urlscan.io logo urlscan.io
SecurityTrails logo

transaction.havan.com.br Open in urlscan Pro
161.156.186.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cliente.havan.com.br/sistema
Effective URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthenti...
Submission: On October 19 via manual from BR — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 10 HTTP transactions. The main IP is 161.156.186.10, located in United States and belongs to SOFTLAYER, US. The main domain is transaction.havan.com.br.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time transaction.havan.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 161.156.186.10 36351 (SOFTLAYER)
1 1 140.238.64.109 31898 (ORACLE-BM...)
10 1
Apex Domain
Subdomains		 Transfer
12 havan.com.br
cliente.havan.com.br
transaction.havan.com.br
659 KB
10 1
Domain Requested by
10 transaction.havan.com.br transaction.havan.com.br
2 cliente.havan.com.br 2 redirects
10 2

This site contains no links.

Subject Issuer Validity Valid
transaction.havan.com.br
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Frame ID: 661BB957956F49F4D86D7462F9DD65DA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Acesso ao sistema

Page URL History Show full URLs

  1. http://cliente.havan.com.br/sistema HTTP 301
    https://cliente.havan.com.br/sistema HTTP 302
    https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistem... Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

657 kB
Transfer

891 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cliente.havan.com.br/sistema HTTP 301
    https://cliente.havan.com.br/sistema HTTP 302
    https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Entrar
transaction.havan.com.br/AutenticacaoApi/
Redirect Chain
  • http://cliente.havan.com.br/sistema
  • https://cliente.havan.com.br/sistema
  • https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
8288d593da4c2efd454693743757504331b1f09a4b3d54289ec901635812ab85
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-length
1748
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 21:56:10 GMT
expires
-1
pragma
no-cache
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
secured
By XLabs Security www.xlabs.com.br
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-cdn
XLabs Security
x-powered-by
ASP.NET

Redirect headers

cache-control
private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
date
Thu, 19 Oct 2023 21:56:10 GMT
expires
-1
location
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
pragma
no-cache
public-key-pins
pin-sha256="E/eIuxyd+q0uWWqwn40oo0FjJoikqvw7Hl1XZ7TdTpg="; pin-sha256="+h/4OqcqJrfy6iN9fSeinTrHgZkWlvVnSoBTkvaDchs="; max-age=300
secured
By XLabs Security www.xlabs.com.br
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
strict-transport-security
max-age=63072000; preload
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-cdn
XLabs Security
x-powered-by
ASP.NET
js
transaction.havan.com.br/AutenticacaoApi/bundles/ 		88 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/AutenticacaoApi/bundles/js?v=hc5CoABXVEeAZyoJs5HKGcuFSgEAp6QEqSlNcGjz6gk1
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
943dab732e46fda5de8ced41219a5c790a5168143eec87656b24116b51a766f0
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
last-modified
Thu, 19 Oct 2023 21:56:12 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
x-aspnet-version
4.0.30319
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
40660
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
expires
Fri, 18 Oct 2024 21:56:12 GMT
functions-hvn.ver01.min.js
transaction.havan.com.br/Code/Scripts/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/Code/Scripts/functions-hvn.ver01.min.js?1.11.4.0-20000105
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
8b7469ecadfa45437d539e6ee0e6d72ba98b6f90bc55e79b85ab1a702b9bee7c
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-length
15240
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
last-modified
Thu, 11 May 2023 18:11:07 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
etag
"80efd5f43384d91:0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
functions.framework-ext.js
transaction.havan.com.br/Code/Scripts/ 		87 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/Code/Scripts/functions.framework-ext.js?1.11.4.0-20000105
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
98c081f2ad106271380a863ec7e4c31ee7b4a98c2c783272552f51ed359ff963
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-length
18645
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
last-modified
Thu, 11 May 2023 18:11:07 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
etag
"80efd5f43384d91:0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
common-hvn.ver02.min.css
transaction.havan.com.br/Code/Css/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/Code/Css/common-hvn.ver02.min.css?1.11.4.0-20000105
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
32a88c5c13c577025582b355d2f576f641b2939c97ed597ec4f310b7030b6e5d
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-length
16812
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
last-modified
Thu, 11 May 2023 18:11:05 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
etag
"80c2a4f33384d91:0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
custom
transaction.havan.com.br/AutenticacaoApi/Content/Css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/AutenticacaoApi/Content/Css/custom?v=MFes__t89gDljLttT8_UgtZrF8j-m65oVZ2fhGf7p201
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
90266283c5960c3f9c6614f668e670baa1980d4aa5811e8bda5bc94df5bd5b83
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
last-modified
Thu, 19 Oct 2023 21:56:12 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
x-aspnet-version
4.0.30319
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
1440
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
expires
Fri, 18 Oct 2024 21:56:12 GMT
logo-havan-w.svg
transaction.havan.com.br/Code/Images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transaction.havan.com.br/Code/Images/logo-havan-w.svg
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
ee5bb22aae3f3fffa322519c9fb5478dea1423267dfe6adb6fb37edef8fde901
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-length
2353
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
last-modified
Thu, 11 May 2023 18:11:07 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
etag
"80efd5f43384d91:0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
entrar
transaction.havan.com.br/AutenticacaoApi/bundles/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/AutenticacaoApi/bundles/entrar?v=r-kYUpfBXRgXiG5xL9473avi0jaYGM-XFoap4BZHHX01
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
fc9f4e583ecb3014153275e8f6a186aadbfe9d9f380c86b505911e06c2c0e0f3
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Entrar?ReturnUrl=https%3A%2F%2Fcliente.havan.com.br%2Fsistema%2Foauth%2Fauthentication&RedirectUrl=%2Fsistema%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; preload
last-modified
Thu, 19 Oct 2023 21:56:12 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
x-aspnet-version
4.0.30319
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
1591
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
expires
Fri, 18 Oct 2024 21:56:12 GMT
1600x900.jpg
transaction.havan.com.br/Wallpaper/1600x900/ 		530 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transaction.havan.com.br/Wallpaper/1600x900/1600x900.jpg
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/AutenticacaoApi/Content/Css/custom?v=MFes__t89gDljLttT8_UgtZrF8j-m65oVZ2fhGf7p201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
ee29549e980999db350dba47d7a3d5dc7d0d03ced732bc056bd76443c714265f
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://transaction.havan.com.br/AutenticacaoApi/Content/Css/custom?v=MFes__t89gDljLttT8_UgtZrF8j-m65oVZ2fhGf7p201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:13 GMT
strict-transport-security
max-age=63072000; preload
last-modified
Mon, 02 Oct 2023 10:04:15 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
x-cdn
XLabs Security
etag
"2df418cd17f5d91:0"
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-type
image/jpeg
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
542796
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
HvnIconFont.woff
transaction.havan.com.br/Code/Css/HvnIconFont/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://transaction.havan.com.br/Code/Css/HvnIconFont/HvnIconFont.woff
Requested by
Host: transaction.havan.com.br
URL: https://transaction.havan.com.br/Code/Css/common-hvn.ver02.min.css?1.11.4.0-20000105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.156.186.10 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
a.ba.9ca1.ip4.static.sl-reverse.com
Software
XLabs WAF v4.0 http://www.xlabs.com.br/waf / ASP.NET
Resource Hash
693abc386593b110f2d859ae779c7e4a8739f3419ce7bab9e39da545de449e58
Security Headers
Name Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://transaction.havan.com.br/Code/Css/common-hvn.ver02.min.css?1.11.4.0-20000105
Origin
https://transaction.havan.com.br
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:56:13 GMT
strict-transport-security
max-age=63072000; preload
x-cdn
XLabs Security
x-powered-by
ASP.NET
secured
By XLabs Security www.xlabs.com.br
content-length
23492
public-key-pins
pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
last-modified
Thu, 11 May 2023 18:11:05 GMT
server
XLabs WAF v4.0 http://www.xlabs.com.br/waf
etag
"fee16f43384d91:0"
access-control-allow-methods
*
content-type
font/x-woff
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| mainMenu object| dataGrid object| form object| modal object| util object| accordion object| tabs object| monthPicker object| hvnDropdown object| selection object| events object| alpha object| entrar boolean| validarAcessoExterno

5 Cookies

Domain/Path Name / Value
cliente.havan.com.br/ Name: NSC_MC_WT_Dmjfouf_ENA
Value: ffffffff09521e1a45525d5f4f58455e445a4a423660
cliente.havan.com.br/ Name: ASP.NET_SessionId
Value: 2z4de0vk15oaynkmtd2qr4lz
cliente.havan.com.br/ Name: NSC_MC_WT_Dmjfouf_ENA_TTM
Value: ffffffff09521e1d45525d5f4f58455e445a4a42378b
.havan.com.br/ Name: HavanSessionId
Value: 6c5a41a480344cd2ad2e37183c09f6ec
transaction.havan.com.br/ Name: NSC_MC_WT_Usbotbdujpo_ENA_TTM
Value: ffffffffc3a0144545525d5f4f58455e445a4a42378b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Public-Key-Pins pin-sha256="TXs2P1OwzecUigpKV6sEuSARitra2aKm14/PayP0Omk="; pin-sha256="IPdYx/H03+2K9438aG1XT+7mjLdvhfNJZvo9ln8CprY="; max-age=300
Strict-Transport-Security max-age=63072000; preload