuS57H5ltp5MeD6elwSXZNdnF
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 11:49:32	Name: _fbp Value: fb.2.1676396809568.1542397485
.navdmp.com/	1970-01-20 19:15:56	Name: nid Value: 123c59079d05894201d2cbe7f910\|0\|74
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 18:25:32	Name: nvg53215 Value: 123c59079d10264111509190cf10\|0_46
.app.link/	1970-01-20 18:25:32	Name: _s Value: 5ky97JSzHlOciHAydEYv%2BernQVglVqILvho%2BCx0q9%2BJGo6VcCAaHfb%2FqlAH2x%2Fwd
.yahoo.com/	1970-01-20 18:25:54	Name: A3 Value: d=AQABBAnJ62MCEMQ14C0W6c54n6qr0RrO2oYFEgEBAQEa7WP1YwAAAAAA_eMAAA&S=AQAAAsz6nS7b4Qr4euFxR3i_2Yg
.t.co/	1970-01-20 19:15:56	Name: muc_ads Value: 9c95efe2-58ce-4cc6-b4e8-be50cca02e11
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 18:25:32	Name: _pin_unauth Value: dWlkPU1tUXhOREZpWldRdE5EazNaaTAwWm1aaExUazFObUV0WW1ZMVptWTJZVFE1WVdJNQ
.ct.pinterest.com/	1970-01-20 18:25:32	Name: _pinterest_ct_ua Value: "TWc9PSZMQ2Rjajg3VFlWU25tbUdlY1JmZTNRb3lCdnRzRkoyVG10NFMxNDBpNTN0U1VJV3VqeW85UXlqRXR4OW9VdGVIRmxpTS9lWjZEQ21hNHBjbXptRXp2U1hHSFM2SVcwZEpLQWlPRHVaVnRGWT0mRDdsajNqemVGaHVkMTVqK1REOEtZNWw4bmlVPQ=="
.twitter.com/	1970-01-20 19:15:56	Name: personalization_id Value: "v1_vxxlyb4agDL/W6WsdIR7VA=="
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:01:32	Name: _tt_enable_cookie Value: 1
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 19:01:32	Name: _ttp Value: JPmmSPEPXjp4qduooeNCdKZ2cXc
.dkh72tu1v1fbw.cloudfront.net/	1970-01-20 09:39:58	Name: tfpsi Value: 7abfb547-f80f-496e-8fc1-5d6352491285

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analytics.twitter.com
api2.branch.io
app.link
bat.bing.com
cdn.branch.io
cdn.navdmp.com
cm.teads.tv
connect.facebook.net
ct.pinterest.com
dkh72tu1v1fbw.cloudfront.net
googleads.g.doubleclick.net
nubank.com.br
p.teads.tv
polyfill.io
region1.analytics.google.com
resources.xg4ken.com
s.pinimg.com
s.yimg.com
services.xg4ken.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.teads.tv
tag.navdmp.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
104.244.42.195
104.244.42.197
108.138.17.45
13.32.99.11
199.232.16.157
2.23.97.122
2001:4860:4802:34::36
212.82.100.181
23.203.125.36
23.35.209.30
23.62.220.203
2600:9000:2057:d200:19:9934:6a80:93a1
2600:9000:223d:9c00:11:f728:3040:93a1
2606:4700::6810:ff3
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:400d:803::200e
2a00:1450:400d:804::2008
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80d::2004
2a00:1450:4025:401::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:41::84
2a04:4e42:e00::282
34.252.185.153
52.222.139.92
54.194.102.220
0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
11710c8c1f57525e3a343c3eae9606d027629117143b2faa8eae50f063b410ec
18492ed90edb27574f424d790f3f9ed57b71ca7ff78ea35f02185d8fdf091501
1bd92779407a948d1afaf610c4ed6cad2cc8541e0076223622a2ca197cd72abe
1c384861e692f069f2c0a54ad8a291c7db9063addd6b741f982f530c6ded7917
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
2271cc49829324db8711862adbde6822f51b384c86ab95d734693e69a32a16ca
227c4acec9b1f76b521d62a8195ab0eec707d58397ec2817ff677c0f3f80bab2
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
24cb57a1c4591d10351357555717c0b6239646ceccf822aa65226ffbcac0a0eb
267d96e10140182099b5acc5cae5bc374d07ecfd946828f44f541feb2fe66fc9
29f3b7a844af8a8ea38e3c8a4b5a832b2bd75ba42c8616998b2ea5995f4cb0d0
315d12592c4ced1bad47208f848b54821178efc8112fd9ed7f90d1158728e0d8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3752de5f5aac579298d563afc26f9bf3b32ee3ea27d0ba23d74a66016abdc54f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e9f92bde02820a68b48483708337e5fcd25c1c2ad13b30c5e4dfa258a51ee39
40ba3923b361aaaa47c0433febabc48c6521a57f721b34e81b1acc2ccc4cdcdd
4118254c269b124324e7d2c1ac22a2805c73c3d31a80a08300ee6de735d03a25
4b3382374a881f881b9abfbffdb4410697c12a428bb182a291d1d84920cd75a8
5075c7d570d1fce3d2ed895ae806366fb9c4f53fe537ca16ec258f0a714f55fb
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5865fa735793848e7bf04c9e6fb7c415fef9f53e06a54ad9692d5cc4d57623c9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
607a8b36951a7783594c984016eb7c05a6bc51b10b81229d98e4f07cc63eb482
6269bafb85bd4d4fed6589655f7e0b8b612397226168098f95d3507848075f6d
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
68429fb7627bef70b795b9a8dddc887b2c67504f8485d3e33e1e6a596abdf9de
6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff
6d72ab2649c6eb12d03ffbc80dc90a736a4ac6d659e5d176e8a504b2e892477b
6efc70bc347a33fefaf7305e770fa3219f2fb1fe596ea8f28b31d5e8381d5ee1
716779bf1043b9c5e0501cc0cf20e38cda2f865344add4428da2483fdd4c2ab9
7605aac42cd8f9e5b20dc9b7d0fb714257696ff298c66667004f1b45cd2aedd0
76adf5f10e53555bc8ab50608288f34c088abae18ea0d1c5a2f9c48d6cfaf075
8142e411c699d5108968599c585fccc2ae83526203471d1de6c1acb3067d5d0c
81c08b54dff5e735737074a01cb221469e6e43efc367d39b470f3ebe6d3fca0c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77
84cff7d0e9574cfad874dbb222bcc0aab201ec4f884ff01478e50a49de04658a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c6f79051545dbac66a67d5daa13979ddca2b884d744ee8143ca30de07282180
a6e1b78358796d17c3050b2ab413fc56a90eac73d8629f35115e5fcebbf44823
aae210c00ab59b27f51eb4287087bc6fb877083ffd9a758c33a36a0149eb9d9d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b50203e296734829f7f550d3533862862c2611053693e728a05d88295e722a24
b63d7c43397848d7330f2a1a94e5d15b9733a548e7e3560f048ccb7e6f368dce
b8a88105e726cd50a5b3164a1ac13e6041800aa5efe21a045c2d6d1019c5594e
baf940343bf1ee3d731c4821c088d8f8824ba583e700556de2a062931ba84377
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf26b8692fc1eb73feb7d360e833eba76b05107b034635473c28e9fbfb60d698
c18143462c4eaf7fcc2740591a8175188e699e10618742467d66d64c107ad3b8
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c8e6618f7888d01fadfaf7d0b969731141d3238f2427d898f2a2ebba64dfdef9
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7eb25d0f4133847ce4b4edfd24c94e2e7ab2178e84c4aa88e8792d1d7c83d1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dcb7f25c2e925aa9366b43a5e5541b9bf46980c0ba3c39332479d534784481d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4beb03fc1729ebd935a1e8c5fc2789434e9d2d3189875ca79cc73353a5a9bab
e4e9683e480cc988e0eb602beeeeec174828931732fac8cd814d3bec749fff07
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65fc15054f43d5ab7d368d38374a8b2b300dc6399a9d8fbc63ed3fcc7d92879
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f9e38e26a5bc03965f8926dea1383db1e0a56dc608a3a1fa703f7eec684e6e30
fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33
fe9781246d6b1c3f65f2b0cb28763207a608df96246ee6cf5e7b983a488625a3

dkh72tu1v1fbw.cloudfront.net Open in urlscan Pro 13.32.99.11 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

57 %IPv6

25 Domains

33 Subdomains

31 IPs

6 Countries

1437 kBTransfer

4203 kBSize

24 Cookies

26 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dkh72tu1v1fbw.cloudfront.net Open in urlscan Pro
13.32.99.11 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

57 %
IPv6

25
Domains

33
Subdomains

31
IPs

6
Countries

1437 kB
Transfer

4203 kB
Size

24
Cookies

87 HTTP transactions
1 data transactions