urlscan.io logo urlscan.io
SecurityTrails logo

credcrea.gupy.io Open in urlscan Pro
18.165.183.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.gupy.com.br/c/eJxMkL2O3DAMhJ_G6mRYpH4LFdsskD5VOi5F7wmxLcPWHi739IGv2oYAp_gw8zGtO9Xn9qtkw-4RSWYtwF5bjKhpLg8NYP...
Effective URL: https://credcrea.gupy.io/candidates/applications/475264132
Submission: On August 23 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 14 domains to perform 46 HTTP transactions. The main IP is 18.165.183.44, located in United States and belongs to AMAZON-02, US. The main domain is credcrea.gupy.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 9th 2024. Valid for: a year.
This is the only time credcrea.gupy.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.102.239.211 396982 (GOOGLE-CL...)
6 18.165.183.44 16509 (AMAZON-02)
4 172.67.74.112 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 18.66.102.51 16509 (AMAZON-02)
2 157.240.0.6 32934 (FACEBOOK)
1 13.33.187.74 16509 (AMAZON-02)
2 142.250.184.200 15169 (GOOGLE)
2 142.250.186.132 15169 (GOOGLE)
6 54.152.28.62 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 3.165.190.33 16509 (AMAZON-02)
1 18.66.112.110 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.202.54.1 14618 (AMAZON-AES)
1 3.165.190.107 16509 (AMAZON-02)
1 216.239.34.36 15169 (GOOGLE)
46 22
1    34.102.239.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com
email.gupy.com.br
6    18.165.183.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-44.zrh55.r.cloudfront.net
credcrea.gupy.io
gupy.gupy.io
4    172.67.74.112 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.privacytools.com.br
1    2606:4700:3037::ac43:a2c5 (United States)

ASN13335 (CLOUDFLARENET, US)
plugin.handtalk.me
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.de
1    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net
script.hotjar.com
2    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
6    54.152.28.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-28-62.compute-1.amazonaws.com
unleash-proxy-production.api.tools.gupy.io
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.165.190.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-190-33.zrh55.r.cloudfront.net
front-statics-fonts.gupy.io
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.202.54.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-54-1.compute-1.amazonaws.com
private-api.gupy.io
1    3.165.190.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-190-107.zrh55.r.cloudfront.net
attachments.gupy.io
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
17 gupy.io
credcrea.gupy.io
gupy.gupy.io
unleash-proxy-production.api.tools.gupy.io — Cisco Umbrella Rank: 748814
front-statics-fonts.gupy.io
private-api.gupy.io
attachments.gupy.io
5 MB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
www.google.com — Cisco Umbrella Rank: 10
989 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
349 KB
4 privacytools.com.br
cdn.privacytools.com.br — Cisco Umbrella Rank: 279229
43 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
286 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
89 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
66 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
231 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
254 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
753 B
1 handtalk.me
plugin.handtalk.me — Cisco Umbrella Rank: 198955
214 KB
1 gupy.com.br
email.gupy.com.br
653 B
46 14
Domain Requested by
6 unleash-proxy-production.api.tools.gupy.io gupy.gupy.io
5 region1.analytics.google.com www.googletagmanager.com
4 www.googletagmanager.com credcrea.gupy.io
www.googletagmanager.com
gupy.gupy.io
4 gupy.gupy.io credcrea.gupy.io
4 cdn.privacytools.com.br credcrea.gupy.io
cdn.privacytools.com.br
2 private-api.gupy.io gupy.gupy.io
2 front-statics-fonts.gupy.io gupy.gupy.io
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com gupy.gupy.io
www.gstatic.com
2 connect.facebook.net credcrea.gupy.io
connect.facebook.net
2 fonts.googleapis.com credcrea.gupy.io
gupy.gupy.io
2 credcrea.gupy.io
1 attachments.gupy.io
1 www.gstatic.com www.google.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com credcrea.gupy.io
1 www.google.de credcrea.gupy.io
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdnjs.cloudflare.com credcrea.gupy.io
1 plugin.handtalk.me credcrea.gupy.io
1 email.gupy.com.br 1 redirects
46 22

This site contains links to these domains. Also see Links.

Domain
support-candidates.gupy.io
www.gupy.io
Subject Issuer Validity Valid
*.gupy.io
Amazon RSA 2048 M02		 2024-04-09 -
2025-05-07		 a year crt.sh
privacytools.com.br
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
handtalk.me
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.tools.gupy.io
Amazon RSA 2048 M03		 2024-03-28 -
2025-04-27		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://credcrea.gupy.io/candidates/applications/475264132
Frame ID: AD103A1DDE9B635319AD2002E99802E7
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEhf8ZAAAAAOfYkqlZkCElDMyttbwsNuxSFU69&co=aHR0cHM6Ly9jcmVkY3JlYS5ndXB5LmlvOjQ0Mw..&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=325r59vqxm0o
Frame ID: C1AFDEB38FA1833B61ADF579692960F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gupy

Page URL History Show full URLs

  1. https://email.gupy.com.br/c/eJxMkL2O3DAMhJ_G6mRYpH4LFdsskD5VOi5F7wmxLcPWHi739IGv2oYAp_gw8zGtO9Xn9qtkw-... HTTP 302
    https://credcrea.gupy.io/candidates/applications/475264132 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

100 %
HTTPS

35 %
IPv6

14
Domains

22
Subdomains

22
IPs

3
Countries

6230 kB
Transfer

17679 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.gupy.com.br/c/eJxMkL2O3DAMhJ_G6mRYpH4LFdsskD5VOi5F7wmxLcPWHi739IGv2oYAp_gw8zGtO9Xn9qtkw-4RSWYtwF5bjKhpLg8NYPlREiaTvOK2dfnqmfZ9qUy9tk3LdrRlWWXrig-hLuXWM0xg9RS1wd8mDnjD6zg_huj-qJLnOXoDSrIJgC5YxKA-skRnLU_Jz5H5IRgsSQI20XNKzpKqP9wpGjQRowujeEvFi0_WOkhzGOz0fO3_Rm7r-DhULRlh9hEZtchktI1gdMRidAAib_yMELxa8kfv-zngbYD7AHc-pFxbxh9YbVdEW6mFupwD3N_mX68NDrw1COrIy6t-j2d7fdNgp5W-6sWqvY3c2n516nlrej8ay3lq-by09XzI87XQod_Aqmc6_74nujfNbd0X6fJu_TPD_wAAAP__Yx2PIg HTTP 302
    https://credcrea.gupy.io/candidates/applications/475264132 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 475264132
credcrea.gupy.io/candidates/applications/
Redirect Chain
  • https://email.gupy.com.br/c/eJxMkL2O3DAMhJ_G6mRYpH4LFdsskD5VOi5F7wmxLcPWHi739IGv2oYAp_gw8zGtO9Xn9qtkw-4RSWYtwF5bjKhpLg8NYPlREiaTvOK2dfnqmfZ9qUy9tk3LdrRlWWXrig-hLuXWM0xg9RS1wd8mDnjD6zg_huj-qJLnOXoDS...
  • https://credcrea.gupy.io/candidates/applications/475264132
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
a75ef88b23e86b1de7dfa0f684239aea8fbf6ea08181d39383b697dc112f6a16
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,max-age=0
content-encoding
gzip
content-length
3164
content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
content-type
text/html
date
Fri, 23 Aug 2024 18:17:17 GMT
etag
W/"66c8bd34-1b02"
last-modified
Fri, 23 Aug 2024 16:47:48 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-amz-cf-id
5EcT-GaG61wvgSAyYvfQweNEeKTj7w2cwYwGyJGcEZqwgjBxPQnMKg==
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-store
content-length
466
content-type
text/html
date
Fri, 23 Aug 2024 18:17:16 GMT
location
https://credcrea.gupy.io/candidates/applications/475264132
x-robots-tag
noindex
x-xss-protection
1; mode=block
jl6521114111.js
cdn.privacytools.com.br/public_api/banner/autoblock/v3/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/autoblock/v3/jl6521114111.js?t=2
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f5abda98be4b5fb3a2e53067548241021a07081ede269a1968ee52f13dd83b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jul 2024 22:07:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2578173
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nCCZj%2Fb2%2BP1dcvyr18TybMIXS2I1zqjkIA2Q5fOCVCd85FA8wPzGp4tJAVS6PmOh%2BIViy%2BBrhphsOVvrXzQveCQUzRFGCwuqn0YoIHg0F4L61mzedu%2FHkA07BQfGKjPfgR%2BH5LVKZmst"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=2678400
x-robots-tag
noindex
cf-ray
8b7d193c8fcb2c62-FRA
alt-svc
h3=":443"; ma=86400
handtalk.min.js
plugin.handtalk.me/web/latest/ 		573 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.handtalk.me/web/latest/handtalk.min.js
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a2c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb1a7304659a735a37613bb287be882e7fdd77697341c5b2c07acb6b8eb5bcb

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
868
x-guploader-uploadid
AHxI1nNDnTyHvB-1VdOaM9I65eLFcyoOuYs8BXdpcxMZIKtGqawLnxXsX461n8t5s_qPUl1dbv0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
217667
last-modified
Mon, 19 Aug 2024 12:49:24 GMT
server
cloudflare
etag
"470d427924cda694095906ad866b53ee"
vary
Accept-Encoding
x-goog-generation
1724071764693774
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=aMSYPA==, md5=Rw1CeSTNppQJWQathmtT7g==
access-control-expose-headers
Content-Type, X-Requested-With
cache-control
public, max-age=2678400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOV4wl4p59hqQWY5xjIjomX6yXu3O%2Bu4bj8JG0wPhu2%2FQtYp1DG7ySFA%2BA24SSyAHNUx7RBI6AfOGynpBLWnuXae8sj6imSzj9Hfz0JRdJ%2B%2BW7368UKVPyptvZ8tCAUVhdDYGU7WZDdwaQwtKjah9bo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
217667
accept-ranges
bytes
cf-ray
8b7d193e293c2c52-FRA
expires
Fri, 23 Aug 2024 19:02:49 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Aug 2024 18:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 18:17:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Aug 2024 18:17:17 GMT
0mpM21114111.css
cdn.privacytools.com.br/public_api/banner/style/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/style/0mpM21114111.css?t=1
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0219cf89e9788216b4ef3b8a6c54c22143eff5a539297b5a1ba36d67d191ef11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Aug 2024 18:06:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
622
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMVheKNJstVQhuuRqCETu4FV7Mwe4nUyHDJp82IHp0HqSCKP%2B98sI2Zs2nBQ88b%2B4cPZO46T%2BFs%2BGlwATxv0ZXwKeiUlUwys3pq%2BomLndx0beX7bu7YKcIkludM05zTT4hHNaiBkKXPc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
8b7d193c8fc92c62-FRA
alt-svc
h3=":443"; ma=86400
0mpM21114111.js
cdn.privacytools.com.br/public_api/banner/script/bottom/ 		139 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/script/bottom/0mpM21114111.js?t=1
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1fb96ea48b90dac807006fe28a1edcd58ec31560c14ff97a7188de38afdf78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Aug 2024 15:05:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11495
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YknkfgO%2Bn7h%2FTLCJWu4JA6YBmoHc0WpJ371ipeFC96n%2BwUxl1uwDIWMx88W%2FhIQypzP2dlo%2BhkQzN2Le6F57LhcntUFK2g1NhdUOm2IacpyEBT8bvx4dF3LUnz3oMof3SmdlAsOX5GqF"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
x-robots-tag
noindex
cf-ray
8b7d193eeace2c62-FRA
alt-svc
h3=":443"; ma=86400
2.32a349d6.chunk.css
gupy.gupy.io/candidates/static/css/ 		74 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gupy.gupy.io/candidates/static/css/2.32a349d6.chunk.css
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
ace2ff584454166e6fb7162b3543818c7eb738731507ab5e85e7a27f55d2be56
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:17 GMT
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 23 Aug 2024 16:47:48 GMT
etag
W/"66c8bd34-12745"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=2592000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
x-amz-cf-id
qdr7BGlocmTRsKdVM27EVtD6H56eRmh5Lg9W38hC25JbcVuaMWhy2g==
main.401e872a.chunk.css
gupy.gupy.io/candidates/static/css/ 		312 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gupy.gupy.io/candidates/static/css/main.401e872a.chunk.css
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
0dc53582e551fde9ba628f6b1179644f58e0a5e9ae24e4afd77c1e82669e2330
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:17 GMT
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 23 Aug 2024 16:47:48 GMT
etag
W/"66c8bd34-4df1d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=2592000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
x-amz-cf-id
4u3cHU4uIvzK21vCxoIXpfjpkz3OyhJ9WWRy8ZFFxefcRkjDSHV-uA==
polyfill.min.js
cdnjs.cloudflare.com/polyfill/v2/ 		103 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/polyfill/v2/polyfill.min.js?features=Intl.~locale.en,Intl.~locale.es,Intl.~locale.pt
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://credcrea.gupy.io/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
strict-transport-security
max-age=15780000
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkQeyNBOILUCMLXZ7LiYCAQd9LeGPa68XaaMWox3s%2BhKeA3EqNq%2B%2B0TdtKjn8nrLzZsXyBglRUsSVRf7huWWapNoSr4KdfrbZ23odrr%2Bvv23vMH0WVm7gZGXZZloQ%2ByJPnjvZIDvB4TOnhhc8wNdozrn"}],"group":"cf-nel","max_age":604800}
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
cf-polyfill-version
3.25.1
cf-ray
8b7d193c8e0a5b50-FRA
alt-svc
h3=":443"; ma=86400
x-compress-hint
on
2.bcc03708.chunk.js
gupy.gupy.io/candidates/static/js/ 		12 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
ba2929444463931e86d2feb314bb992a9d123a62d3c0d033ec473de87b0bf354
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:17 GMT
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 23 Aug 2024 16:47:48 GMT
etag
W/"66c8bd34-b8f0d1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=2592000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
x-amz-cf-id
0DBEBpdwI184kw7qlTr5OBbngGOJhvrL6NHBKxlPP24Rs7f1aKKh7Q==
main.dfcc6749.chunk.js
gupy.gupy.io/candidates/static/js/ 		2 MB
492 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gupy.gupy.io/candidates/static/js/main.dfcc6749.chunk.js
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
2c4887b76dbf7bd7026d40861f30b3c3af1b4290939c8620bc79bd3775f61367
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 11:42:02 GMT
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ZRH55-P1
age
23715
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 22 Aug 2024 21:39:04 GMT
etag
W/"66c7aff8-1b0326"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=2592000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
x-amz-cf-id
iX7r55wYXYyNPtaVKiA-DGGF84Fimg-1Tw40lEA0laWqho-9ctL3sA==
gtm.js
www.googletagmanager.com/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5B4BFQ2D
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef841ee9124a6597a662f0ec01e4baab6379d36c23e692ada3eefba677354c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70315
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 18:17:17 GMT
css2
fonts.googleapis.com/ 		12 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Lato:wght@300;400;700&display=swap
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/css/2.32a349d6.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a3cc39e5bc76add1e3b3b3d65c8845e91b99ca6588d3dca1bada649f50f7b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gupy.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Aug 2024 18:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 18:07:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Aug 2024 18:17:17 GMT
destination
www.googletagmanager.com/gtag/ 		328 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B4BFQ2D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a61fece32fa5507abadd0788d1230d92a5b13faa0a6610601d4709f82315b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108896
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Aug 2024 18:17:18 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0M1NYZV48Q&gtm=45je48l0v9116503724z89187793223za200zb9187793223&_p=1724437037519&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1266363276.1724437038&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724437038&sct=1&seg=0&dl=https%3A%2F%2Fcredcrea.gupy.io%2Fcandidates%2Fapplications%2F475264132&dt=Gupy&en=gtm.init&_fv=1&_nsi=1&_ss=1&tfd=1873
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0M1NYZV48Q&cid=1266363276.1724437038&gtm=45je48l0v9116503724z89187793223za200zb9187793223&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0M1NYZV48Q&cid=1266363276.1724437038&gtm=45je48l0v9116503724z89187793223za200zb9187793223&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=476515212
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-809470.js
static.hotjar.com/c/ 		48 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-809470.js?sv=6
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
68d513be7d439fd374aa3f4a86359ceaf9095b0550dd393127e9c841ec852f5a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:18 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/5d44baba8b4c01717189fbfdeb249868
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
P9LJcvXDgDx4JViztRZjgKa_yboSmPMHQQiUpARvMOPzaPBiCbpnfQ==
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
be8bfbc1c04a7995b4544b6e7d2304e3b33ab2fde600ab00bbf881e18652e79a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:18 GMT
content-md5
OweLiOc6EY5h7fxJIN5gdQ==
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4303, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
scAdVa8q4412RZobW3cPrt9zTtzjSEdHsdSLepy/Qc1v1+vdMPmdkcdsmnfIGqsLSboIOEzAxfnk2IQQkkj4XQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
501143214d28b2a9fd3eaee568474809
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c5b27d08a7e91f19431f69cb9ed1dfd6"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Aug 2024 18:32:44 GMT
sdk.js
connect.facebook.net/pt_BR/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=a001ccde2914cf0d10378b8e35911887
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3d33bf39fc2a372b4cf44ea7be5a7d21d2e4b058e70681a8517327619a6ec217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://credcrea.gupy.io/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Aug 2024 18:17:18 GMT
content-md5
jFiwYkqeNofA+HDa5YA8dQ==
document-policy
force-load-at-top
x-fb-server-load
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89239
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
UwPBSP92DHgiwQM4ySvXK27kLhveQjhaRzEofufkgGFUBTpOSdNp0cZZ3h5lh5hHaoFWECVKxn6juqfuQ6L7Nw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e6bbc67809571ccc0050202be0e86aee
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"25676bcb3af47e8f2113e3c79ccfb5cb"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Aug 2025 17:12:42 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-809470.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
2087652
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
saVBtrt0_FgDj4Lir8wl68LnsYCbPMO-BXjh6rAk5W42CNq4hNY_kw==
js
www.googletagmanager.com/gtag/ 		328 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0M1NYZV48Q
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1ac670f38d781e138efbd17640634d1072220171726c67be698731d9cdcc0816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108830
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 23 Aug 2024 18:17:19 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0M1NYZV48Q&gtm=45je48l0v9116503724z89187793223za200zb9187793223&_p=1724437037519&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1266363276.1724437038&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1724437038&sct=1&seg=0&dl=https%3A%2F%2Fcredcrea.gupy.io%2Fcandidates%2Fapplications%2F475264132&dt=Gupy&en=gtm.js&_et=3&tfd=3283
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0M1NYZV48Q&gtm=45je48l0v9116503724za200zb9187793223&_p=1724437037519&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1266363276.1724437038&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=3&sid=1724437038&sct=1&seg=1&dl=https%3A%2F%2Fcredcrea.gupy.io%2Fcandidates%2Fapplications%2F475264132&dt=Gupy&en=page_view&_ee=1&_et=1357&tfd=3287
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0M1NYZV48Q&gtm=45je48l0v9116503724za200zb9187793223&_p=1724437037519&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1266363276.1724437038&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=4&sid=1724437038&sct=1&seg=1&dl=https%3A%2F%2Fcredcrea.gupy.io%2Fcandidates%2Fapplications%2F475264132&dt=Gupy&en=scroll&epn.percent_scrolled=90&_et=2&tfd=3289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5JH8FD2G&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: credcrea.gupy.io
URL: https://credcrea.gupy.io/candidates/applications/475264132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d7f24423ac7d1da9cc129ce824111e2bc6c93e60aa33c950366f3e8092573da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68743
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Aug 2024 18:17:19 GMT
api.js
www.google.com/recaptcha/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcEhf8ZAAAAAOfYkqlZkCElDMyttbwsNuxSFU69
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/main.dfcc6749.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
f9e55ad1a4389c2a08f006013a0985b2cbfb88beaf566bc0a8f5a30291fe3b84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 23 Aug 2024 18:17:19 GMT
proxy
unleash-proxy-production.api.tools.gupy.io/ 		25 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy?environment=production&appName=ats-candidates
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash
a73f47aa671f7c197c1e9851c0f0e9e9eb04c16a265d543b95f3fa56b37b0115

Request headers

Accept
application/json
Referer
https://credcrea.gupy.io/
If-None-Match
Authorization
a7f1ca58d22d929f08520a8cd6a170cd675a69c62098e97fa9d747d0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 23 Aug 2024 18:17:20 GMT
Content-Encoding
gzip
ETag
W/"6324-c2zdCvpkKcQoevCM/oQjL5k6Uoo"
Vary
Accept-Encoding
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-control
public, max-age=2
Connection
keep-alive
proxy
unleash-proxy-production.api.tools.gupy.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy?environment=production&appName=ats-candidates
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://credcrea.gupy.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Access-Control-Max-Age
172800
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Aug 2024 18:17:20 GMT
Vary
Access-Control-Request-Headers
access-control-allow-headers
authorization,content-type,if-none-match
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Lato:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 15:02:44 GMT
x-content-type-options
nosniff
age
270875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 15:02:44 GMT
Inter-Regular.ttf
front-statics-fonts.gupy.io/ 		303 KB
303 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://front-statics-fonts.gupy.io/Inter-Regular.ttf
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/css/main.401e872a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.190.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-190-33.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8

Request headers

Referer
https://gupy.gupy.io/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 01:12:39 GMT
via
1.1 38e6d5d4bf1ff4c61fe7860d1fe50b94.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 16:56:03 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P2
age
63751
x-amz-server-side-encryption
AES256
etag
"079af0e2936ccb99b391ddc0bbb73dcb"
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
309828
x-amz-cf-id
EQE1uiUnYZlVbrsjkce66n5pNgscPBWBKJGl-jt6_FWMmjj2esCC_A==
809470
vc.hotjar.io/sessions/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/809470?s=0.25&r=0.15975370201133354
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Aug 2024 18:17:19 GMT
cache-control
no-store
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
IfgeMuCLLzQxHbtksFrVbz5q-zs9V4UpkIYoveXT1Aa8K6GaHlAuZw==
x-cache
Miss from cloudfront
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcEhf8ZAAAAAOfYkqlZkCElDMyttbwsNuxSFU69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://credcrea.gupy.io/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 17:12:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Aug 2025 17:12:56 GMT
anchor
www.google.com/recaptcha/api2/ Frame C1AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEhf8ZAAAAAOfYkqlZkCElDMyttbwsNuxSFU69&co=aHR0cHM6Ly9jcmVkY3JlYS5ndXB5LmlvOjQ0Mw..&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&cb=325r59vqxm0o
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g9bosraebIJxdk2sGd0_8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g9bosraebIJxdk2sGd0_8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Aug 2024 18:17:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
summary
private-api.gupy.io/v2/career-pages/credcrea/company/ 		340 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://private-api.gupy.io/v2/career-pages/credcrea/company/summary
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.54.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-54-1.compute-1.amazonaws.com
Software
/
Resource Hash
e4ae1941da0e77717656f934b234e42228e4698e3500652c730f9aa87d63dc0d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 23 Aug 2024 18:17:20 GMT
content-security-policy
default-src 'none'
referrer-policy
no-referrer
x-content-type-options
nosniff
x-frame-options
DENY
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
https://credcrea.gupy.io
access-control-allow-credentials
true
permissions-policy
fullscreen=(), geolocation=(), camera()
access-control-allow-headers
Authorization,Origin,X-Requested-With,Content-Type,Accept,company_key_auth,candidate_key,admin_key,fulltext
content-length
340
summary
private-api.gupy.io/v2/career-pages/credcrea/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://private-api.gupy.io/v2/career-pages/credcrea/company/summary
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.54.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-54-1.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://credcrea.gupy.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Origin,X-Requested-With,Content-Type,Accept,company_key_auth,candidate_key,admin_key,fulltext
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
access-control-allow-origin
https://credcrea.gupy.io
content-security-policy
default-src 'none'
date
Fri, 23 Aug 2024 18:17:20 GMT
permissions-policy
fullscreen=(), geolocation=(), camera()
referrer-policy
no-referrer
x-content-type-options
nosniff
x-frame-options
DENY
0mpM21114111.html
cdn.privacytools.com.br/public_api/banner/pop/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacytools.com.br/public_api/banner/pop/0mpM21114111.html?t=1&m=0&c=1,724,339,078,144
Requested by
Host: cdn.privacytools.com.br
URL: https://cdn.privacytools.com.br/public_api/banner/script/bottom/0mpM21114111.js?t=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45415de4c11a3a471a0d4f8b32af10a7f652f3e3e534d28b7827aa40a331cb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"Thu Aug 22 12:04:41 GMT-03:00 2024"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LspeXoLt%2F8j3S4igPXiMtxmnsNSEjWeY56B9xpXKmk%2Fff5Ks00t8VGu%2B4b3mwdb8EyKr47inBcJkUwUE3eLJ8n0yvJJwRZCwNd7em%2BPDtg3CZifUqw3NYBh3yksWDRsRg1KFtq0RCpXM"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-robots-tag
noindex
cf-ray
8b7d19508bed3649-FRA
alt-svc
h3=":443"; ma=86400
favicon-32x32.png
credcrea.gupy.io/companies/images/new-favicon/ 		2 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://credcrea.gupy.io/companies/images/new-favicon/favicon-32x32.png?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-44.zrh55.r.cloudfront.net
Software
/
Resource Hash
33fe98d643053bd5d459a0112065a64c7888aa34f169f96105ce26752465a22d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://credcrea.gupy.io/candidates/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
date
Fri, 23 Aug 2024 18:17:21 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
content-length
1675
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 23 Aug 2024 16:45:07 GMT
etag
"66c8bc93-68b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public,max-age=2592000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(self), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(self), trust-token-redemption=(self), vertical-scroll=(self)
accept-ranges
bytes
x-amz-cf-id
_czVZKa7odcMNTnBTRYWiiwDEe51G8XCWYcj2oqgCaD3BXjIIXvCbA==
proxy
unleash-proxy-production.api.tools.gupy.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy?environment=production&appName=ats-candidates&companyId=1979
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://credcrea.gupy.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Access-Control-Max-Age
172800
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Aug 2024 18:17:21 GMT
Vary
Access-Control-Request-Headers
access-control-allow-headers
authorization,content-type,if-none-match
proxy
unleash-proxy-production.api.tools.gupy.io/ 		29 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy?environment=production&appName=ats-candidates&companyId=1979
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash
57b3905a015a9a097f0f0fa4c90d45bcef3b00d0020ee66083d12b506c2ee0ea

Request headers

Accept
application/json
Referer
https://credcrea.gupy.io/
If-None-Match
W/"6324-c2zdCvpkKcQoevCM/oQjL5k6Uoo"
Authorization
a7f1ca58d22d929f08520a8cd6a170cd675a69c62098e97fa9d747d0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 23 Aug 2024 18:17:21 GMT
Content-Encoding
gzip
ETag
W/"751a-XdUcvjq56/N0svl5I4oRCeuUzAU"
Vary
Accept-Encoding
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-control
public, max-age=2
Connection
keep-alive
2024-01-19_18-29_companyLogoUrl.png
attachments.gupy.io/production/companies/1979/career/3895/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://attachments.gupy.io/production/companies/1979/career/3895/images/2024-01-19_18-29_companyLogoUrl.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.190.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-190-107.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4be84724b2211e31602ed29046362e1ab8a0da927754c81451808ff30c6a361d

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 18:17:22 GMT
via
1.1 38e6d5d4bf1ff4c61fe7860d1fe50b94.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 18:29:38 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P2
etag
"2b1015d1b2009f119ab243114a35d87a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25664
x-amz-cf-id
PrD2tK7mj7-J-UuABu9zeyCeNClVGbLAsEcgo6_r_88tqYovcyoF_A==
Inter-Bold.ttf
front-statics-fonts.gupy.io/ 		309 KB
309 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://front-statics-fonts.gupy.io/Inter-Bold.ttf
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/css/main.401e872a.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.190.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-190-33.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
790c108befe859dac2ddbd20af3fbb6917c601b3d544c8a05761519f3b5508fe

Request headers

Referer
https://gupy.gupy.io/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 10:46:01 GMT
via
1.1 38e6d5d4bf1ff4c61fe7860d1fe50b94.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 16:56:03 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P2
age
27144
x-amz-server-side-encryption
AES256
etag
"275bfea5dc74c33f51916fee80feae67"
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
316100
x-amz-cf-id
D698YDRBibm6eXuaVrxxS5EMgoaiNfMorr-ivWv1qR39UDf3LEI5KQ==
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Lato:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://credcrea.gupy.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 13:58:37 GMT
x-content-type-options
nosniff
age
274724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 13:58:37 GMT
metrics
unleash-proxy-production.api.tools.gupy.io/proxy/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy/client/metrics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://credcrea.gupy.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Access-Control-Max-Age
172800
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Aug 2024 18:17:21 GMT
Vary
Access-Control-Request-Headers
access-control-allow-headers
authorization,content-type
metrics
unleash-proxy-production.api.tools.gupy.io/proxy/client/ 		2 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://unleash-proxy-production.api.tools.gupy.io/proxy/client/metrics
Requested by
Host: gupy.gupy.io
URL: https://gupy.gupy.io/candidates/static/js/2.bcc03708.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-28-62.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json
Referer
https://credcrea.gupy.io/
Authorization
a7f1ca58d22d929f08520a8cd6a170cd675a69c62098e97fa9d747d0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 23 Aug 2024 18:17:21 GMT
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Connection
keep-alive
Content-Length
2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-0M1NYZV48Q&gtm=45je48l0v9116503724za200zb9187793223&_p=1724437037519&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1266363276.1724437038&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&sid=1724437038&sct=1&seg=1&dl=https%3A%2F%2Fcredcrea.gupy.io%2Fcandidates%2Fapplications%2F475264132&dt=Gupy&_s=5&tfd=8290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-0M1NYZV48Q&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://credcrea.gupy.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 23 Aug 2024 18:17:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://credcrea.gupy.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer function| parcelRequiref74b number| __sc-data-styled__ function| HT object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| beamer_config function| hj object| _hjSettings object| webpackJsonp object| FB object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| __buffer function| clearImmediate function| setImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ function| filterCSS function| filterXSS function| QuillImageDropAndPaste function| gtag object| _eraseCookies string| lastCookies object| _authorized_cookies function| _loadAutoBlockV2 function| changeCookiesLoop function| getUrlFromCookiePTS function| checkBlockedPTS function| checkBlockedExternalPTS function| blockFirefoxPTS function| removejscssfile function| blockOthersPTS function| forceRemoveCookie function| eraseCookieFromAllPaths function| checkToggleTypePTS object| eraserScriptList object| blockList function| autoBlockPTS function| updateScript function| includesIn function| getCookieValueByNamePTS object| pToolsCookieManager function| addBeforeScriptExecuteListener function| removeBeforeScriptExecuteListener function| initAutoBlock function| onbeforescriptexecute function| dcf876 function| blockOrExecuteCookiesInit function| blockOrExecuteCookies function| blockOrExecuteCookiesGeneric function| handleExecuteScript51 function| sendTransaction43875 function| disableAllCookies string| gtmEnabled function| enableAllCookies function| changeStatus_7859 function| closeConsent function| replaceAllPv function| acceptedAllPreferences string| pvtReloadPage function| overlayT2345Save function| clsBannerPrefFromAcceptAll function| overlayT2345 function| overlayT2345Preference function| overlayT2345SaveMobile function| acceptOrRejectGroup function| acceptOrRejectCookie function| doNotSell function| removeClassByGroup function| clearSelection function| isSelectedItem function| readGroupContent function| maZeckTheKing function| checkAllChildzz78 function| fetchHtmlAsText function| z400lp function| deleteAllCookies function| insertCustomStyle function| exec_gtm boolean| _isAutoblock function| lpf234 function| checkedDomain function| resetCookiesPreference function| clsBnnerAll function| clsBnner function| checkExpiredTimePrv function| clsBnnerPref number| verifyCloseConsent function| doReloadAutoBlockPTS function| shmTCdPrvTzu function| createCookiePrvt function| getOnClickByAddEventListenerAndRemove function| getOnClickByAddEventListenerAndRemovePreference function| getOnChangeByAddEventListenerAndRemovePreference function| handleAddEventListenerAndRemoveOnClick function| handleAddEventListenerAndRemoveChange object| ElementBanner object| cookieconsent function| portalBanner object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_648130

3 Cookies

Domain/Path Name / Value
credcrea.gupy.io/ Name: candidate_redirect_url
Value: %7B%22pathname%22%3A%22%2Fcandidates%2Fapplications%2F475264132%22%2C%22search%22%3A%22%22%2C%22hash%22%3A%22%22%7D
.gupy.io/ Name: last_candidate_auth_subdomain
Value: credcrea
.gupy.io/ Name: gupy_locale
Value: en

20 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security error URL: https://credcrea.gupy.io/candidates/applications/475264132
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://credcrea.gupy.io/candidates/applications/475264132
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://cdnjs.cloudflare.com/polyfill/v2/polyfill.min.js?features=Intl.~locale.en,Intl.~locale.es,Intl.~locale.pt' with computed SHA-384 integrity '1VSQy5k+QwdaUkm5HnEi7c51pl417Wh8qB0FK/9YT1nYBm9yJtOGe271k0a1Oi2C'. The resource has been blocked.
security error URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js(Line 291)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js(Line 83)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js(Line 83)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.gupy.io *.circle.so *.googleapis.com *.google.com s3.amazonaws.com *.zdassets.com static.zdassets.com *.unpkg.com *.chameleon.io; connect-src 'self' blob: 'self' *.gupy.io data: gap: *; font-src 'self' data: *.gupy.io *.gstatic.com use.typekit.net *.s3.amazonaws.com *.hotjar.com *.cloudflare.com *.abtasty.com *.googletagmanager.com *.zdassets.com *.sentry.io *.unpkg.com *.bootstrapcdn.com *.chameleon.io; frame-src 'self' *.hotjar.com *.googletagmanager.com *.zdassets.com *.unpkg.com *.sentry.io cookies.pn.vg www.youtube.com *.getbeamer.com *.gupy.io *.circle.so *.google.com youtu.be *.hubspotusercontent40.net *.abtasty.com blob: *.gupy.io *.facebook.com *.twitter.com *.chameleon.io *.linkedin.com; img-src 'self' *.chameleon.io blob: 'self' *.gupy.io data: *; object-src 'none'; prefetch-src 'self' *.gupy.io *.googleapis.com *.google.com *.abtasty.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.gupy.io *.circle.so *.google.com *.google-analytics.com *.hotjar.com *.getbeamer.com *.googleapis.com *.gstatic.com *.pn.vg cdn.polyfill.io cdn.jsdelivr.net *.abtasty.com *.segment.com *.mxpnl.com *.heapanalytics.com *.cloudfront.net d20clgtym3ccfj.cloudfront.net d3vjfyimxh8b5g.cloudfront.net cdn.cookielaw.org *.googletagmanager.com *.unpkg.com unpkg.com *.sentry.com *.zdassets.com static.zdassets.com *.googleoptimize.com *.facebook.net *.handtalk.me *.linkedin.com *.twitter.com *.jquery.com *.cloudflare.com *.chameleon.io cdn.privacytools.com.br; style-src 'self' 'unsafe-inline' blob: *.googleapis.com *.gupy.io *.getbeamer.com *.abtasty.com cdn.cookielaw.org *.cloudflare.com *.bootstrapcdn.com cdn.privacytools.com.br; media-src 'self' blob: *.zdassets.com *.amazonaws.com;frame-ancestors 'self' gupy.com.br gupy.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attachments.gupy.io
cdn.privacytools.com.br
cdnjs.cloudflare.com
connect.facebook.net
credcrea.gupy.io
email.gupy.com.br
fonts.googleapis.com
fonts.gstatic.com
front-statics-fonts.gupy.io
gupy.gupy.io
plugin.handtalk.me
private-api.gupy.io
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
unleash-proxy-production.api.tools.gupy.io
vc.hotjar.io
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.33.187.74
142.250.181.227
142.250.184.200
142.250.186.132
157.240.0.6
172.67.74.112
18.165.183.44
18.66.102.51
18.66.112.110
2001:4860:4802:32::36
216.239.34.36
2606:4700:3037::ac43:a2c5
2606:4700::6811:190e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
3.165.190.107
3.165.190.33
34.102.239.211
52.202.54.1
54.152.28.62
0219cf89e9788216b4ef3b8a6c54c22143eff5a539297b5a1ba36d67d191ef11
0a61fece32fa5507abadd0788d1230d92a5b13faa0a6610601d4709f82315b72
0dc53582e551fde9ba628f6b1179644f58e0a5e9ae24e4afd77c1e82669e2330
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
1ac670f38d781e138efbd17640634d1072220171726c67be698731d9cdcc0816
2c4887b76dbf7bd7026d40861f30b3c3af1b4290939c8620bc79bd3775f61367
2eb1a7304659a735a37613bb287be882e7fdd77697341c5b2c07acb6b8eb5bcb
33fe98d643053bd5d459a0112065a64c7888aa34f169f96105ce26752465a22d
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3d33bf39fc2a372b4cf44ea7be5a7d21d2e4b058e70681a8517327619a6ec217
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8
45415de4c11a3a471a0d4f8b32af10a7f652f3e3e534d28b7827aa40a331cb64
4be84724b2211e31602ed29046362e1ab8a0da927754c81451808ff30c6a361d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b3905a015a9a097f0f0fa4c90d45bcef3b00d0020ee66083d12b506c2ee0ea
68d513be7d439fd374aa3f4a86359ceaf9095b0550dd393127e9c841ec852f5a
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
790c108befe859dac2ddbd20af3fbb6917c601b3d544c8a05761519f3b5508fe
8a3cc39e5bc76add1e3b3b3d65c8845e91b99ca6588d3dca1bada649f50f7b05
8d7f24423ac7d1da9cc129ce824111e2bc6c93e60aa33c950366f3e8092573da
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a5f5abda98be4b5fb3a2e53067548241021a07081ede269a1968ee52f13dd83b
a73f47aa671f7c197c1e9851c0f0e9e9eb04c16a265d543b95f3fa56b37b0115
a75ef88b23e86b1de7dfa0f684239aea8fbf6ea08181d39383b697dc112f6a16
ace2ff584454166e6fb7162b3543818c7eb738731507ab5e85e7a27f55d2be56
ba2929444463931e86d2feb314bb992a9d123a62d3c0d033ec473de87b0bf354
bd1fb96ea48b90dac807006fe28a1edcd58ec31560c14ff97a7188de38afdf78
be8bfbc1c04a7995b4544b6e7d2304e3b33ab2fde600ab00bbf881e18652e79a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ae1941da0e77717656f934b234e42228e4698e3500652c730f9aa87d63dc0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef841ee9124a6597a662f0ec01e4baab6379d36c23e692ada3eefba677354c17
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f9e55ad1a4389c2a08f006013a0985b2cbfb88beaf566bc0a8f5a30291fe3b84