form-consorcio.itau.staging.escale.com.br Open in urlscan Pro
13.227.219.5  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

• https://usermatch.krxd.net/um/v2?partner=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2pTZEJyUTk HTTP 302
• https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1

Request Chain 72

• https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2pTZEJyUTk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2pTZEJyUTk&google_tc= HTTP 302
• https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1

Request Chain 74

• https://stags.bluekai.com/site/26357?id=OjSdBrQ9&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOjSdBrQ9%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
• https://beacon.krxd.net/usermatch.gif?_kuid=OjSdBrQ9&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 75

• https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OjSdBrQ9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OjSdBrQ9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=17656217038593252962378596789512879769

Request Chain 76

• https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
• https://sync.navdmp.com/sync?prtid=30&salid=OjSdBrQ9

Request Chain 78

• https://usermatch.krxd.net/um/v2?partner=teadspartner&gdpr=0 HTTP 302
• https://sync.teads.tv/sf/sync?id=OjSdBrQ9&gdpr=0

Request Chain 79

• https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=OjSdBrQ9?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=OjSdBrQ9?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=777ce3d4e50d0402b275a470b91b7377

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response form-consorcio.itau.staging.escale.com.br/	3 KB 4 KB	273ms 31ms	Document text/html	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash d484f99308badaf4e6a397b1542f0999965a54735ef6f11886f27fb3fc65cfb6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 3166 date Mon, 20 Dec 2021 05:01:10 GMT last-modified Mon, 06 Dec 2021 21:02:44 GMT server AmazonS3 strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff referrer-policy same-origin x-xss-protection 1 feature-policy geolocation 'none'; microphone 'none' etag "4b89c65409567064223e0726733b20ad" x-cache Hit from cloudfront via 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 x-amz-cf-id mTfDze0Kj8ynmTEFk1wzli_IPGvklPXyQ6psb0deXW_Hh17v9ayNZQ== age 1
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	40ms 16ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 20 Dec 2021 04:18:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 20 Dec 2021 05:01:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Dec 2021 05:01:10 GMT
GET H2	200	main.1aed07ae.chunk.css form-consorcio.itau.staging.escale.com.br/static/css/	384 B 840 B	269ms 268ms	Stylesheet text/css	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form-consorcio.itau.staging.escale.com.br/static/css/main.1aed07ae.chunk.css Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash 892ef8672855336d21d0a99d30500e16490c18d8610d9d75914601bebaebcd92 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://form-consorcio.itau.staging.escale.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront) referrer-policy same-origin last-modified Mon, 06 Dec 2021 21:02:44 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "74013a47323c0ce5139e548931a7687b" strict-transport-security max-age=63072000; includeSubdomains; preload x-cache Miss from cloudfront content-type text/css x-xss-protection 1 feature-policy geolocation 'none'; microphone 'none' content-length 384 x-content-type-options nosniff x-amz-cf-id 5553VMs1_qIZAg_GN1jD-mry4B3Am1WrJYt6XINnqN84JfSCNH43VQ==
GET H2	200	6657751.js Show response js.hs-scripts.com/	1 KB 940 B	451ms 412ms	Script application/javascript	2606:4700::6811:d6cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/6657751.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5448a65e45536b01a0517cb00baf297db168809180362e0340f1f54003a8579a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:10 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 19 Dec 2021 22:01:48 GMT server cloudflare x-hubspot-correlation-id 17d3515d-db64-4aa2-aa84-ff00165f6442 x-trace 2B3CFB3AB7B6D86363C89907AE1A0E6411F2D7B1C2000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript;charset=utf-8 access-control-max-age 3600 cache-control public, max-age=60 access-control-allow-credentials true cf-ray 6c064fab5f4332b3-CDG expires Mon, 20 Dec 2021 05:02:10 GMT
GET H2	200	2.85a64c87.chunk.js Show response form-consorcio.itau.staging.escale.com.br/static/js/	464 KB 465 KB	246ms 245ms	Script application/javascript	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash 88423b3aa84f1aab459ea883267beab03c9b9f9c948bf9ec9a5d9763ce5d65ca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://form-consorcio.itau.staging.escale.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront) referrer-policy same-origin last-modified Mon, 06 Dec 2021 21:02:44 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "cb84bfd06e6c97c4ec0e5523468754e6" strict-transport-security max-age=63072000; includeSubdomains; preload x-cache Miss from cloudfront content-type application/javascript x-xss-protection 1 feature-policy geolocation 'none'; microphone 'none' content-length 474770 x-content-type-options nosniff x-amz-cf-id 5D4epml7T_S_BYSN0EJsyR9XEOkkLESPwhf5HuUt95bG2i53-n6HDA==
GET H2	200	main.5c6a3b81.chunk.js Show response form-consorcio.itau.staging.escale.com.br/static/js/	49 KB 50 KB	201ms 201ms	Script application/javascript	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://form-consorcio.itau.staging.escale.com.br/static/js/main.5c6a3b81.chunk.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash a5b08799e1e4886c20a9a60d5ae021a91650ed8ad67e168e31107249062a1705 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://form-consorcio.itau.staging.escale.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront) referrer-policy same-origin last-modified Mon, 06 Dec 2021 21:02:44 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "f33634a67cdd1c2d76e4a41069c8fae2" strict-transport-security max-age=63072000; includeSubdomains; preload x-cache Miss from cloudfront content-type application/javascript x-xss-protection 1 feature-policy geolocation 'none'; microphone 'none' content-length 50636 x-content-type-options nosniff x-amz-cf-id 7ufnmF0JBKeNpqVlEQuXugYgb-JPEscpRaosVH56rkUr-sSiYLpckw==
GET H2	200	6657751.js Show response js.hs-analytics.net/analytics/1639976400000/	62 KB 20 KB	200ms 157ms	Script text/javascript	2606:4700::6811:45b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1639976400000/6657751.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6657751.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36835565ce65d899b6df274d11d7e324e64ae94494b4b59f9085fb25c1ea087c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:10 GMT content-encoding br cf-cache-status MISS x-amz-request-id SGTZB67XX27GT8TM x-amz-server-side-encryption AES256 cf-ray 6c064fae3b7b83be-MXP x-amz-id-2 TLclgzSk408NLWNoq6MYrqw4aiRmuDRtoc6L4D90Ii+5aPc803HijzYH9un0ZDvk0sruSHg2hXo= last-modified Thu, 22 Jul 2021 18:59:33 GMT server cloudflare etag W/"193da19e5906efcdf2531a776f4ce493" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id null cache-control max-age=300, public access-control-allow-credentials false content-type text/javascript expires Mon, 20 Dec 2021 05:06:10 GMT
GET H2	200	leadflows.js Show response js.hsleadflows.net/	537 KB 87 KB	1000ms 962ms	Script application/javascript	2606:4700::6811:e8cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6657751.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e8cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea Request headers Referer Origin https://form-consorcio.itau.staging.escale.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 349b149961d8d2361c29d4be4b5847f3.cloudfront.net (CloudFront) vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status MISS x-amz-cf-pop IAD89-P1 x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6c064fae2c9b0e06-MXP x-cache Miss from cloudfront x-amz-replication-status COMPLETED content-encoding br cf-ray 6c064fae2c9b0e06-MXP last-modified Fri, 10 Dec 2021 01:08:50 UTC server cloudflare etag W/"a20da5f3327ff62c3dfbc71571e4fc6d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk. access-control-allow-origin * cache-control s-maxage=86400, max-age=0 x-hs-cache-status MISS content-type application/javascript; charset=utf-8 x-amz-cf-id -I3XFZ3arXhpNwzxchTiELpQVBZl3pfxhKh3nTZpB75zNyPLRpmUvA== x-hs-target-asset lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js
GET H2	200	6657751.js Show response js.hs-banner.com/	61 KB 16 KB	486ms 448ms	Script text/javascript	2606:4700::6812:14bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/6657751.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6657751.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e808b803fb4bf290002c081388fc770d6d8b83056b2f2ae086505065a2d328e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id W5DT5A131Z9AN075 x-amz-server-side-encryption AES256 content-type text/javascript; charset=UTF-8 access-control-max-age 604800 x-amz-id-2 gc/GoOLWLnN22kxEIpJhHT1g0Os1ga1J5l3x22r6hZlNArGQ4+9Hb2Qut/ajk4pENbgYOG0hbTc= timing-allow-origin * last-modified Fri, 03 Sep 2021 20:41:37 GMT server cloudflare etag W/"6b08ab0bb9e66f732fc8ec168b3a4777" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-amz-version-id 42W1.DcizdXv18R9QQEoZh9ZnbJ3bzHm access-control-allow-origin https://consorcio.itau.com.br access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true cf-ray 6c064fae2b740f5a-MXP access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Mon, 20 Dec 2021 05:06:11 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	126 KB 46 KB	55ms 31ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WCJ387F&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1763822e1a3b04a8fa9b20800959bdf5ab2780f7b71434710816d11b9e1456d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47005 x-xss-protection 0 last-modified Mon, 20 Dec 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	331 KB 91 KB	64ms 40ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KGXCXPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9cf22616905277828010df36a5952286602edbe6a726952c8a64dfae613b64b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 92576 x-xss-protection 0 last-modified Mon, 20 Dec 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	202 KB 71 KB	74ms 50ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T27F5ZN&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cc639780f12838a8b5520135c02fbb2ee049dd1db50e0e505c3f9eb0c263837a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 73094 x-xss-protection 0 last-modified Mon, 20 Dec 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	999 B 1022 B	44ms 20ms	Script text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?onload=onloadcallback&render=explicit Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1eb7e89e1387bc57df5b5beae5248093a3ccc78351095887bc5c988e651d42e7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 609 x-xss-protection 1; mode=block expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	41ms 15ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://form-consorcio.itau.staging.escale.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 01:54:06 GMT x-content-type-options nosniff age 443225 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 15 Dec 2022 01:54:06 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	42ms 16ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://form-consorcio.itau.staging.escale.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 05:33:18 GMT x-content-type-options nosniff age 430073 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 15 Dec 2022 05:33:18 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	163 KB 61 KB	37ms 35ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-851ZVZZNG5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCJ387F&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d4741fcf4f7267dae71aaad92ed2f3046f2d1064b75ef52511cfcec74e44469b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61861 x-xss-protection 0 expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	37ms 6ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCJ387F&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 5 date Mon, 20 Dec 2021 05:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 20 Dec 2021 07:01:06 GMT
GET H2	200	tracker-1.1.0.min.js Show response d3l36jjwr70u5l.cloudfront.net/tracker/	4 KB 2 KB	52ms 10ms	Script application/javascript	2600:9000:206f:600:b:9fc2:ea40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3l36jjwr70u5l.cloudfront.net/tracker/tracker-1.1.0.min.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:600:b:9fc2:ea40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 90e9ccf1896a03ad8bd3faa8448fe1b08a17c1b5376186399bb9ff619a625c40 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id 1HiTFkhtoFfb7pAx.6ecu4qY8rUv2VzE content-encoding gzip etag W/"9f7e1d1056d7a0d7a03bf181cdb191f4" last-modified Thu, 28 Jan 2021 12:32:16 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront) date Mon, 20 Dec 2021 05:01:11 GMT x-amz-cf-id 74YGVmXamh5_vZWRHSjja6dcJhnalwJ4A1H1zGXIwMAvTx09UGp5rg==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/	348 KB 137 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://form-consorcio.itau.staging.escale.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 19 Dec 2021 19:40:52 GMT content-encoding gzip x-content-type-options nosniff age 33619 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139097 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Mon, 19 Dec 2022 19:40:52 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	398 KB 76 KB	48ms 48ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WGFF5VK&l=dataLayer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXCXPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7c4b8bba41700b371ff5a8cfb7fa9873778f66d87a6e355babf2c60ac15315f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 77545 x-xss-protection 0 last-modified Mon, 20 Dec 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	evergage.min.js Show response cdn.evgnet.com/beacon/itauunibanco2/marketing/scripts/	134 KB 38 KB	163ms 105ms	Script application/javascript	151.101.0.114 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.evgnet.com/beacon/itauunibanco2/marketing/scripts/evergage.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXCXPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.114 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ee4d773d2124859e626f093ec8e8fc04756b6dfd46dbb5a4947ec43f45ef460d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id lmK0TDlZ8LvlTIZjAwMoo5fHsJfmME62 content-encoding gzip etag "ba0a9282c618779eb318b9a48538e1c0" timing-allow-origin * age 26 x-cache HIT, HIT, HIT x-amz-replication-status COMPLETED content-length 37769 x-amz-id-2 U+F2/Y+q+RFszv3jLhNpyDA3K2HRfIFSfJeXJzf2Vt+cC2aB6Gqw6x125zgLV90G3r1M/lew0vQ= x-served-by cache-dca17725-DCA, cache-iad-kcgs7200147-IAD, cache-hhn4049-HHN x-amz-meta-evergage-sum 387c000cc5efe3c78f878253430123e30f7df90c last-modified Thu, 09 Dec 2021 00:59:35 GMT server AmazonS3 x-timer S1639976471.185015,VS0,VE93 date Mon, 20 Dec 2021 05:01:11 GMT vary Accept-Encoding x-amz-request-id 9Q5PR9QP51CXSZN1 via 1.1 varnish, 1.1 varnish, 1.1 varnish cache-control max-age=120 accept-ranges bytes content-type application/javascript; charset=utf-8 x-amz-meta-evergage-beacon-ver 16 x-cache-hits 1, 1, 1
GET H2	200	u2is0nw4m.js Show response cdn.krxd.net/controltag/	47 KB 10 KB	175ms 96ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/u2is0nw4m.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXCXPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash db2606db0d9dd7ca8fefe42b4b4060238d5010797fa4283ce15b6ce5939d7e66 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 372 x-cache MISS, HIT, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 9474 x-served-by config-service-a001-ash-prod.krxd.net, cache-bwi5150-BWI, cache-iad-kiad7000024-IAD, cache-cdg20768-CDG x-response-time 1 x-do-esi esi x-timer S1639976471.212000,VS0,VE80 etag "cdd879f4e763d8b51b7db0cd5d6be4d7de49e8c9" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 1, 1, 1
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	71ms 22ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug iBUmIF/eVSbiRKj9oMcSZ5sKg1E1PZ7Px7A5RctiR8ShL6mSMaR1eFoIkRBz5Pccv56a5f7uVOgST4k1sT2yow== x-fb-trip-id 1679558926 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 20 Dec 2021 05:01:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	36 KB 11 KB	55ms 34ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:10 GMT content-encoding gzip last-modified Fri, 03 Dec 2021 01:53:50 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 222F61442F6442F0B79EF14F74FC904B Ref B: FRAEDGE1214 Ref C: 2021-12-20T05:01:11Z etag "0cb09ee8e7d71:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 10468
GET H2	200	hotjar-2432034.js Show response static.hotjar.com/c/	4 KB 2 KB	132ms 84ms	Script application/javascript	52.222.139.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2432034.js?sv=6 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-19.ams50.r.cloudfront.net Software / Resource Hash 60e22c667b8017bd1a5a01fa92ef96339de4d34cc485507e94d658406b70caaf Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br x-content-type-options nosniff x-amz-cf-pop AMS50-C1 x-cache-hit 1 etag W/5c72db451c6c36a3d07004a903917be9 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 cross-origin-resource-policy cross-origin content-length 1899 via 1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront) x-amz-cf-id 87ztv-0gNxJmPKIdWvpTa1qmPoHoT_WbIQOC6ZbYm9TEKdv7XtKxEQ==
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1427067/	75 KB 25 KB	152ms 108ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1427067/tfa.js Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e64895df816d7121595b3e75a928f0f9e97c4803fff9f57912c8d864a4929700 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id QbeM42YLD1hspp9Jdc_utJss0ezIAcbq content-encoding gzip etag "55edde02265e207645851f059d6c3421" age 0 x-cache HIT x-amz-replication-status COMPLETED content-length 24970 x-amz-id-2 ijPSxDXNWbk3kWifZfcxQvguqjc31wH6j4RzLIsHZrEOGaxd6S43ez7q9MbRN1YvtVQKenNB9cE= x-served-by cache-hhn4074-HHN last-modified Mon, 13 Dec 2021 13:08:12 GMT server AmazonS3 x-timer S1639976471.176922,VS0,VE101 date Mon, 20 Dec 2021 05:01:11 GMT vary Accept-Encoding x-amz-request-id AN5R0N5SYWPZB5D9 via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 19 x-cache-hits 1
GET H3	200	js Show response www.googletagmanager.com/gtag/	166 KB 61 KB	38ms 38ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7NDBMVWV43&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCJ387F&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f74b0140d1ccf9b78afc98d0f5e344d45b20a28f1fa5551d21b2aec71e1f19bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62407 x-xss-protection 0 expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	xdomain_cookie.min.js Show response d3l36jjwr70u5l.cloudfront.net/	5 KB 2 KB	17ms 14ms	Script application/javascript	2600:9000:206f:600:b:9fc2:ea40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3l36jjwr70u5l.cloudfront.net/xdomain_cookie.min.js Requested by Host: d3l36jjwr70u5l.cloudfront.net URL: https://d3l36jjwr70u5l.cloudfront.net/tracker/tracker-1.1.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:600:b:9fc2:ea40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c750e7dace19446185702156ef056149b3084da18ab9c4c407a09ed51a4c2bc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-amz-version-id AUAFaiWTj.2yP5wMeToTtWv0nyGdW_ga content-encoding gzip last-modified Fri, 17 Jul 2020 13:37:37 GMT server AmazonS3 age 66746 etag W/"9cfca4c1c1821228acaa74557d80827e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront) date Sun, 19 Dec 2021 10:28:46 GMT x-amz-cf-pop FRA56-C1 x-amz-cf-id vGW_L4FzZ49nkVs-IW0_OoawmGs7bFAlUgYDOH77TMyOKcpwkYMAYA==
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	30ms 15ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=169236194&t=pageview&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1797565545&gjid=1630366719&cid=546402870.1639976471&tid=UA-203547010-1&_gid=1538700019.1639976471&_r=1&gtm=2wgc10WCJ387F&z=237825337 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	18ms 14ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=169236194&t=pageview&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1421921750&gjid=260066643&cid=546402870.1639976471&tid=UA-184055636-1&_gid=1538700019.1639976471&_r=1&gtm=2wgc10T27F5ZN&z=667453861 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 459 B	69ms 27ms	XHR text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-140135526-14&cid=546402870.1639976471&jid=2096090609&gjid=753601545&_gid=1538700019.1639976471&_u=YGDAiUABBAAAAG~&z=1254624053 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 20 Dec 2021 05:01:11 GMT content-type text/plain access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=169236194&t=pageview&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&dp=%2FIT%2FNL%2FNCC%2FConsorcio%2FInicio%2FFormConsorcio&ul=en-us&de=UTF-8&dt=Banco%20Ita%C3%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiUABBAAAAC~&jid=2096090609&gjid=753601545&cid=546402870.1639976471&tid=UA-140135526-14&_gid=1538700019.1639976471&gtm=2wgc10KGXCXPV&cd2=IT%3ANL%3ANCC%3AConsorcio%3AInicio%3AFormConsorcio&cd6=142&cd17=&cd26=GTM-KGXCXPV&cd29=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd48=&cd51=PF&cd111=&cd112=&cm19=&cm20=&cm21=&cm22=&cd16=546402870.1639976471&z=699686649 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 19 Dec 2021 20:02:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 32314 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	14ms 14ms	Ping text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-851ZVZZNG5&gtm=2oec10&_p=169236194&sr=1600x1200&ul=en-us&cid=546402870.1639976471&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&dt=Cons%C3%B3rcio&sid=1639976471&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-851ZVZZNG5&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xdomain_cookie.html Show response d3l36jjwr70u5l.cloudfront.net/ Frame 8624	3 KB 2 KB	7ms 7ms	Document text/html	2600:9000:206f:600:b:9fc2:ea40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3l36jjwr70u5l.cloudfront.net/xdomain_cookie.html Requested by Host: d3l36jjwr70u5l.cloudfront.net URL: https://d3l36jjwr70u5l.cloudfront.net/xdomain_cookie.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:600:b:9fc2:ea40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 67cb1387d62d954d22f2b76a6189dfc7368d097bf0aef99692427a98b3f37598 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html last-modified Thu, 16 Jul 2020 19:51:41 GMT x-amz-version-id zyIMqHMP8xzgUzmi.TCTQvcfpqRPY7Cr server AmazonS3 content-encoding gzip date Sun, 19 Dec 2021 07:59:54 GMT etag W/"72a3be9e8e4c2061caf88ac205678717" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id 0fF8askN5Efr28XAwQhlzXmIewTzdtlWDfZLOfdhZAXvuvU3AjN_PA== age 75678
GET H2	200	xdomain_cookie.html Show response d3l36jjwr70u5l.cloudfront.net/ Frame 2695	3 KB 2 KB	9ms 9ms	Document text/html	2600:9000:206f:600:b:9fc2:ea40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3l36jjwr70u5l.cloudfront.net/xdomain_cookie.html Requested by Host: d3l36jjwr70u5l.cloudfront.net URL: https://d3l36jjwr70u5l.cloudfront.net/xdomain_cookie.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:600:b:9fc2:ea40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 67cb1387d62d954d22f2b76a6189dfc7368d097bf0aef99692427a98b3f37598 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html last-modified Thu, 16 Jul 2020 19:51:41 GMT x-amz-version-id zyIMqHMP8xzgUzmi.TCTQvcfpqRPY7Cr server AmazonS3 content-encoding gzip date Sun, 19 Dec 2021 07:59:54 GMT etag W/"72a3be9e8e4c2061caf88ac205678717" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amz-cf-id 3Xt_iIcrFR-dnJLiRVnS069djogIoVceDJ6DbLoyrIakS47ONQFnSw== age 75678
GET H2	204	56348491.js Show response bat.bing.com/p/action/	0 92 B	32ms 32ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/56348491.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-origin * date Mon, 20 Dec 2021 05:01:10 GMT cache-control private,max-age=1800 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 68ABE4787A7749999FA409A4A409E2F6 Ref B: FRAEDGE1214 Ref C: 2021-12-20T05:01:11Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 149 B	32ms 32ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=56348491&Ver=2&mid=0f5f06ce-8f04-4b42-a3fa-7ae3646037cd&sid=d99a5870615111ec87562f3c89a665cd&vid=d99a9ec0615111ec9ff9cd2fba26e400&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cons%C3%B3rcio&p=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&r=&lt=1047&evt=pageLoad&msclkid=N&sv=1&rn=64534 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:10 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 537BE40C721D4F0B83B60871D8247758 Ref B: FRAEDGE1214 Ref C: 2021-12-20T05:01:11Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame C5FB	40 KB 21 KB	53ms 33ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 44d095610420460cf29de731d8a39de4065bfcb706a179f24bbda3dc84345da8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mifC/p+874fl2nfA42K3aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 20 Dec 2021 05:01:11 GMT content-security-policy script-src 'report-sample' 'nonce-mifC/p+874fl2nfA42K3aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21143 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	2523762427916363 Show response connect.facebook.net/signals/config/	305 KB 87 KB	151ms 123ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2523762427916363?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 90ccb8a5c2e5a0cd81fca469b5186ee761f4eb281ee2c1fb602703ad4a6407a7 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug tBYxuYhE48u9aFCNWoJrTaOpFSX8yAbMSZtq0Aa/KxW9SOhxirUhkvurs5wmh0YC6PeVDM7jPN3mNTnava+h1A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 05:01:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	14ms 14ms	Ping text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7NDBMVWV43&gtm=2oec10&_p=169236194&sr=1600x1200&ul=en-us&cid=546402870.1639976471&_s=1&dl=%2FIT%2FNL%2FNCC%2FConsorcio%2FInicio%2FFormConsorcio&dt=Cons%C3%B3rcio&sid=1639976471&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7NDBMVWV43&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	18ms 18ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-140135526-14&cid=546402870.1639976471&jid=2096090609&_u=YGDAiUABBAAAAG~&z=1037236919 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	46ms 21ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-140135526-14&cid=546402870.1639976471&jid=2096090609&_u=YGDAiUABBAAAAG~&z=1037236919 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.cbd9b920d05cd9e47f57.js Show response script.hotjar.com/	227 KB 60 KB	48ms 15ms	Script application/javascript	65.9.83.103 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2432034.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.83.103 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-83-103.ams1.r.cloudfront.net Software / Resource Hash 2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 08 Dec 2021 15:36:06 GMT content-encoding br x-content-type-options nosniff age 998705 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 60953 access-control-allow-origin * last-modified Wed, 08 Dec 2021 15:35:08 GMT etag "7a85a2a595def8796a50e919e49cda7a" vary Accept-Encoding content-type application/javascript via 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop AMS1-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id MT0JMQSUvlRl1nQuZQzWRwPb7ZMVVTCKxr3kCpaDh6sQLmtGRjRAwA==
GET H2	200	controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response cdn.krxd.net/ctjs/	259 KB 83 KB	17ms 17ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/u2is0nw4m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip age 2779203 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 9854860 content-length 84509 x-served-by cache-cdg20768-CDG last-modified Mon, 02 Aug 2021 12:06:17 GMT x-timer S1639976471.379948,VS0,VE0 etag "a1705c5ac5f06cf0c202ff70908fc042" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Thu, 31 Jul 2031 12:06:16 GMT
GET H2	200	json Show response trc.taboola.com/1427067/trc/3/	2 KB 1 KB	55ms 41ms	Script application/javascript	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1427067/trc/3/json?tim=1639976471377&data=%7B%22id%22%3A383%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1639976471372%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Descale-itauconsorcios-br-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1639976471376%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1427067/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash febfe6bdcec4eef1cbd695e595529b4370a67085a8c5f8c4be56df18545a1d11 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-vcl-time-ms 34 date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip server nginx x-timer S1639976471.398243,VS0,VE34 x-served-by cache-hhn4074-HHN vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
POST H2	204	er itauunibanco2.us-4.evergage.com/	0 477 B	537ms 167ms	Ping text/plain	44.241.128.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://itauunibanco2.us-4.evergage.com/er?.bv=16&_ak=itauunibanco2&_ds=marketing&.scv=57&channel=Web&_r=741001&.anonId=cc9ce2999ccc9ec0&_anon=true&.em=Unhandled%20exception%3A%20No%20matching%20page%20found&.es=Site-wide%20Javascript&.vt=chrome&.vn=96 Requested by Host: cdn.evgnet.com URL: https://cdn.evgnet.com/beacon/itauunibanco2/marketing/scripts/evergage.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.128.158 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-128-158.us-west-2.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br date Mon, 20 Dec 2021 05:01:11 GMT x-content-type-options nosniff server Apache-Coyote/1.1 timing-allow-origin *
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame C5FB	51 KB 24 KB	23ms 8ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 09:43:08 GMT content-encoding gzip x-content-type-options nosniff age 155883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24152 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Sun, 18 Dec 2022 09:43:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame C5FB	348 KB 136 KB	28ms 13ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 19 Dec 2021 19:40:52 GMT content-encoding gzip x-content-type-options nosniff age 33619 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139097 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Mon, 19 Dec 2022 19:40:52 GMT
OPTIONS H2	204	1 tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/ Frame	0 0	331ms 100ms	Preflight	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://form-consorcio.itau.staging.escale.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.15.9 date Mon, 20 Dec 2021 05:01:11 GMT access-control-allow-origin * access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept strict-transport-security max-age=15724800; includeSubDomains
OPTIONS H2	204	1 tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/ Frame	0 0	329ms 100ms	Preflight	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://form-consorcio.itau.staging.escale.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.15.9 date Mon, 20 Dec 2021 05:01:11 GMT access-control-allow-origin * access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept strict-transport-security max-age=15724800; includeSubDomains
POST H2	200	1 Show response tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/	66 B 400 B	100ms 99ms	XHR application/octet-stream	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash 2cb06a323d7ad69f2e2917f8164dd1f74458cc47258216f4f2ae617c3024cfec Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept application/json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type application/json Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server nginx/1.15.9 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept content-length 66 expires 0
POST H2	200	1 Show response tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/	66 B 400 B	100ms 99ms	XHR application/octet-stream	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash 2234a4d88173c03f8082f257e42195e9b6e43905aafbb95b5e88f9226eb0c660 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept application/json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type application/json Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server nginx/1.15.9 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept content-length 66 expires 0
GET H2	200	box-a1ae2079824d1c48aa9ce06efb256f18.html Show response vars.hotjar.com/ Frame 493F	2 KB 1 KB	29ms 8ms	Document text/html	143.204.209.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2432034.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.209.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-209-120.fra53.r.cloudfront.net Software / Resource Hash d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 1044 date Thu, 02 Dec 2021 15:53:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "6215abf691a11c2f451680e635d30daa" last-modified Thu, 02 Dec 2021 15:52:57 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id Fc43RLlZxcRrTV0xR5g5WC_yM8r6qKN07a0FO7jZiQANcqSiADUZtQ== age 1516085
GET H2	200	proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response cdn.krxd.net/partnerjs/xdi/ Frame 8F28	805 B 829 B	16ms 15ms	Document text/html	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers last-modified Tue, 21 Feb 2017 17:50:54 GMT etag "3d2100fd7107262ecb55ce6847f01fa5" cache-control public, max-age=315360000 expires Fri, 19 Feb 2027 17:50:50 GMT content-type text/html x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3 content-encoding gzip accept-ranges bytes date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish age 16689610 x-served-by cache-cdg20768-CDG x-cache HIT x-cache-hits 2445975 x-timer S1639976471.455384,VS0,VE0 vary Accept-Encoding p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" content-length 525
GET DATA	200 OK	truncated / Frame C5FB	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame C5FB	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame C5FB	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 03:05:30 GMT x-content-type-options nosniff age 438941 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 22 Dec 2021 03:05:30 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame C5FB	15 KB 15 KB	22ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 11:18:05 GMT x-content-type-options nosniff age 495786 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 11:18:05 GMT
GET H2	200	52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response consumer.krxd.net/consent/get/	242 B 436 B	58ms 36ms	Script text/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?idt=device&dt=kxcookie&callback=Krux.ns.itauunibanco.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ecc3e73556d59b99a15b63db6344133ee18c86cf052a02ae83ca59a212171168 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish age 0 x-served-by consumer-a008-dub-prod.krxd.net, cache-hhn4075-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1639976472.578927,VS0,VE28 content-length 197 x-cache-hits 0, 0
GET H3	200	webworker.js www.google.com/recaptcha/enterprise/ Frame C5FB	102 B 134 B	16ms 16ms	Other text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV&co=aHR0cHM6Ly9mb3JtLWNvbnNvcmNpby5pdGF1LnN0YWdpbmcuZXNjYWxlLmNvbS5icjo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=normal&sa=SEND_LEAD&cb=qnz5mmrq9fgk User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response consumer.krxd.net/consent/set/	307 B 361 B	38ms 37ms	Script text/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/set/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?idt=device&dt=kxcookie&dc=1&al=1&tg=1&cd=1&sh=1&re=1&callback=Krux.ns.itauunibanco.kxjsonp_consent_set_1 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a766e647f5c61f80e8c4a3be9190617e292e242a70240cdb0462b5ecc92b0a12 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish x-timer S1639976472.589959,VS0,VE31 x-served-by consumer-a012-dub-prod.krxd.net, cache-hhn4075-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 cache-control private, max-age=10 x-age 0 accept-ranges bytes content-encoding gzip content-length 247 x-cache-hits 0, 0
GET H3	200	515802355634029 Show response connect.facebook.net/signals/config/	39 KB 10 KB	59ms 59ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/515802355634029?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e949a48a3f1f3a4bf1af35a78dd44c116c1af56c70d82d4cdb63a8dec64100f3 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug R0z8E3MhPMg7ki/ZJItpSZpl4EekLA+Ky81GU/8Oc2816+8oTjA28pXuKLa3ECFoyWe4sCbA59nFIXXzBLmWIA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 05:01:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 295 B	23ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2523762427916363&ev=PageView&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976471599&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Mon, 20 Dec 2021 05:01:11 GMT
GET H2	200	u2is0nw4m.js Show response cdn.krxd.net/controltag/ Frame 8F28	47 KB 10 KB	17ms 16ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/u2is0nw4m.js Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash db2606db0d9dd7ca8fefe42b4b4060238d5010797fa4283ce15b6ce5939d7e66 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 372 x-cache MISS, HIT, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 9474 x-served-by config-service-a001-ash-prod.krxd.net, cache-bwi5150-BWI, cache-iad-kiad7000024-IAD, cache-cdg20768-CDG x-response-time 1 x-do-esi esi x-timer S1639976472.649969,VS0,VE0 etag "cdd879f4e763d8b51b7db0cd5d6be4d7de49e8c9" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 1, 1, 2
GET H3	200	bframe Show response www.google.com/recaptcha/enterprise/ Frame 4A18	7 KB 1 KB	26ms 26ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cc822efddac65b51051747fe72bbe5a5be9b1456044a734a0e4271f5353b9d11 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Wl/7z9HW/QZTjhnsp+9qKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 20 Dec 2021 05:01:11 GMT content-security-policy script-src 'report-sample' 'nonce-Wl/7z9HW/QZTjhnsp+9qKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1117 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response cdn.krxd.net/ctjs/ Frame 8F28	259 KB 83 KB	17ms 17ms	Script application/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/u2is0nw4m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip age 2779203 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 9854861 content-length 84509 x-served-by cache-cdg20768-CDG last-modified Mon, 02 Aug 2021 12:06:17 GMT x-timer S1639976472.689669,VS0,VE0 etag "a1705c5ac5f06cf0c202ff70908fc042" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Thu, 31 Jul 2031 12:06:16 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2432034/	146 B 323 B	98ms 34ms	XHR application/json	34.254.124.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2432034/visit-data?sv=6 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.254.124.164 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-254-124-164.eu-west-1.compute.amazonaws.com Software / Resource Hash 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response wpp.krxd.net/psegs/	51 B 415 B	152ms 33ms	Script application/javascript	54.74.206.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://wpp.krxd.net/psegs/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?callback=kruxPsegsCallback Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXCXPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.74.206.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-74-206-14.eu-west-1.compute.amazonaws.com Software / Resource Hash 7d29d58334bd7bfea9bf59b8f7e2ec588291f23ccb3c96323d000fc1170de46d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-permitted-cross-domain-policies master-only x-frame-options DENY x-cache MISS content-type application/javascript x-cache-hits 0 x-content-type-options nosniff x-age 0 accept-ranges bytes vary Accept-Encoding x-xss-protection 1; mode=block x-served-by wpp-api-a001-dub-prod.krxd.net
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	22ms 11ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=515802355634029&ev=PageView&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976471696&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&tm=1&rqm=GET Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:11 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 4A18	51 KB 24 KB	7ms 7ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 09:43:08 GMT content-encoding gzip x-content-type-options nosniff age 155883 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24152 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Sun, 18 Dec 2022 09:43:08 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 4A18	348 KB 136 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Ld-mYMcAAAAAGsc7R9tfdYY4FgTnRTHl1WSAEOV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 19 Dec 2021 19:40:52 GMT content-encoding gzip x-content-type-options nosniff age 33619 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139097 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Mon, 19 Dec 2022 19:40:52 GMT
GET H2	200	52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20 Show response consumer.krxd.net/consent/get/ Frame 8F28	227 B 288 B	36ms 36ms	Script text/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20?idt=device&dt=kxcookie&callback=Krux.ns.itauunibanco.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a81945eb445eb3e155944fbf5692b3441c61ed431d7063f0580a526297b97f24 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 varnish age 0 x-served-by consumer-a002-dub-prod.krxd.net, cache-hhn4075-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1639976472.736264,VS0,VE29 content-length 188 x-cache-hits 0, 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8F28 Redirect Chain https://usermatch.krxd.net/um/v2?partner=google https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T2pTZEJyUTk https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1	0 337 B	30ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1 Protocol H2 Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT cache-control private, no-cache, no-store x-request-time D=25 t=1639976472 x-served-by beacon-n008-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Mon, 20 Dec 2021 05:01:12 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 291 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8F28 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T2pTZEJyUTk https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T2pTZEJyUTk&google_tc= https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1	0 337 B	82ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1 Protocol H2 Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT cache-control private, no-cache, no-store x-request-time D=24 t=1639976471 x-served-by beacon-n016-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://beacon.krxd.net/usermatch.gif?google_gid=CAESEPEj7x8fva0Bys_3dLv3eJY&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 291 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	379708.gif idsync.rlcdn.com/ Frame 8F28	42 B 416 B	33ms 16ms	Image image/gif	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/379708.gif?partner_uid=OjSdBrQ9 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers timing-allow-origin * date Mon, 20 Dec 2021 05:01:11 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store content-type image/gif alt-svc clear content-length 42
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8F28 Redirect Chain https://stags.bluekai.com/site/26357?id=OjSdBrQ9&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOjSdBrQ9%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID https://beacon.krxd.net/usermatch.gif?_kuid=OjSdBrQ9&partner=bluekai&bk_uuid=$_BK_UUID	0 337 B	30ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?_kuid=OjSdBrQ9&partner=bluekai&bk_uuid=$_BK_UUID Protocol H2 Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT cache-control private, no-cache, no-store x-request-time D=31 t=1639976471 x-served-by beacon-n022-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Location https://beacon.krxd.net/usermatch.gif?_kuid=OjSdBrQ9&partner=bluekai&bk_uuid=$_BK_UUID Date Mon, 20 Dec 2021 05:01:11 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8F28 Redirect Chain https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OjSdBrQ9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OjSdBrQ9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=17656217038593252962378596789512879769	0 337 B	30ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=17656217038593252962378596789512879769 Protocol H2 Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT cache-control private, no-cache, no-store x-request-time D=25 t=1639976471 x-served-by beacon-n003-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers DCS dcs-prod-irl1-1-v025-0a063976f.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID YC5qJcuaSNU= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=17656217038593252962378596789512879769 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	sync sync.navdmp.com/ Frame 8F28 Redirect Chain https://usermatch.krxd.net/um/v2?partner=navegg https://sync.navdmp.com/sync?prtid=30&salid=OjSdBrQ9	6 B 206 B	512ms 151ms	Image application/javascript	2606:4700::6810:ef3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.navdmp.com/sync?prtid=30&salid=OjSdBrQ9 Protocol H2 Server 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6c064fba48aa085b-CDG content-length 6 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript Redirect headers location https://sync.navdmp.com/sync?prtid=30&salid=OjSdBrQ9 date Mon, 20 Dec 2021 05:01:12 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a004-ash-prod.krxd.net
GET		a.gif kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/ Frame 8F28	0 0
GET H2	200	sync sync.teads.tv/sf/ Frame 8F28 Redirect Chain https://usermatch.krxd.net/um/v2?partner=teadspartner&gdpr=0 https://sync.teads.tv/sf/sync?id=OjSdBrQ9&gdpr=0	2 B 162 B	413ms 52ms	Image text/plain	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/sf/sync?id=OjSdBrQ9&gdpr=0 Protocol H2 Server 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.7 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:12 GMT cache-control max-age=0, no-cache, no-store expires Mon, 20 Dec 2021 05:01:12 GMT server akka-http/10.2.7 content-length 2 content-type text/plain; charset=UTF-8 Redirect headers location https://sync.teads.tv/sf/sync?id=OjSdBrQ9&gdpr=0 date Mon, 20 Dec 2021 05:01:12 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a005-ash-prod.krxd.net
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 8F28 Redirect Chain https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=OjSdBrQ9?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=OjSdBrQ9?https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=${profile_id} https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=777ce3d4e50d0402b275a470b91b7377	0 337 B	30ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=777ce3d4e50d0402b275a470b91b7377 Protocol H2 Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.krxd.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT cache-control private, no-cache, no-store x-request-time D=26 t=1639976471 x-served-by beacon-n012-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Mon, 20 Dec 2021 05:01:11 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=777ce3d4e50d0402b275a470b91b7377 cache-control no-cache x-server 10.45.17.129 content-length 0 expires 0
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1000 B	182ms 138ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=6657751&pu=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&t=Cons%C3%B3rcio&cts=1639976471854&vi=a76e328e759c2c2e6a1748a5cce6bac5&nc=true&ce=false&cc=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id cfd73c88-fbc3-46e6-aa19-679fcf0d724f cf-ray 6c064fb56a8a3ff5-CDG p3p CP="NOI CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 45 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33xCfanqYROJHMEaZ4sWxhL0mTdfqdltpaRY2hwrMjYaK8wMSL9YXalGr7%2F4GfHm7TcRTaIQCrYRRIR3Ssa8iVEBHXA9SIzRxPgILawO%2BISQlslZ034fc2iWiIsa3qk%2BP7jTXqPVcIJ%2Fo3oTe%2F5u"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, no-transform access-control-allow-credentials false x-robots-tag none
GET H2	200	optout_check Show response beacon.krxd.net/	85 B 245 B	93ms 29ms	Script text/javascript	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/optout_check?callback=Krux.ns.itauunibanco.kxjsonp_optOutCheck Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash 96daa23e9c4938180ebde7613c33958da40b138d0748ae060b807543290337dd Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:11 GMT cache-control private, max-age=0, s-max-age=0 x-request-time D=58 t=1639976471 x-served-by beacon-n021-dub-prod.krxd.net content-type text/javascript
GET H2	200	get Show response cdn.krxd.net/userdata/	364 B 485 B	102ms 102ms	Script text/javascript	151.101.194.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/userdata/get?pub=52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20&technographics=1&callback=Krux.ns.itauunibanco.kxjsonp_userdata Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.194.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 23cd238196caf9017c35ed702f3cd24764934d811875b224bcdc96970b9eb976 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2 date Mon, 20 Dec 2021 05:01:11 GMT content-encoding gzip age 0 x-served-by userdata-a016-ash-prod.krxd.net, cache-cdg20768-CDG vary Accept-Encoding x-cache MISS, MISS content-type text/javascript via 1.1 varnish cache-control private, max-age=1800 x-age 0 accept-ranges bytes x-timer S1639976472.878972,VS0,VE86 content-length 280 x-cache-hits 0, 0
OPTIONS H2	204	1 tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/ Frame	0 0	100ms 99ms	Preflight	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://form-consorcio.itau.staging.escale.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.15.9 date Mon, 20 Dec 2021 05:01:11 GMT access-control-allow-origin * access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept strict-transport-security max-age=15724800; includeSubDomains
OPTIONS H2	204	1 tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/ Frame	0 0	99ms 99ms	Preflight	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://form-consorcio.itau.staging.escale.com.br User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.15.9 date Mon, 20 Dec 2021 05:01:11 GMT access-control-allow-origin * access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-methods POST, OPTIONS access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept strict-transport-security max-age=15724800; includeSubDomains
POST H2	200	1 Show response tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/	66 B 400 B	100ms 99ms	XHR application/octet-stream	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash ec006d0721c07602f362d491ad96fdcdaa6ad74d48c7e2b6f0436be4380b2a5c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept application/json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type application/json Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:12 GMT server nginx/1.15.9 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept content-length 66 expires 0
POST H2	200	1 Show response tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/	66 B 400 B	101ms 100ms	XHR application/octet-stream	34.203.181.109 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tracker.public.prod.data.escale.com.br/events/prod-clickstream/events/1 Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.203.181.109 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-203-181-109.compute-1.amazonaws.com Software nginx/1.15.9 / Resource Hash b642964662318769504f22fb6a421bcf49a6367e6551a7fa81d70cfce1e318e8 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept application/json Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-type application/json Response headers pragma no-cache date Mon, 20 Dec 2021 05:01:12 GMT server nginx/1.15.9 strict-transport-security max-age=15724800; includeSubDomains access-control-allow-methods POST, OPTIONS content-type application/octet-stream access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Origin-Referer, X-Source-Referer, X-Requested-With, Content-Type, Accept content-length 66 expires 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	9ms 8ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=169236194&t=event&ni=0&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll_page&ea=scroll&el=scroll_landing_page&_u=aGDACUABBAAAAG~&jid=&gjid=&cid=546402870.1639976471&tid=UA-184055636-1&_gid=1538700019.1639976471&gtm=2wgc10T27F5ZN&z=1377468076 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 19 Dec 2021 20:02:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 32314 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	9ms 8ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=169236194&t=event&ni=0&_s=1&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F&ul=en-us&de=UTF-8&dt=Cons%C3%B3rcio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll_page&ea=scroll&el=scroll_landing_page&_u=aGDACUABBAAAAG~&jid=&gjid=&cid=546402870.1639976471&tid=UA-184055636-1&_gid=1538700019.1639976471&gtm=2wgc10T27F5ZN&z=1363057227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 19 Dec 2021 20:02:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 32314 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	347130409797876 Show response connect.facebook.net/signals/config/	305 KB 87 KB	74ms 74ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/347130409797876?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9a950d1fb75251f6451d8e45690b546ffa1d731fa26c2490c58fd8bbd035c88c Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug LveWbTZXI8b9E7xi9eF7ZxMyFsD98nFufQs0QLwYOt6QrPhQZjqq1YVpJEMzYC08HvUi2esdWIVPi8Q5Tp1nSw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 05:01:11 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	167 B 1 KB	438ms 173ms	XHR application/json	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6657751&utk=a76e328e759c2c2e6a1748a5cce6bac5&__hstc=111970139.a76e328e759c2c2e6a1748a5cce6bac5.1639976471852.1639976471852.1639976471852.1&__hssc=111970139.1.1639976471852&currentUrl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68210aad789a9a18d09cc2f5aee379ba856c149274e113669bf7f2505c8caad6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT content-encoding br vary Accept-Encoding cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-hubspot-correlation-id cd68c212-07b5-4229-961f-75cf9eaccd95 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-robots-tag none server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UADwqywtOlb0r3Bdy1Rj6iGhbc%2BzRQUuZ4I%2BBgfa6%2BOH%2Bzvi%2FUIoTUfSeX648Tfi6cPsdTagMUqB5EBH3OQKL9BHEA97WbsyIonO8GV9kr5D6psfkvYOIf5bqFI0cxa%2BTd1%2FGohfnTCL9tVwui5"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=utf-8 access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br cache-control max-age=0, no-cache, no-store access-control-allow-credentials false cf-ray 6c064fb76a49ee2f-CDG access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
GET H3	200	352172120016856 Show response connect.facebook.net/signals/config/	305 KB 87 KB	73ms 72ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/352172120016856?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e06b1b2200fae0c4551d9bdbbe99a49b30d98bb3a511969f478115eb140e6bc2 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug k+HcNFBdFY//cI3TYYCBLk8Tz9XZ6vUCTJbnxwcOr55m+oJIiBfy35Fc7xAqmC+AWBEUFkJoFHurcS8fA5+XeA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 05:01:12 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2523762427916363&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472004&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=515802355634029&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472005&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=28&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=347130409797876&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472005&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H2	204	pixel.gif beacon.krxd.net/	0 337 B	30ms 30ms	Image text/plain	34.242.149.81 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=u2is0nw4m&_kpid=52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20&_kcp_s=WEB%20-%20Institucional&_kcp_d=escale.com.br&_knifr=7&_kua_kx_tz=0&geo_country=de&geo_region=be&geo_dma=276006&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=be&_kua_kx_geo_dma=276006&_kua_kx_whistle=0&_kpa_domain=escale.com.br&t_navigation_type=0&t_dns=204&t_tcp=37&t_http_request=-1&t_http_response=0&t_content_ready=1047&t_window_load=1896&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=wyyec1ihb&userdata_user=OjSdBrQ9%2Cwyyec1ihb&sview=1&kplt6=45910&kplt10=47872&kplt11=41827&kplt13=44895&kplt14=44926&kplt15=45035&kplt16=46803&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20%2C118%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2F52208eaa-d8e2-4d37-bff6-b9ca6fa1ac20%2C92%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C98%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C105 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.149.81 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-149-81.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT cache-control private, no-cache, no-store x-request-time D=47 t=1639976472 x-served-by beacon-n005-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3	200	571626190314377 Show response connect.facebook.net/signals/config/	39 KB 10 KB	59ms 58ms	Script application/x-javascript	2a03:2880:f058:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/571626190314377?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bb63c67055d24e308402b5a050d31a635743af9743a3973ea18a762a00588a19 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug o+rwLW373nxXp6IV/kVHDVZSvVBGwDGVsm0fVPc1ALrtxQcz1/CPdRjK9EoyZOrdPeYFbDB1IxZRr2AC6aZ/4A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 05:01:12 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	10ms 9ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2523762427916363&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472222&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	10ms 9ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=515802355634029&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472223&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=28&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	10ms 9ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=347130409797876&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472224&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	10ms 10ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=352172120016856&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472224&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2523762427916363&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472289&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=515802355634029&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472290&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=28&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=347130409797876&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472290&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=352172120016856&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472291&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=571626190314377&ev=SegmentosDMP&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976472292&cd[segID]=&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:12 GMT
GET H2	204	unip Show response trc-events.taboola.com/1427067/log/3/	0 264 B	50ms 15ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1427067/log/3/unip?en=pre_d_eng_tb&tos=1584&scd=100&ssd=1&est=1639976471374&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1639976472958&vi=1639976471372&ri=1e008d9096d58007e7a8f8b8d15096e9&ref=null&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br pragma no-cache date Mon, 20 Dec 2021 05:01:13 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	12ms 12ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2523762427916363&ev=Microdata&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976473109&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cons%C3%B3rcio%22%2C%22meta%3Adescription%22%3A%22Cons%C3%B3rcio%20Ita%C3%BA%20forms%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=4&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:13 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	8ms 7ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=347130409797876&ev=Microdata&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976473508&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cons%C3%B3rcio%22%2C%22meta%3Adescription%22%3A%22Cons%C3%B3rcio%20Ita%C3%BA%20forms%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=3&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:13 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=352172120016856&ev=Microdata&dl=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form&rl=&if=false&ts=1639976473730&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cons%C3%B3rcio%22%2C%22meta%3Adescription%22%3A%22Cons%C3%B3rcio%20Ita%C3%BA%20forms%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.2.1639976471597.1300279279&it=1639976471285&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 05:01:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 05:01:13 GMT
GET H2	204	unip Show response trc-events.taboola.com/1427067/log/3/	0 263 B	23ms 10ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1427067/log/3/unip?en=pre_d_eng_tb&tos=4591&scd=100&ssd=1&est=1639976471374&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1639976475966&vi=1639976471372&ri=1e008d9096d58007e7a8f8b8d15096e9&ref=null&cv=20211213-1-RELEASE&item-url=https%3A%2F%2Fform-consorcio.itau.staging.escale.com.br%2F%23%2Fitau-form Requested by Host: form-consorcio.itau.staging.escale.com.br URL: https://form-consorcio.itau.staging.escale.com.br/static/js/2.85a64c87.chunk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-origin https://form-consorcio.itau.staging.escale.com.br pragma no-cache date Mon, 20 Dec 2021 05:01:15 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kr.ixiaa.com

URL

https://kr.ixiaa.com/C726AB29-0470-440B-B8D2-D552CED3A3DC/a.gif