app.nubank.com.br Open in urlscan Pro
52.222.155.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://appnubank-rewards.com/
Effective URL:
https://app.nubank.com.br/
Submission: On January 22 via api (January 22nd 2020, 7:04:02 pm UTC) from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 13 domains to perform 33 HTTP transactions. The main IP is 52.222.155.49, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is app.nubank.com.br.
TLS certificate: Issued by GlobalSign Domain Validation CA - SHA... on January 10th 2018. Valid for: 2 years.

This is the only time app.nubank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3031::6812:26b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	52.222.155.49 52.222.155.49	16509 (AMAZON-02) (AMAZON-02)
1 1	95.100.142.38 95.100.142.38	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.222.155.20 52.222.155.20	16509 (AMAZON-02) (AMAZON-02)
1	52.222.155.165 52.222.155.165	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.85.250.245 104.85.250.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.149.176 52.222.149.176	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
4	18.231.5.41 18.231.5.41	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	35.165.24.86 35.165.24.86	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
33	12

2 2606:4700:3031::6812:26b0 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

appnubank-rewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.155.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-49.fra53.r.cloudfront.net

app.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.142.38 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-142-38.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.155.20 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-20.fra53.r.cloudfront.net

www.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.155.165 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-155-165.fra53.r.cloudfront.net

nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.250.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-250-245.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.176 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-176.fra53.r.cloudfront.net

d24n15hnbwhuhn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.231.5.41 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-5-41.sa-east-1.compute.amazonaws.com

prod-s0-webapp-proxy.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.165.24.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-24-86.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	nubank.com.br 1 redirects app.nubank.com.br www.nubank.com.br nubank.com.br prod-s0-webapp-proxy.nubank.com.br	599 KB
3	google-analytics.com 1 redirects www.google-analytics.com	45 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
2	cloudflare.com cdnjs.cloudflare.com	16 KB
2	googleapis.com ajax.googleapis.com	75 KB
2	appnubank-rewards.com 2 redirects appnubank-rewards.com	632 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	184 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	amplitude.com api.amplitude.com	167 B
1	cloudfront.net d24n15hnbwhuhn.cloudfront.net	17 KB
1	typekit.net use.typekit.net
1	typography.com 1 redirects cloud.typography.com	451 B
33	13

	Domain	Requested by
16	app.nubank.com.br	app.nubank.com.br ajax.googleapis.com
4	prod-s0-webapp-proxy.nubank.com.br	ajax.googleapis.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	app.nubank.com.br www.googletagmanager.com
2	cdnjs.cloudflare.com	app.nubank.com.br
2	ajax.googleapis.com	app.nubank.com.br
2	appnubank-rewards.com	2 redirects
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	api.amplitude.com	d24n15hnbwhuhn.cloudfront.net
1	d24n15hnbwhuhn.cloudfront.net	app.nubank.com.br
1	use.typekit.net	app.nubank.com.br
1	nubank.com.br	app.nubank.com.br
1	www.nubank.com.br	1 redirects
1	cloud.typography.com	1 redirects
33	16

This site contains no links.

Subject Issuer	Validity	Valid
*.nubank.com.br GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-10` - `2020-03-13`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2016-12-20` - `2020-02-14`	3 years	crt.sh
www.google.de GTS CA 1O1	`2019-12-20` - `2020-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.nubank.com.br/
Frame ID: D5AE3F5986023E20CE1D00273882E002
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://appnubank-rewards.com/ HTTP 301
https://appnubank-rewards.com/ HTTP 301
https://app.nubank.com.br/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

33
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

16
Subdomains

12
IPs

6
Countries

857 kB
Transfer

2061 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://appnubank-rewards.com/ HTTP 301
https://appnubank-rewards.com/ HTTP 301
https://app.nubank.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cloud.typography.com/6952912/640924/css/fonts.css HTTP 302
https://www.nubank.com.br/fonts/575335/DC25FBAE988340A62.css HTTP 301
https://nubank.com.br/fonts/575335/DC25FBAE988340A62.css

Request Chain 35

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1180705392&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nubank.com.br%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20Nubank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1484257773&gjid=830820717&cid=1875970081.1579719826&tid=UA-54526048-10&_gid=288372763.1579719826&_r=1&gtm=2wg181PQHBFWB&cd9=%2Flogin&z=370326481 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_gid=288372763.1579719826&gjid=830820717&_v=j79&z=370326481 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481&slf_rd=1&random=1573070515

33 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.nubank.com.br/
Redirect Chain

http://appnubank-rewards.com/
https://appnubank-rewards.com/
https://app.nubank.com.br/

4 KB
2 KB

123ms
42ms

Document
text/html

52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd42a39683fb08fa87c881635b1e57f9ec1b30cd7b2f9e748a7f5ef59382656d

Request headers

:method: GET
:authority: app.nubank.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
content-type: text/html
content-length: 1919
date: Thu, 19 Sep 2019 09:57:15 GMT
x-amz-meta-x-content-type-options: nosniff
content-encoding: gzip
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
x-amz-meta-x-frame-options: DENY
x-amz-meta-x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2019 22:08:45 GMT
etag: "53f27b13567fc184dd0cf7bcc8807621"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: KUEeu0NvR0Yu7buV7nBvx1yBtQYvpC1ZqsmGFiQ_iyUqfUhvw7q1RA==
age: 44160

Redirect headers

status: 301
date: Wed, 22 Jan 2020 19:03:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de757caed3d52c63594af8a7ddc0f45d01579719823; expires=Fri, 21-Feb-20 19:03:43 GMT; path=/; domain=.appnubank-rewards.com; HttpOnly; SameSite=Lax; Secure
location: https://app.nubank.com.br/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5593ca232ad664a3-FRA

GET
H2 200 nu.css
app.nubank.com.br/styles/ 297 KB
60 KB 45ms
43ms Stylesheet
text/css 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/styles/nu.css
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b75807298d909b8dc14d8273d38f55b8bb7b7a1760f9246ca77f5813988fb262

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:30 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2019 22:08:50 GMT
server: AmazonS3
age: 21017
etag: "e8be67f2838b579d0ca4540aee89dcf4"
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53
content-length: 61042
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-id: tZsqm6ovEG0q577U4t1ui515MYdmKt779UKqHpWYfv8WiE6Ax-3fpg==

GET
H2

200

DC25FBAE988340A62.css
nubank.com.br/fonts/575335/
Redirect Chain

https://cloud.typography.com/6952912/640924/css/fonts.css
https://www.nubank.com.br/fonts/575335/DC25FBAE988340A62.css
https://nubank.com.br/fonts/575335/DC25FBAE988340A62.css

125 KB
126 KB

126ms
41ms

Stylesheet
text/css

52.222.155.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nubank.com.br/fonts/575335/DC25FBAE988340A62.css
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.165 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-165.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1dedd8659d0c847fbaf39f0c40f402e4befc6f4d4565e702564c8db20849a0a

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 17:36:48 GMT
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront), 1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
etag: "0bd0d528759c154d7dcb4cd4d44a0b94"
last-modified: Wed, 08 Jan 2020 23:07:37 GMT
server: AmazonS3
age: 5218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1, FRA53
accept-ranges: bytes
content-length: 128323
x-amz-cf-id: 6dh2mF5-mZjxlDp_XJoN7-6EX-4GbWijN3vcRgFti0dWl0pqAj4MLg==

Redirect headers

date: Wed, 22 Jan 2020 10:19:38 GMT
via: 1.1 ec6662ba477736a13086dd664a1145be.cloudfront.net (CloudFront)
server: AmazonS3
age: 31447
location: https://nubank.com.br/fonts/575335/DC25FBAE988340A62.css
x-cache: Hit from cloudfront
status: 301
x-amz-cf-pop: FRA53
content-length: 0
x-amz-cf-id: hlenM4se622IWZ_8e-k5Vtu-Hni3T2zJfhUBhhkcNXYLZa5gTQ4N4A==

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.15/ 123 KB
46 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 18:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2940083
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 46555
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Dec 2020 18:22:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 20 Dec 2019 02:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2911805
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Dec 2020 02:13:39 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.3/ 32 KB
11 KB 19ms
19ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.3/moment.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f20b251189e476e544eb66bfdf4ddace0531af67ace628226e3bde5ff408599f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 19:03:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 24353756
cf-ray: 5593ca285c93c2a4-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:24:28 GMT
server: cloudflare
etag: W/"5afd4a4c-7e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Jan 2021 19:03:44 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.017

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 24ms
24ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 19:03:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 21746570
cf-ray: 5593ca285c95c2a4-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:26:23 GMT
server: cloudflare
etag: W/"5afd4abf-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 11 Jan 2021 19:03:44 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 config.js Show response
app.nubank.com.br/config/ 2 KB
1 KB 73ms
72ms Script
application/javascript 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/config/config.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55c8331e473f1c17cadc4ca6af4faf2e429da49bc0ee7a0b99d5bc39a3fc3840

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:30 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2019 22:08:46 GMT
server: AmazonS3
age: 83932
etag: "8e244a57d3510a48089dd434da1c8d6c"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53
content-length: 1150
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-id: GalR8tAZFyPuNCFSBdT0hW_prqQBIcGuF1VtnNbaLm3GS0Wm4EjQTA==

GET
H2 200 modules.js Show response
app.nubank.com.br/scripts/ 842 KB
299 KB 77ms
77ms Script
application/javascript 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/scripts/modules.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae957d70d09f11b7f31067919165a1da54e4c9058cabab3e951e323fb0145f1

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 18:35:37 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2019 22:08:47 GMT
server: AmazonS3
age: 44160
etag: "24acbeacf1f0bfdc470a8c5a033b9fd0"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53
content-length: 305750
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-id: D_jxffL0sufhjeT4NoNxFi9jDU-tdrYXfla8ot2lR8mLk4C2WmMnbw==

GET
H2 200 scripts.js Show response
app.nubank.com.br/scripts/ 75 KB
26 KB 122ms
118ms Script
application/javascript 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/scripts/scripts.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de5d9742c24d7246e7e739c86b78ad0a7ad79241ff82e8a08788a5b5f1cc7bc

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:52:11 GMT
content-encoding: gzip
last-modified: Mon, 11 Mar 2019 22:08:48 GMT
server: AmazonS3
age: 44160
etag: "8eb1ebf87e7128e26e79973dbb86e0f2"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53
content-length: 26507
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-id: -79wa3mnipZHEWwULZmiiTXvMYVi15i020GExDxjF-4nA6dKB66ALQ==

GET
H2 404 ksz1bpt.js
use.typekit.net/ 0
0 270ms
191ms Script
text/plain 104.85.250.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ksz1bpt.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.85.250.245 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-250-245.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
access-control-allow-origin: *
date: Wed, 22 Jan 2020 19:03:45 GMT
content-type: text/plain;charset=utf-8
status: 404
cache-control: no-cache
x-cascade: pass
timing-allow-origin: *
content-length: 9

GET
H2 200 nu_bg_pattern.png
app.nubank.com.br/images/ 5 KB
5 KB 37ms
37ms Image
image/png 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/nu_bg_pattern.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a376868ce82e7c27aebb88e1b84a85e79739e35f572548a58ca2c06a7077e367

Request headers

Referer: https://app.nubank.com.br/styles/nu.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 19:08:51 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:37 GMT
server: AmazonS3
age: 44160
etag: "0199cd6febaa9ac5f88975c2a7438ee3"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA53
content-length: 5184
x-amz-cf-id: XyR3qdh-XojxfF0a3w-APNj52SnCkhHz5FTEsGMcG4j1fYEmqpI_Ow==

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f1fa03dca0900d9b0968317050a61431b8bd0173b33e47da2335a5684c01ef7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
H/1.1 200
OK amplitude-2.9.0-min.gz.js Show response
d24n15hnbwhuhn.cloudfront.net/libs/ 55 KB
17 KB 158ms
42ms Script
application/javascript 52.222.149.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-2.9.0-min.gz.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.149.176 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-176.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b57069b3fd795e6bcd5d191157dc2e46b86d3aa39f504aa655ba6b4436768b27

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 19:31:23 GMT
Content-Encoding: gzip
Age: 7915774
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16708
Last-Modified: Mon, 21 Oct 2019 15:45:34 GMT
Server: AmazonS3
ETag: "9bf8f5ec2e10112ba66c7858fcdded37"
x-amz-version-id: F3rNtRZMUyxTGveaBT.h2ip.8b_rM_LP
Via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA53
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: JFeruQvc865w119P-fHIR8tRN4Ox2hhbbNXsFPPPyhvYNAaBUjwTWw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 67 KB
24 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be22e3a628e8540e29fa5decb4a72b7f4c1dbc859084a0b29438fd13ea37e456

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 19:03:45 GMT
content-encoding: br
last-modified: Wed, 22 Jan 2020 18:29:40 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24295
x-xss-protection: 0
expires: Wed, 22 Jan 2020 19:03:45 GMT

OPTIONS
H/1.1 200
OK discovery Show response
prod-s0-webapp-proxy.nubank.com.br/api/ 0
500 B 825ms
206ms XHR
text/plain 18.231.5.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-s0-webapp-proxy.nubank.com.br/api/discovery
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.5.41 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-5-41.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://app.nubank.com.br
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

Access-Control-Allow-Origin: https://app.nubank.com.br
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, x-correlation-id, Origin, Sec-Fetch-Site, Host, User-Agent, Access-Control-Request-Headers, X-Forwarded-Port, Referer, Connection, Pragma, Accept, Access-Control-Request-Method, X-Forwarded-For, Accept-Encoding, X-Forwarded-Proto, Sec-Fetch-Mode, Cache-Control
Content-Length: 0
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS

OPTIONS
H/1.1 200
OK discovery Show response
prod-s0-webapp-proxy.nubank.com.br/api/app/ 0
500 B 851ms
232ms XHR
text/plain 18.231.5.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-s0-webapp-proxy.nubank.com.br/api/app/discovery
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.5.41 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-5-41.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://app.nubank.com.br
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

Access-Control-Allow-Origin: https://app.nubank.com.br
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, x-correlation-id, Origin, Sec-Fetch-Site, Host, User-Agent, Access-Control-Request-Headers, X-Forwarded-Port, Referer, Connection, Pragma, Accept, Access-Control-Request-Method, X-Forwarded-For, Accept-Encoding, X-Forwarded-Proto, Sec-Fetch-Mode, Cache-Control
Content-Length: 0
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS

GET
H2 200 navigation-base.template.html Show response
app.nubank.com.br/components/navigation/ 295 B
642 B 47ms
46ms XHR
text/html 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/navigation-base.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 703f018c56741536876ddf4e25efb3b8dcfa1995532b2d6f415e7bf09d3fb084

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.xDgVq
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:35 GMT
content-encoding: gzip
age: 77290
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
status: 200
content-length: 175
last-modified: Mon, 11 Mar 2019 22:08:44 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "25bd7c1e0c7c07677639ddf18ab56351"
content-type: text/html
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: SDn8zL9qZOM-1muO9M-1zbSIOl5sFlSbzHVorFy_5UseO2AAd5I11A==
x-amz-meta-x-content-type-options: nosniff

GET
H2 200 login.template.html Show response
app.nubank.com.br/components/login/ 3 KB
2 KB 39ms
38ms XHR
text/html 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/login/login.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05f1c91dc3e461c5f6f14de6550385c8981ef90c0f530aa69009de406f491488

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.iT8qt
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:35 GMT
content-encoding: gzip
age: 30095
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
status: 200
content-length: 1247
last-modified: Mon, 11 Mar 2019 22:08:41 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "7d504f2f3c59a635b23e77d7435d21c6"
content-type: text/html
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: kQVtZ5jfUCExq4DQm64WNPHm0TVgOd0A-Qx3ku5_KK8RwGKe4hr9GQ==
x-amz-meta-x-content-type-options: nosniff

GET
H2 200 navigation-menu.template.html Show response
app.nubank.com.br/components/navigation/ 1 KB
1 KB 38ms
38ms XHR
text/html 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/navigation-menu.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e3f7287056c79f7cf5cfa5fd934c52bbb42c712d583ab1562a203b5eddb8147

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.2ADMB
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:52:12 GMT
content-encoding: gzip
age: 44160
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
status: 200
content-length: 614
last-modified: Mon, 11 Mar 2019 22:08:43 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "98e8738a5c527d2fb28b24bf84806b96"
content-type: text/html
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: lXlM-lUlHiJyPFTgDQRXfibFYn2vLILOGHLEp-Fi__1tXqgkZ9sr7g==
x-amz-meta-x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de9a4d38158a4e77d7d4d4d55b16d61c50e755ad88d5920634bed6064008a0e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1eb62fb22f6e8977df7ca627272600ee4e1ce6a08686f37bfb9fa1f0cfa1542

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 fontawesome-webfont.woff
app.nubank.com.br/fonts/ 64 KB
64 KB 41ms
40ms Font
font/woff 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://app.nubank.com.br/styles/nu.css
Origin: https://app.nubank.com.br

Response headers

date: Tue, 17 Sep 2019 19:08:51 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:35 GMT
server: AmazonS3
age: 77290
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
x-cache: Hit from cloudfront
content-type: font/woff
status: 200
x-amz-cf-pop: FRA53
content-length: 65452
x-amz-cf-id: H4E6-W2aG2eengbKyNc7nYv8K7coEJL6Ru0iW2cAKbxlFfkANgHXNQ==

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34326d268e7234147fe685a5fc668585c40c7de10226eaece97c3f9c35dc5062

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 white.svg
app.nubank.com.br/images/ 822 B
1 KB 39ms
39ms Image
image/svg+xml 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/white.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d2fa080b10cf0943944abfa25e9f0c37824a219c73b85b3cc9c7dbd062ce94c

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:52:12 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:38 GMT
server: AmazonS3
age: 44160
etag: "7e2be025cd6b17a27e8bd8a3e8dc6ce0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53
content-length: 822
x-amz-cf-id: PXx2jz118b8HB-UXiIFfMiZ4_6kQUXsAvIvh2eXaqVqLfq-GWEfyWw==

GET
H2 200 back.svg
app.nubank.com.br/images/ 225 B
535 B 40ms
39ms Image
image/svg+xml 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/back.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 961204348dc2507c21f2f213578fbc8ae4cbbd0c8a30a50779fe1b9e3582f60b

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 19:08:51 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:35 GMT
server: AmazonS3
age: 3824
etag: "de71e0ea40202345cfd314af91f9c427"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53
content-length: 225
x-amz-cf-id: 8hgGigUPZzkBN41RNHY4DX4hKX1G8KJpSwJSVqdw4dHaBB-24GusZQ==

GET
H2 200 nu-purple.svg
app.nubank.com.br/images/ 1 KB
2 KB 40ms
40ms Image
image/svg+xml 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/nu-purple.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 170aab92626c8f6398584c96012b1386f6e5e50f41e5957f75d3caf35fffd5c2

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:52:12 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:37 GMT
server: AmazonS3
age: 44160
etag: "ce4c33346e036f2b10497b1e3a7a19f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53
content-length: 1287
x-amz-cf-id: WrD3-vjJCJ0GLiX9MxqT3BTSOJn5BCC7xHGZ2gpBEOowlC506pPVTA==

GET
H2 200 email.svg
app.nubank.com.br/images/ 239 B
548 B 40ms
40ms Image
image/svg+xml 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/email.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ebc83ba76f95033527d0e898a4e7fc6ab051058a6c2a47cafb652729e14b812

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 12 Jan 2020 10:34:08 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:36 GMT
server: AmazonS3
age: 21012
etag: "6cc55dedbf3a7e86ff4badaada3e22fc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53
content-length: 239
x-amz-cf-id: xyvQRagNU-gRGkwaUSmZCTc1nGB9igt2iUlFfi6RnR8Vno9g3hrV3Q==

GET
H2 200 phone.svg
app.nubank.com.br/images/ 1 KB
1 KB 40ms
40ms Image
image/svg+xml 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/phone.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7aa24fcc081e9fda384a4b8b3eb64ac4f9682b56b8c875e0f9564229e68c87

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:39 GMT
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
last-modified: Mon, 11 Mar 2019 22:08:38 GMT
server: AmazonS3
age: 3824
etag: "2da7596fc8979dfadac4885e21a6ca22"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA53
content-length: 1176
x-amz-cf-id: CP69QN3zrR2tUEDSkcSDLsIcn2VqY9uTY-acDnxuMuLiq2ZJgYMq4A==

GET
H2 200 limit-bar.html Show response
app.nubank.com.br/components/navigation/ 2 KB
1002 B 37ms
37ms XHR
text/html 52.222.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/limit-bar.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-155-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1c02af2f70bd0f7e5fc6f7091437d8a420c5df43141d1d13a5632a026ddfb14

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.Ruq33
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 00:39:38 GMT
content-encoding: gzip
age: 77290
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
status: 200
content-length: 536
last-modified: Mon, 11 Mar 2019 22:08:43 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "1899b0cabe61cfec909c82d9899d2127"
content-type: text/html
via: 1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: iA7FzKaiL59I8J0G6Ik3rChGt8xIt_YGna4iPrY0ixHZJ3Kh0nfZ2Q==
x-amz-meta-x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcba7b0bf7ee7e3f7cec5d3e04162ba172a88381978ee9f88bab01b8b389be8b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 616de1ede496020d0465efec7f252c885015fff99f85ce81627a5e2087775b06

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://app.nubank.com.br

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5130
date: Wed, 22 Jan 2020 17:38:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 22 Jan 2020 19:38:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
27 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQHBFWB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58336b8cf875e247de4ac14005b82e672dbe60b2ea56fedc37359a7d794d2900

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 19:03:45 GMT
content-encoding: br
last-modified: Wed, 22 Jan 2020 18:29:40 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27069
x-xss-protection: 0
expires: Wed, 22 Jan 2020 19:03:45 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 539ms
204ms XHR
text/html 35.165.24.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: d24n15hnbwhuhn.cloudfront.net
URL: https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-2.9.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.165.24.86 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-165-24-86.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.nubank.com.br/
Origin: https://app.nubank.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 200
date: Wed, 22 Jan 2020 19:03:46 GMT
access-control-allow-origin: *
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 79 KB
27 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NN8JCQ9&t=gtm1&cid=1875970081.1579719826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1d31c22122d2b3c1e6420b9f30e3692e9c663a2ac541c6d4315c6dfbce91e07

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 19:03:45 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27633
x-xss-protection: 0
expires: Wed, 22 Jan 2020 19:03:45 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1180705392&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nubank.com.br%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20Nubank&sd=24-bit&sr=1600x1200&v...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_gid=288372763.1579719826&gjid=830820717&_v=j79&z=370326481
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481&slf_rd=1&random=1573070515

42 B
109 B

33ms
33ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481&slf_rd=1&random=1573070515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 19:03:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Jan 2020 19:03:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54526048-10&cid=1875970081.1579719826&jid=1484257773&_v=j79&z=370326481&slf_rd=1&random=1573070515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK discovery Show response
prod-s0-webapp-proxy.nubank.com.br/api/ 3 KB
2 KB 212ms
211ms XHR
application/json 18.231.5.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-s0-webapp-proxy.nubank.com.br/api/discovery

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.231.5.41 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-231-5-41.sa-east-1.compute.amazonaws.com

Software

Resource Hash

5652557ddd0fd30c0270b215735a862190758bfe3ffc414bbd5c60e232a37abc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.5IbeI
Origin: https://app.nubank.com.br
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://app.nubank.com.br
Access-Control-Expose-Headers: Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, X-Xss-Protection, X-Download-Options, X-Permitted-Cross-Domain-Policies, Content-Security-Policy, Content-Type
Connection: keep-alive
Vary: Accept-Encoding, User-Agent
Content-Length: 861
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK discovery Show response
prod-s0-webapp-proxy.nubank.com.br/api/app/ 4 KB
2 KB 215ms
215ms XHR
application/json 18.231.5.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-s0-webapp-proxy.nubank.com.br/api/app/discovery

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.231.5.41 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-231-5-41.sa-east-1.compute.amazonaws.com

Software

Resource Hash

45944ef8d8940ca03e71028d1e0f025cb45a85e6b904d7a404311dc317dfc8af

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.KgTD2
Origin: https://app.nubank.com.br
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://app.nubank.com.br
Access-Control-Expose-Headers: Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, X-Xss-Protection, X-Download-Options, X-Permitted-Cross-Domain-Policies, Content-Security-Policy, Content-Type
Connection: keep-alive
Vary: Accept-Encoding, User-Agent
Content-Length: 1239
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nubank.com.br/	1970-01-20 00:19:51	Name: _ga Value: GA1.3.1875970081.1579719826
.nubank.com.br/	1970-01-22 22:24:39	Name: amplitude_idnubank.com.br Value: eyJkZXZpY2VJZCI6ImU5NjY1ZDE0LTEzMDgtNDI0Yy04NDQ5LTRmZjM0YTc5OTEyZCIsInVzZXJJZCI6bnVsbCwib3B0T3V0IjpmYWxzZSwic2Vzc2lvbklkIjoxNTc5NzE5ODI1NTc3LCJsYXN0RXZlbnRUaW1lIjoxNTc5NzE5ODI1NTc4LCJldmVudElkIjowLCJpZGVudGlmeUlkIjoxLCJzZXF1ZW5jZU51bWJlciI6MX0=
.nubank.com.br/	1970-01-19 06:48:39	Name: _gat_UA-54526048-10 Value: 1
.nubank.com.br/	1970-01-19 06:50:06	Name: _gid Value: GA1.3.288372763.1579719826
app.nubank.com.br/	1969-12-31 23:59:59	Name: lang Value: pt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
app.nubank.com.br
appnubank-rewards.com
cdnjs.cloudflare.com
cloud.typography.com
d24n15hnbwhuhn.cloudfront.net
nubank.com.br
prod-s0-webapp-proxy.nubank.com.br
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nubank.com.br
104.85.250.245
18.231.5.41
2606:4700:3031::6812:26b0
2606:4700::6811:4004
2a00:1450:4001:815::2008
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
35.165.24.86
52.222.149.176
52.222.155.165
52.222.155.20
52.222.155.49
95.100.142.38
05f1c91dc3e461c5f6f14de6550385c8981ef90c0f530aa69009de406f491488
0ae957d70d09f11b7f31067919165a1da54e4c9058cabab3e951e323fb0145f1
0e3f7287056c79f7cf5cfa5fd934c52bbb42c712d583ab1562a203b5eddb8147
170aab92626c8f6398584c96012b1386f6e5e50f41e5957f75d3caf35fffd5c2
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1ebc83ba76f95033527d0e898a4e7fc6ab051058a6c2a47cafb652729e14b812
34326d268e7234147fe685a5fc668585c40c7de10226eaece97c3f9c35dc5062
45944ef8d8940ca03e71028d1e0f025cb45a85e6b904d7a404311dc317dfc8af
55c8331e473f1c17cadc4ca6af4faf2e429da49bc0ee7a0b99d5bc39a3fc3840
5652557ddd0fd30c0270b215735a862190758bfe3ffc414bbd5c60e232a37abc
58336b8cf875e247de4ac14005b82e672dbe60b2ea56fedc37359a7d794d2900
616de1ede496020d0465efec7f252c885015fff99f85ce81627a5e2087775b06
703f018c56741536876ddf4e25efb3b8dcfa1995532b2d6f415e7bf09d3fb084
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8d2fa080b10cf0943944abfa25e9f0c37824a219c73b85b3cc9c7dbd062ce94c
8f1fa03dca0900d9b0968317050a61431b8bd0173b33e47da2335a5684c01ef7
961204348dc2507c21f2f213578fbc8ae4cbbd0c8a30a50779fe1b9e3582f60b
9a7aa24fcc081e9fda384a4b8b3eb64ac4f9682b56b8c875e0f9564229e68c87
9de5d9742c24d7246e7e739c86b78ad0a7ad79241ff82e8a08788a5b5f1cc7bc
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1d31c22122d2b3c1e6420b9f30e3692e9c663a2ac541c6d4315c6dfbce91e07
a376868ce82e7c27aebb88e1b84a85e79739e35f572548a58ca2c06a7077e367
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1c02af2f70bd0f7e5fc6f7091437d8a420c5df43141d1d13a5632a026ddfb14
b1dedd8659d0c847fbaf39f0c40f402e4befc6f4d4565e702564c8db20849a0a
b57069b3fd795e6bcd5d191157dc2e46b86d3aa39f504aa655ba6b4436768b27
b75807298d909b8dc14d8273d38f55b8bb7b7a1760f9246ca77f5813988fb262
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
be22e3a628e8540e29fa5decb4a72b7f4c1dbc859084a0b29438fd13ea37e456
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dcba7b0bf7ee7e3f7cec5d3e04162ba172a88381978ee9f88bab01b8b389be8b
de9a4d38158a4e77d7d4d4d55b16d61c50e755ad88d5920634bed6064008a0e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1eb62fb22f6e8977df7ca627272600ee4e1ce6a08686f37bfb9fa1f0cfa1542
f20b251189e476e544eb66bfdf4ddace0531af67ace628226e3bde5ff408599f
fd42a39683fb08fa87c881635b1e57f9ec1b30cd7b2f9e748a7f5ef59382656d

app.nubank.com.br Open in urlscan Pro 52.222.155.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

50 %IPv6

13 Domains

16 Subdomains

12 IPs

6 Countries

857 kBTransfer

2061 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.nubank.com.br Open in urlscan Pro
52.222.155.49 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

16
Subdomains

12
IPs

6
Countries

857 kB
Transfer

2061 kB
Size

5
Cookies

33 HTTP transactions
6 data transactions