urlscan.io logo urlscan.io
SecurityTrails logo

stellantisfinanciamentos.com.br Open in urlscan Pro
52.54.192.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portalbancopsa.com.br/
Effective URL: https://stellantisfinanciamentos.com.br/
Submission: On April 02 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 52.54.192.173, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is stellantisfinanciamentos.com.br.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 31st 2023. Valid for: a year.
This is the only time stellantisfinanciamentos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 54.84.93.231 14618 (AMAZON-AES)
14 52.54.192.173 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
11 20.206.176.2 8075 (MICROSOFT...)
29 4
2    54.84.93.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-93-231.compute-1.amazonaws.com
portalbancopsa.com.br
www.bancopsa.com.br
14    52.54.192.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-192-173.compute-1.amazonaws.com
stellantisfinanciamentos.com.br
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    20.206.176.2 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api-portal-institucional.azurewebsites.net
web-cms-institucional.azurewebsites.net
Domain Requested by
14 stellantisfinanciamentos.com.br stellantisfinanciamentos.com.br
10 web-cms-institucional.azurewebsites.net stellantisfinanciamentos.com.br
3 fonts.gstatic.com stellantisfinanciamentos.com.br
1 api-portal-institucional.azurewebsites.net stellantisfinanciamentos.com.br
1 www.bancopsa.com.br 1 redirects
1 portalbancopsa.com.br 1 redirects
29 6

This site contains no links.

Subject Issuer Validity Valid
*.stellantisfinanciamentos.com.br
Amazon RSA 2048 M03		 2023-08-31 -
2024-09-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-03-13 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://stellantisfinanciamentos.com.br/
Frame ID: B0470DD8A54BD21AF96EED2763BB9E33
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stellantis Financiamentos

Page URL History Show full URLs

  1. http://portalbancopsa.com.br/ HTTP 307
    https://portalbancopsa.com.br/ HTTP 301
    https://www.bancopsa.com.br/ HTTP 301
    https://stellantisfinanciamentos.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

97 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

2758 kB
Transfer

3214 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portalbancopsa.com.br/ HTTP 307
    https://portalbancopsa.com.br/ HTTP 301
    https://www.bancopsa.com.br/ HTTP 301
    https://stellantisfinanciamentos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stellantisfinanciamentos.com.br/
Redirect Chain
  • http://portalbancopsa.com.br/
  • https://portalbancopsa.com.br/
  • https://www.bancopsa.com.br/
  • https://stellantisfinanciamentos.com.br/
61 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
34068eb2f097c49bd558f8d975f850ff2f7bd28624801e0871a321ca64a7c165
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
s-maxage=5, stale-while-revalidate
content-encoding
gzip
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 17:15:54 GMT
etag
"s84wu56fl61c1i"
permissions-policy
microphone=()
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
134
content-type
text/html
date
Tue, 02 Apr 2024 17:15:53 GMT
location
https://stellantisfinanciamentos.com.br:443/
server
awselb/2.0
webpack-c4acd79e87956a0e.js
stellantisfinanciamentos.com.br/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/chunks/webpack-c4acd79e87956a0e.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
f1bf716d0aab2ca3bf086e288d33db5b10bc1d1ad808145f445a9f829277b3ba
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"793-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
framework-2c79e2a64abdb08b.js
stellantisfinanciamentos.com.br/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"226fc-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
main-f11614d8aa7ee555.js
stellantisfinanciamentos.com.br/_next/static/chunks/ 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/chunks/main-f11614d8aa7ee555.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
3a9e408537cef70103a72f7351fdc23d2d7c7069fbd887ab20e092023cd563e2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"15d31-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
_app-f285f1813516268f.js
stellantisfinanciamentos.com.br/_next/static/chunks/pages/ 		374 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/chunks/pages/_app-f285f1813516268f.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
7e70038f6faddb908afc53b365a9f3c9233d89ced631c68e4aaaed004988d41f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"5d828-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
index-b86153517318e300.js
stellantisfinanciamentos.com.br/_next/static/chunks/pages/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/chunks/pages/index-b86153517318e300.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
523e862b3b07d72c0b717dd0ae6900d4f42ebd0756ed8e0a0b8507ba38d633be
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"3dfe-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
_buildManifest.js
stellantisfinanciamentos.com.br/_next/static/M4JPpDnj8uMSnv1OGC0hN/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/M4JPpDnj8uMSnv1OGC0hN/_buildManifest.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
e0c3fecc6a4f31d8cb81889be3e9d1005d56721d662849edf166b5e3ad9d189d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 14 Dec 2023 00:56:04 GMT
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"71f-18c65d2d0a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
x-xss-protection
1; mode=block
_ssgManifest.js
stellantisfinanciamentos.com.br/_next/static/M4JPpDnj8uMSnv1OGC0hN/ 		405 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/_next/static/M4JPpDnj8uMSnv1OGC0hN/_ssgManifest.js
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
238d6bf0b95a9a4e271cf4ed29d082c67c60cef57e86f22cb7d90089625d27fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Thu, 14 Dec 2023 00:56:28 GMT
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
W/"195-18c65d32e60"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
permissions-policy
microphone=()
accept-ranges
bytes
content-length
405
x-xss-protection
1; mode=block
image
stellantisfinanciamentos.com.br/_next/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FHome_Banner_3_v3_c46d577860.png&w=1920&q=100
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
36779127b36e204c292549c866bff2adf6f4ef8f5f95e23c15cb40f9124fab00
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
etag
NneRJ7NuIEwpJUnIZr-yrfb0749fleI8FctA+RJPqwA=
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=60, must-revalidate
permissions-policy
microphone=()
content-disposition
inline; filename="Home_Banner_3_v3_c46d577860.webp"
content-length
1089004
x-xss-protection
1; mode=block
image
stellantisfinanciamentos.com.br/_next/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FHome_Banner1_1d61cf01b5.png&w=1920&q=100
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
175b541ee8c2ac0c0dcbd39d3326a7a9f8c6069f929e85c95f85d2b6c989a65f
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
etag
F1tUHujCrAwNy9OdMyanqfjGBp+SnoXJX4XStsmJpl8=
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=60, must-revalidate
permissions-policy
microphone=()
content-disposition
inline; filename="Home_Banner1_1d61cf01b5.webp"
content-length
306878
x-xss-protection
1; mode=block
image
stellantisfinanciamentos.com.br/_next/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FHome_Banner2_c68e3dbc3b.png&w=1920&q=100
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
a275c1e8d5893bc22ec00d5865916981901dc5c3de11f2446920ea24da15129b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
etag
onXB6NWJO8IuwA1YZZFpgZAdxcPeEfJEaSDqJNoVEps=
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=60, must-revalidate
permissions-policy
microphone=()
content-disposition
inline; filename="Home_Banner2_c68e3dbc3b.webp"
content-length
203700
x-xss-protection
1; mode=block
c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v11/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v11/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0wPFXC.woff2
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f4101cfdca439b1eae9cf6d1525fc9fb4aa7c3472afe16dc95c228729927bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
Origin
https://stellantisfinanciamentos.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 13:19:49 GMT
x-content-type-options
nosniff
age
100566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17136
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 13:19:49 GMT
c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQZidIAa.woff2
fonts.gstatic.com/s/encodesansexpanded/v11/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v11/c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQZidIAa.woff2
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e166a4b1ab75972af9ecd902970134f0bd8bff151451615c647ec81f0eeb8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
Origin
https://stellantisfinanciamentos.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 06:05:04 GMT
x-content-type-options
nosniff
age
40251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17012
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:01:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 06:05:04 GMT
c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLWChNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v11/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v11/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLWChNPVo0wPFXC.woff2
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
510e0cee200e6250650008e929a5bf58d8a93a931cefd86c9ed55b8311ee7537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
Origin
https://stellantisfinanciamentos.com.br
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:11:26 GMT
x-content-type-options
nosniff
age
47069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17136
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:01:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 04:11:26 GMT
general-components
api-portal-institucional.azurewebsites.net/api/pages/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-portal-institucional.azurewebsites.net/api/pages/general-components
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/_next/static/chunks/pages/_app-f285f1813516268f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
91ee23b1c6357be3636ec8b1686382cf3dceb8f440c124224e7c0552e60e9a17
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'none'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self'; frame-ancestors 'none'; frame-ancestors 'self';
server
Kestrel
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stellantisfinanciamentos.com.br
image
stellantisfinanciamentos.com.br/_next/ 		828 KB
830 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FHome_Banner_1_84357a2c6d.png&w=1920&q=100
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
d0b53a52503c7c3e361bdf7e474e70c1109aca09f17a8b34e2284c88d0cd06df
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
etag
0LU6UlA8fD42G99+R05wwRCaygnxeos04ihMiNDNBt8=
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=60, must-revalidate
permissions-policy
microphone=()
content-disposition
inline; filename="Home_Banner_1_84357a2c6d.webp"
content-length
848222
x-xss-protection
1; mode=block
image
stellantisfinanciamentos.com.br/_next/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FArea_Cliente_03c47dbd91.png&w=1920&q=100
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
c18a88103cabcdff03ddb14adb9dcf07ac3102ff5d3dc8791ea768b344be17eb
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
etag
wYqIEDyrzf8D3bFK253PB6wxAv9dPch5Hqdos0S+F+s=
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
public, max-age=60, must-revalidate
permissions-policy
microphone=()
content-disposition
inline; filename="Area_Cliente_03c47dbd91.webp"
content-length
52152
x-xss-protection
1; mode=block
logo_Psa_eeb709088b.svg
web-cms-institucional.azurewebsites.net/uploads/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/logo_Psa_eeb709088b.svg
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
89380e32fcfc3f3ee4b394e196c3818e3ede0a233fb7a9e78eff74f1486fce38
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
13505
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:21:56 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
Alerta_1f40a2f900.png
web-cms-institucional.azurewebsites.net/uploads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/Alerta_1f40a2f900.png
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
cf0917be85caba51cd6abee919ef2ecf5e94f4000e3e78d9c3f70ace15b7888e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
1617
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:21:36 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
telefone_Azul_fb80b5743f.png
web-cms-institucional.azurewebsites.net/uploads/ 		405 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/telefone_Azul_fb80b5743f.png
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
48d7fd6961d5bf6863e3e599f5ef8c706457115e54cd1333e642edac4cbe6f0f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
405
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:22:07 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
relogio_Azul_aaaa62174f.png
web-cms-institucional.azurewebsites.net/uploads/ 		475 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/relogio_Azul_aaaa62174f.png
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
0a62638455337129b5b8ed244dd10414d21688e1f2255168c331f351eeeddb43
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
475
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:22:01 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
Email_afecde571d.png
web-cms-institucional.azurewebsites.net/uploads/ 		239 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/Email_afecde571d.png
Requested by
Host: stellantisfinanciamentos.com.br
URL: https://stellantisfinanciamentos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
2fdc3888ebb48f95161ebd6bb70b259b271258cf0328109d3d8e4645c59c684f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
239
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:21:45 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
favicon.ico
stellantisfinanciamentos.com.br/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://stellantisfinanciamentos.com.br/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.54.192.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-192-173.compute-1.amazonaws.com
Software
/
Resource Hash
1278419fa380c726399b420ad2fe4f044a2105cf8c45ef6210216bbce839e86a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://stellantisfinanciamentos.com.br/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
same-origin
content-security-policy
default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
etag
"zlgjynbyuk6zn"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
permissions-policy
microphone=()
x-xss-protection
1; mode=block
logofooter_e6cdad921a.svg
web-cms-institucional.azurewebsites.net/uploads/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/logofooter_e6cdad921a.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
324e9d00fa4658f1099a66f628071721497a97e342905e7b060c2efc1dbc4ce7
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
13220
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:21:57 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
blank_7c619533a6.ico
web-cms-institucional.azurewebsites.net/uploads/ 		70 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/blank_7c619533a6.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
23d7bcc5e68b94d6e03382ac1d9a14ab2d0134772682ae0dd1b2e8b4c85afc51
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
70
referrer-policy
no-referrer
last-modified
Mon, 18 Sep 2023 15:02:32 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
Whats_563909c806.png
web-cms-institucional.azurewebsites.net/uploads/ 		317 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/Whats_563909c806.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
49fdb5a40d281bec7056669ae0f962f769da41a4620d9bcabe0cfd96a62d489f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
317
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:22:15 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
Telefone_1e41a3c2c1.png
web-cms-institucional.azurewebsites.net/uploads/ 		299 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/Telefone_1e41a3c2c1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
7411741309b99b6784c3e35ee50823578e4b5085b2974c6bced0e644d1367cbb
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
299
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:22:07 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
Email_1d9a738214.png
web-cms-institucional.azurewebsites.net/uploads/ 		239 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-cms-institucional.azurewebsites.net/uploads/Email_1d9a738214.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.206.176.2 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
2fdc3888ebb48f95161ebd6bb70b259b271258cf0328109d3d8e4645c59c684f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 17:15:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-length
239
referrer-policy
no-referrer
last-modified
Tue, 05 Sep 2023 21:21:45 GMT
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
x-download-options
noopen
cache-control
max-age=0
accept-ranges
bytes
image
stellantisfinanciamentos.com.br/_next/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stellantisfinanciamentos.com.br
URL
https://stellantisfinanciamentos.com.br/_next/image?url=https%3A%2F%2Fweb-cms-institucional.azurewebsites.net%2Fuploads%2FHome_Banner_2_e228740b10.png&w=1920&q=100

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST

1 Cookies

Domain/Path Name / Value
.web-cms-institucional.azurewebsites.net/ Name: ARRAffinitySameSite
Value: 5e49cc448b00e5b41f7f65659d0fc41935bdcfa23cae5d59b89ea95561959631

11 Console Messages

Source Level URL
Text
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://stellantisfinanciamentos.com.br/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://stellantisfinanciamentos.com.br/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'none'; object-src 'none'; frame-ancestors 'none'; connect-src 'self' https://api-portal-institucional.azurewebsites.net; form-action 'self'; frame-src https://www.google.com; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; img-src 'self' data: https://web-cms-institucional.azurewebsites.net; worker-src 'self' blob:; script-src 'self' https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com; style-src 'self' https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-portal-institucional.azurewebsites.net
fonts.gstatic.com
portalbancopsa.com.br
stellantisfinanciamentos.com.br
web-cms-institucional.azurewebsites.net
www.bancopsa.com.br
stellantisfinanciamentos.com.br
20.206.176.2
2a00:1450:4001:80f::2003
52.54.192.173
54.84.93.231
0a62638455337129b5b8ed244dd10414d21688e1f2255168c331f351eeeddb43
0e166a4b1ab75972af9ecd902970134f0bd8bff151451615c647ec81f0eeb8d1
1278419fa380c726399b420ad2fe4f044a2105cf8c45ef6210216bbce839e86a
175b541ee8c2ac0c0dcbd39d3326a7a9f8c6069f929e85c95f85d2b6c989a65f
238d6bf0b95a9a4e271cf4ed29d082c67c60cef57e86f22cb7d90089625d27fc
23d7bcc5e68b94d6e03382ac1d9a14ab2d0134772682ae0dd1b2e8b4c85afc51
2fdc3888ebb48f95161ebd6bb70b259b271258cf0328109d3d8e4645c59c684f
324e9d00fa4658f1099a66f628071721497a97e342905e7b060c2efc1dbc4ce7
34068eb2f097c49bd558f8d975f850ff2f7bd28624801e0871a321ca64a7c165
36779127b36e204c292549c866bff2adf6f4ef8f5f95e23c15cb40f9124fab00
3a9e408537cef70103a72f7351fdc23d2d7c7069fbd887ab20e092023cd563e2
48d7fd6961d5bf6863e3e599f5ef8c706457115e54cd1333e642edac4cbe6f0f
49fdb5a40d281bec7056669ae0f962f769da41a4620d9bcabe0cfd96a62d489f
510e0cee200e6250650008e929a5bf58d8a93a931cefd86c9ed55b8311ee7537
523e862b3b07d72c0b717dd0ae6900d4f42ebd0756ed8e0a0b8507ba38d633be
7411741309b99b6784c3e35ee50823578e4b5085b2974c6bced0e644d1367cbb
7e70038f6faddb908afc53b365a9f3c9233d89ced631c68e4aaaed004988d41f
7f4101cfdca439b1eae9cf6d1525fc9fb4aa7c3472afe16dc95c228729927bd9
89380e32fcfc3f3ee4b394e196c3818e3ede0a233fb7a9e78eff74f1486fce38
91ee23b1c6357be3636ec8b1686382cf3dceb8f440c124224e7c0552e60e9a17
a275c1e8d5893bc22ec00d5865916981901dc5c3de11f2446920ea24da15129b
c18a88103cabcdff03ddb14adb9dcf07ac3102ff5d3dc8791ea768b344be17eb
cf0917be85caba51cd6abee919ef2ecf5e94f4000e3e78d9c3f70ace15b7888e
d0b53a52503c7c3e361bdf7e474e70c1109aca09f17a8b34e2284c88d0cd06df
e0c3fecc6a4f31d8cb81889be3e9d1005d56721d662849edf166b5e3ad9d189d
f1bf716d0aab2ca3bf086e288d33db5b10bc1d1ad808145f445a9f829277b3ba
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7