parceiro.financiamento.ai Open in urlscan Pro
54.94.61.130 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://parceiro.financiamento.ai/login
Submission: On January 11 via api (January 11th 2024, 3:54:38 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 72 HTTP transactions. The main IP is 54.94.61.130, located in São Paulo, Brazil and belongs to AMAZON-02, US. The main domain is parceiro.financiamento.ai.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 24th 2023. Valid for: a year.

This is the only time parceiro.financiamento.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	54.94.61.130 54.94.61.130	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.191.44 52.222.191.44	16509 (AMAZON-02) (AMAZON-02)
6	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	18.155.153.42 18.155.153.42	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1492	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:b084	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
72	23

22 54.94.61.130 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

parceiro.financiamento.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.191.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-44.ham50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.153.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-42.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1492 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:b084 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.creditas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	financiamento.ai parceiro.financiamento.ai	431 KB
13	google.com accounts.google.com — Cisco Umbrella Rank: 65 apis.google.com — Cisco Umbrella Rank: 255 www.google.com — Cisco Umbrella Rank: 6	279 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	491 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 2979	46 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778 px4.ads.linkedin.com — Cisco Umbrella Rank: 7294	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	262 KB
2	creditas.com assets.creditas.com	86 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	69 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	91 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1877	16 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	59 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 3722	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	746 B
72	17

	Domain	Requested by
22	parceiro.financiamento.ai	parceiro.financiamento.ai
6	www.google.com	parceiro.financiamento.ai www.gstatic.com www.google.com
6	cdn.segment.com	parceiro.financiamento.ai cdn.segment.com
5	www.gstatic.com	www.google.com www.gstatic.com accounts.google.com
4	accounts.google.com	parceiro.financiamento.ai apis.google.com www.gstatic.com
3	www.googletagmanager.com	parceiro.financiamento.ai www.googleoptimize.com
3	apis.google.com	parceiro.financiamento.ai apis.google.com
2	fonts.gstatic.com	www.google.com
2	assets.creditas.com	parceiro.financiamento.ai
2	www.youtube.com	parceiro.financiamento.ai www.youtube.com
2	www.google.de	parceiro.financiamento.ai
2	px.ads.linkedin.com	1 redirects parceiro.financiamento.ai
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	parceiro.financiamento.ai
1	px4.ads.linkedin.com	parceiro.financiamento.ai
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	parceiro.financiamento.ai
1	www.googleoptimize.com	parceiro.financiamento.ai
1	fonts.googleapis.com	parceiro.financiamento.ai
72	23

This site contains links to these domains. Also see Links.

Domain
www.creditas.com

Subject Issuer	Validity	Valid
financiamento.ai Amazon RSA 2048 M03	`2023-10-24` - `2024-11-21`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-20` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://parceiro.financiamento.ai/login
Frame ID: 999B5BB5B819ADA9E16B943A54B0B2EF
Requests: 61 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 1AC1217784D334B2DBCEC80C753EA7B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKgSElAAAAANE8M4p3HWvxUMmhQqwRd0-7LYD2&co=aHR0cHM6Ly9wYXJjZWlyby5maW5hbmNpYW1lbnRvLmFpOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=5461qnbbhq1
Frame ID: 1ACC6AC644D5D5E99768A00AB5544681
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Creditas

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js
accounts\.google\.com/gsi/client

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

99 %
HTTPS

78 %
IPv6

17
Domains

23
Subdomains

23
IPs

4
Countries

1905 kB
Transfer

5431 kB
Size

40
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creditas.com/legal/termos-condicoes
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://www.creditas.com/legal/politica-privacidade
Title: Política de privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&e_ipv6=AQLp7X-30KC8JQAAAYz5O3coHgoZxGe5tQQEAHD6XwCHDgnhgFhMkv13DODvIGbd0-ApfaNk

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
parceiro.financiamento.ai/ 87 KB
20 KB 834ms
399ms Document
text/html 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

b03ea2079cabbbd1d06761a124300f6e3137059d863f5a3ddf3f566fec3551e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 15:54:32 GMT
etag: "15b70-QmogI7gfjBIY9VdwCU5WJ45eneY"
referrer-policy: no-referrer
server: nginx/1.17.10
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 186ms
76ms Script
application/javascript 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1759dae8b5a6386ccf52c000efefe03e3b568dbeec6524f8d4801cbd4762bce

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-RfQ3dU931yFe3Ol1n5CO0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-RfQ3dU931yFe3Ol1n5CO0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 11 Jan 2024 15:54:32 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 175ms
66ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 15:54:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "744e1fa93653e48f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:54:32 GMT

GET
H2 200 runtime.9c21f9f.js Show response
parceiro.financiamento.ai/dist/ 7 KB
4 KB 202ms
202ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

aa770fe160a4482cff1df8b543df407d2e4bc7f6b763ea786de017463a93022c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"1c02-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 login.9341c97.js Show response
parceiro.financiamento.ai/dist/pages/ 671 B
818 B 201ms
201ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/pages/login.9341c97.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

c90b091dab0c0c6ed5ba1b9867815c4237dd0f7ea3334647fd04495c501a2a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"29f-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 app.9232e88.js Show response
parceiro.financiamento.ai/dist/commons/ 239 KB
82 KB 209ms
208ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/commons/app.9232e88.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

f4c21f2c97af0b71a29ad3f427d66a6e26606a3c83751b3588346a1c67e8d542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"3bc73-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 vendors~app.1e9e00d.js Show response
parceiro.financiamento.ai/dist/ 565 KB
166 KB 394ms
393ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/vendors~app.1e9e00d.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

a115f1a382fd4c5bf14fb515cb6e1de11f4159ffee8169b363f561b41103ca4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"8d3bd-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 app.7a4978b.js Show response
parceiro.financiamento.ai/dist/ 244 KB
56 KB 406ms
405ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/app.7a4978b.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

529c9d6f0823cb193909a37442bc57955741a20ab0499bcb2df3da103fc13f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"3cebc-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
746 B 171ms
62ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 11 Jan 2024 15:54:32 GMT

GET
H2 200 track.js Show response
parceiro.financiamento.ai/js/ 7 KB
3 KB 208ms
207ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/js/track.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ac9a2bf39fd2d0f98188523ca93c762cc33111ddeaf6e09640305aed3d2ab4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 01 Jun 2023 14:58:17 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"1d51-18877777328"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 hotjar.js Show response
parceiro.financiamento.ai/js/ 356 B
642 B 206ms
205ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/js/hotjar.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

a06d84af2d1e086fe4eade63edc992760a70016fcb41c147297bc01023ee5d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 03 Nov 2022 12:58:13 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"164-1843d920e88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 segment.js Show response
parceiro.financiamento.ai/js/ 1 KB
1 KB 207ms
206ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/js/segment.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

6a62405fd3388b7d1451392bbc3aaeaf21aa5efd92c9757d280ad1311b26f72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 30 Aug 2023 20:23:12 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"52b-18a481d4380"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 129 KB
50 KB 197ms
61ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5PZH52D

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb84315b4eceeb24823790156d0d67c6824c547e045dd71b4964ab180a0639b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50621
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 15:54:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
90 KB 180ms
72ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9H39TQ

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10fe300803d945bb90515887a259867e28ed84ef2759941d3d5e863adb6606dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91640
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 15:54:32 GMT

GET
H2 200 hotjar-3218219.js Show response
static.hotjar.com/c/ 9 KB
4 KB 78ms
51ms Script
application/javascript 52.222.191.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3218219.js?sv=6

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/js/hotjar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.191.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-191-44.ham50.r.cloudfront.net

Software

Resource Hash

eb640d6162459dddade256c3211bc43f99233d48802c502b76e7f7d4c6b57091

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55546.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
etag: W/595560af200cd9f4a8aa4e4f9774af95
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vwWmRepsoamOOTdLIbVkadmNi3GuGLnOAlR6uBNosiuZKomaQYyGfA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/ 108 KB
31 KB 200ms
173ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/analytics.min.js
Requested by: Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/js/segment.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72a7097b76d6bc81da128911ac837d41784bf6ea7425563b951bbcf3c1311bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: 5biBBF_dc7b4YvUwDsCkTEUmYMrSfPLc
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 15:54:33 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 19:35:43 GMT
server: AmazonS3
etag: W/"0134a7da47cd0522ecac3d656b373f27"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: NkVm7QqQ_sghBo2AtjjdSdKTvIR6pHq6Og67pFmFerXFtoULG312NQ==

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 40ms
14ms Script
application/javascript 18.155.153.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3218219.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.153.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-153-42.ham50.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 55e88467535621ef2872d6bda4cd68d4.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P2
age: 278186
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7b1lm09fQT72dodwesVsh597_YOcQthTrHmU4vGTRjhuC__A0Y8bDg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
785 B 47ms
10ms Script
application/javascript 2a02:26f0:3500:16::215:1492
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9H39TQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 10:26:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=58027
accept-ranges: bytes
content-length: 575

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 171ms
51ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9H39TQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 15:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 376
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jan 2024 17:48:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/695228949/ 3 KB
2 KB 202ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/695228949/?random=1704988472885&cv=11&fst=1704988472885&bg=ffffff&guid=ON&async=1&gtm=45He4180v813163683&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&hn=www.googleadservices.com&frm=0&tiba=Login%20%7C%20Creditas&auid=431760343.1704988473&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9H39TQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a04bb9b9152115031464d39ea21e71a2485df070fcb4358ecbdbb3ae525d653d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9H39TQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jan 2024 15:54:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: y+VIK1NQ7pExksLkux2ypHWCpThe9MHQPPSpl5Lbd1xnTWNS7Ja8v13I6T1s33nuYOY3XMG8b8+swEKrcMYBaA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 15ms
15ms Script
application/javascript 2a02:26f0:3500:16::215:1492
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d1e1d35266bfd3d12aaf706c3b1d27ff1b003225632f01b8acd1aaa03aa3e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Jan 2024 10:26:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=58173
accept-ranges: bytes
content-length: 15726

GET
H2 200 302181824495073 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/302181824495073?v=2.9.139&r=stable&domain=parceiro.financiamento.ai

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f9672a6b7ccfaeb45fd231aa15a2e44d7527d076cb8e2ef0299f55c4059d8ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jan 2024 15:54:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36910
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Q3Sm03pauFCBWNZEPpSuLrOF0Ux4BQIxpPVjsO/md0eYdv5yUPPOPO41Q6TtKzJVIBuj0bBeE0fLIMfZzrVb/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&e_ipv6=AQLp7X-30KC8JQAAAYz5O3coHgoZxGe5tQQEAHD6XwCHDgnhgFhMkv13DOD...

0
264 B

173ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&e_ipv6=AQLp7X-30KC8JQAAAYz5O3coHgoZxGe5tQQEAHD6XwCHDgnhgFhMkv13DODvIGbd0-ApfaNk
Requested by: Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1E7A50923D24419B92DAFBB31A924625 Ref B: FRAEDGE1412 Ref C: 2024-01-11T15:54:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOrZBMHADFhc0xVYE5dg==

Redirect headers

date: Thu, 11 Jan 2024 15:54:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EE6336BBD60F4585AB87FB4658655596 Ref B: FRAEDGE1415 Ref C: 2024-01-11T15:54:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2553801&time=1704988472981&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&e_ipv6=AQLp7X-30KC8JQAAAYz5O3coHgoZxGe5tQQEAHD6XwCHDgnhgFhMkv13DODvIGbd0-ApfaNk
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOrZBIr/yCBxXKiM8dBA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=302181824495073&ev=PageView&dl=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&rl=&if=false&ts=1704988472989&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1704988472988.383765862&cs_est=true&ler=empty&it=1704988472968&coo=false&tm=1&rqm=GET

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jan 2024 15:54:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/ 1 KB
1 KB 26ms
11ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a5df127507c0068c42ee0c198c6cf37c71b20fda96b50b10ae317f90b3b6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: dHPVyoujL_d74D9I5Mj.C2zt.X7XtN3L
content-encoding: br
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 15:54:33 GMT
x-amz-cf-pop: FRA6-C1
age: 3834
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 10 Jan 2024 15:35:23 GMT
server: AmazonS3
etag: W/"35e99bbb351c3c89a952978bf0378600"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: Gn1FHZBpBCsILN2gTFJrcUEyW5_odblg2tlineR6Nk3okp5Kr80ceA==

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 7ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 4907166
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: OhBkpinNFB8883P1LJKSBu1CFY1_2Og1eYAzNx3Jy0vEu9O9rGavwg==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 7ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 05 Dec 2023 16:42:23 GMT
x-amz-version-id: ImHr9JVwNOQx3sB3unWxqI5ddwoeSEnO
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3193931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 01 Dec 2023 20:22:01 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: cEb8zw3u9UjTLQNy6Wz1_qXASKSJUW4TrK7XbuOt_ct8cJm3zhD9xA==

GET
H2 200 0c44686d70aae66313c8.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
3 KB 7ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/0c44686d70aae66313c8.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/KcqAwX21D7DbWVxfOE3xmmk8tUIS8i91/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38466bafcfaeda001f4aa7af264063c6dc9405a67e37620f17ff76b236f27686

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: 5JR_KQyx6FWeqsUDF.SC7_xBk8mVzkn1
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Wed, 10 Jan 2024 21:52:26 GMT
x-amz-cf-pop: FRA6-C1
age: 64928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 18:05:03 GMT
server: AmazonS3
etag: W/"79a458fe923c87393aa5b8a9021752e2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: l7HrJrgoS3YuSqIFawPoS1gyc5OU_BreuRAMFVn31xH3ezrl5CaTuw==

GET
H2 200 909319ad4a6af2ed4035.js Show response
cdn.segment.com/next-integrations/actions/962/ 23 KB
8 KB 7ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/962/909319ad4a6af2ed4035.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/0c44686d70aae66313c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7396c24669e903f8202195977c62813a08f0bb03adb5a659c94fecc2b004faa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: xD7SFEWU4Nqh9KJOh_zZwn6Q9BOetku2
content-encoding: br
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 00:15:40 GMT
x-amz-cf-pop: FRA6-C1
age: 56334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 18:05:02 GMT
server: AmazonS3
etag: W/"101f39da98a100976587dadb132581e0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: YFVUX5pZ4pR7mcivxamRX_-9D2OXwrGsL5QhSJ6ZlDo8b_Z-lH4nQQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 58ms
58ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=681093029&t=pageview&_s=1&dl=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20Creditas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=916328004&gjid=217381926&cid=1183180021.1704988473&tid=UA-136771565-2&_gid=1018306632.1704988473&_r=1&_slc=1&gtm=45He4180n81N9H39TQv813163683&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=654270719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://parceiro.financiamento.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/695228949/ 42 B
455 B 208ms
99ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/695228949/?random=1704988472885&cv=11&fst=1704985200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v813163683&u_w=1600&u_h=1200&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&frm=0&tiba=Login%20%7C%20Creditas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_NFy0cCERDh5zcyLHh3iwz3O60dnZXw&random=1257877484&rmt_tld=0&ipr=y

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/695228949/ 42 B
455 B 174ms
63ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/695228949/?random=1704988472885&cv=11&fst=1704985200000&bg=ffffff&guid=ON&async=1&gtm=45He4180v813163683&u_w=1600&u_h=1200&url=https%3A%2F%2Fparceiro.financiamento.ai%2Flogin&frm=0&tiba=Login%20%7C%20Creditas&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_NFy0cCERDh5zcyLHh3iwz3O60dnZXw&random=1257877484&rmt_tld=1&ipr=y

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 156ms
52ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136771565-2&cid=1183180021.1704988473&jid=916328004&gjid=217381926&_gid=1018306632.1704988473&_u=YEBAAEAAAAAAACAAI~&z=824369430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 11 Jan 2024 15:54:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://parceiro.financiamento.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 85ms
84ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-136771565-2&cid=1183180021.1704988473&jid=916328004&_u=YEBAAEAAAAAAACAAI~&z=78052979

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
78ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-136771565-2&cid=1183180021.1704988473&jid=916328004&_u=YEBAAEAAAAAAACAAI~&z=78052979

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:54:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
751 B 61ms
60ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/vendors~app.1e9e00d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74b18b4e406d5d80ecd4a316e4ff7895345f25a91ba8174bb97f77d66d379fc6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
85 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2QEN0QN63&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-5PZH52D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc9b397a9b4dd9e324a790959360120b15287d7fcb6ed9a5061563bf22be9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87307
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
86 KB 108ms
108ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2QEN0QN63&l=dataLayer

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/vendors~app.1e9e00d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

089794f47a31045c7aef4921cd20e48d39c270867b08c760aab7f39d90841660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 184ms
74ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/vendors~app.1e9e00d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f77b13b209813da09a0d1af63b7bb71129c58e0b3b29174844ab7e210e2284fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H2 200 Loading.35b6f32.js Show response
parceiro.financiamento.ai/dist/commons/ 9 KB
4 KB 204ms
203ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/commons/Loading.35b6f32.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

f3932541989ec5fc026de5a89bf39bf7a56be401aada844fc187d0642b338cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"235c-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 Loading~financiamento.comprador.8a431b9.js Show response
parceiro.financiamento.ai/dist/commons/ 70 KB
19 KB 206ms
206ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/commons/Loading~financiamento.comprador.8a431b9.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

c02838382b99fe2621213d0fabb51018ca7e18b537dfcab600650aa94d58e183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"117b9-18c115826d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 Loading~financiamento.banco.ed0c76a.js Show response
parceiro.financiamento.ai/dist/commons/ 25 KB
6 KB 205ms
204ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/commons/Loading~financiamento.banco.ed0c76a.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

211387ad0da0b2c29fd0f91b6c2b0d0352115c513e1064ade5a2cfbed7a91277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"6526-18c115826d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 Loading.88f88e2.js Show response
parceiro.financiamento.ai/dist/ 99 KB
20 KB 207ms
207ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/Loading.88f88e2.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

3db3610bb37506bb17a553b92792495863805609d163428998a150831ef8c750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"18ab8-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 163ms
163ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/vendors~app.1e9e00d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jan 2024 15:54:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DA1CB1510B264C6CA5CF9B2099A7349F Ref B: FRAEDGE1415 Ref C: 2024-01-11T15:54:33Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://parceiro.financiamento.ai
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYOrZBPTuAvRT0sSml8aQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 162ms
53ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://parceiro.financiamento.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jan 2024 13:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 13:47:17 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8c0b101b/www-widgetapi.vflset/ 216 KB
67 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8c0b101b/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f473716e417dc3586218a3653a3fb43b5f8fa215dd0e5116bfd03300dc533d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 14:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68622
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 02:47:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Jan 2025 14:43:31 GMT

GET
H2 200 headerComponent.7109928.js Show response
parceiro.financiamento.ai/dist/ 36 KB
8 KB 204ms
203ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/headerComponent.7109928.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

4320f040cbe116f8a5587377345eecdae6559359b6274801b00dd7b3de4df4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"9173-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 CardLogin.26d0d00.js Show response
parceiro.financiamento.ai/dist/ 1 KB
1 KB 202ms
202ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/CardLogin.26d0d00.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ae3c88766b3ee71917c49d338c199860d548a7106b3989994fd870125a74fcce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"4fd-18c115826d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
79 KB 77ms
76ms Script
application/javascript 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/Loading.88f88e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f5a65cb62f4aaf69d0f7cd852acce01446ba483b560a5e5909df27584b7affb

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-vIbrdqEQvetx5pT2Gk9bcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'nonce-vIbrdqEQvetx5pT2Gk9bcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 119 KB
40 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85f21be5db07a2ea03381f9ba5f984d5fd971f4ceb3174957e8cb6f28949aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jan 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40961
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 09:56:45 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 1AC1 286 B
1 KB 1137ms
1136ms Document
text/html 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e94ad4692f12e11822e3674c13219be6c3e3f5c138a42daae9363ab76c6dbdf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'nonce-KqkYRcbOuU-vr48pVRKhQw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'nonce-KqkYRcbOuU-vr48pVRKhQw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:54:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1ACC 43 KB
27 KB 79ms
79ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKgSElAAAAANE8M4p3HWvxUMmhQqwRd0-7LYD2&co=aHR0cHM6Ly9wYXJjZWlyby5maW5hbmNpYW1lbnRvLmFpOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=5461qnbbhq1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38cc04578c85698515bcd2535a01a0c02d81410804609b6c9ee6d70cfad28aa6

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-foyTTFqFaSgqoLXeD2UY5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-foyTTFqFaSgqoLXeD2UY5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:54:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ButtonFloatOutline.3782191.js Show response
parceiro.financiamento.ai/dist/ 6 KB
2 KB 202ms
202ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/ButtonFloatOutline.3782191.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

379a724c7a5fab08367596cab9fa53916797d976ed0a2eb39d08a1355f7e1900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"181f-18c115826d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 kzBt.a2a174f.js Show response
parceiro.financiamento.ai/dist/ 6 KB
2 KB 203ms
203ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/kzBt.a2a174f.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

345824e961494b8ceecd8b1f38efa4a130eca53fb1bbe00b58879b0d23be340d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"195b-18c115826d8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 documentos.bbdad01.js Show response
parceiro.financiamento.ai/dist/commons/Icon/pages/financiamento/ 19 KB
7 KB 204ms
203ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/commons/Icon/pages/financiamento/documentos.bbdad01.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

3b7d1114d33b6eb76810d674d34404b295ae544307e4c9cf25920d0586f56ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"4b7d-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 Icon.f845a62.js Show response
parceiro.financiamento.ai/dist/ 11 KB
4 KB 203ms
203ms Script
application/javascript 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/Icon.f845a62.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/runtime.9c21f9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

396cbc8eb2220844206c05a485570bccf2f5b86a9962ac02362c270cfe561520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:14:00 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"2d85-18c11582ac0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaNowDisplay-Bold.woff2
assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/ 44 KB
44 KB 81ms
40ms Font
font/woff2 2606:4700::6813:b084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/HelveticaNowDisplay-Bold.woff2

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3024490ab64c971498d84a4cda13ea161085a9f7c1635ccc54a7112e844c40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://parceiro.financiamento.ai/
Origin: https://parceiro.financiamento.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 8V0R19VNJV8F7EEP
age: 611
alt-svc: h3=":443"; ma=86400
content-length: 45296
x-amz-id-2: AairUg0TSUjGQ4gBnK8TlnbOt24eB+oBrNQMQh5oTOtcRZHPJRfTk9mquDFUVLViTakswGZutdI=
last-modified: Tue, 21 Jun 2022 21:29:27 GMT
server: cloudflare
etag: "80f363cb60969fc7e5cffb72e13c7bdf"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 843e56c9d81c30f4-FRA
expires: Fri, 10 Jan 2025 15:54:33 GMT

GET
H2 200 HelveticaNowDisplay-Regular.woff2
assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/ 41 KB
41 KB 80ms
39ms Font
font/woff2 2606:4700::6813:b084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/HelveticaNowDisplay-Regular.woff2

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://parceiro.financiamento.ai/
Origin: https://parceiro.financiamento.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 8V0YYHJA22NCH9V2
age: 611
alt-svc: h3=":443"; ma=86400
content-length: 41644
x-amz-id-2: ZEwABHd16mQx2UbA/SlyXjoHgrufBVV0xv4xyaxv+IhtcVtjc8j3aodxlMRCuSxl6y4LKrFy9vQ=
last-modified: Tue, 21 Jun 2022 21:29:27 GMT
server: cloudflare
etag: "a308f4a646391c18a57ca2256c6c809f"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 843e56c9d81a30f4-FRA
expires: Fri, 10 Jan 2025 15:54:33 GMT

GET
H2 200 logo-creditas-horizontal-color.87b2d37.png
parceiro.financiamento.ai/dist/img/ 6 KB
7 KB 201ms
201ms Image
image/png 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parceiro.financiamento.ai/dist/img/logo-creditas-horizontal-color.87b2d37.png

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

fff3070ab0b29e5cd3e6fa0d8fc4200aee988104881cfee2ecbb712216483d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
etag: W/"18cc-18c115826d8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6348
x-xss-protection: 1; mode=block

GET
H3 200 platform.js Show response
apis.google.com/js/ 56 KB
21 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/dist/commons/app.9232e88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 15:54:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "744e1fa93653e48f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:54:33 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 1ACC 55 KB
24 KB 154ms
51ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKgSElAAAAANE8M4p3HWvxUMmhQqwRd0-7LYD2&co=aHR0cHM6Ly9wYXJjZWlyby5maW5hbmNpYW1lbnRvLmFpOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=5461qnbbhq1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 06:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 06:59:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 1ACC 506 KB
203 KB 180ms
77ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jan 2024 13:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 13:47:17 GMT

GET
H2 200 icomoon.f56fdeb.ttf
parceiro.financiamento.ai/dist/fonts/ 29 KB
15 KB 203ms
203ms Font
font/ttf 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://parceiro.financiamento.ai/dist/fonts/icomoon.f56fdeb.ttf

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ed5f99ff9f4568e1fa0a5c4f0e612b19e73f90f7847acefab4cdb7ac60888294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://parceiro.financiamento.ai/login
Origin: https://parceiro.financiamento.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"72f4-18c115826d8"
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 brand-google-color.790c2f6.svg
parceiro.financiamento.ai/dist/img/ 2 KB
1 KB 202ms
201ms Image
image/svg+xml 54.94.61.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://parceiro.financiamento.ai/dist/img/brand-google-color.790c2f6.svg

Requested by

Host: parceiro.financiamento.ai
URL: https://parceiro.financiamento.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.61.130 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-61-130.sa-east-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

a73078368e46305407fa0ba2022b4701aff63f33e990d86e3e4e097eac8c010a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 15:13:59 GMT
server: nginx/1.17.10
referrer-policy: no-referrer
etag: W/"872-18c115826d8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H3 200 lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js Show response
www.google.com/js/bg/ Frame 1ACC 17 KB
7 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKgSElAAAAANE8M4p3HWvxUMmhQqwRd0-7LYD2&co=aHR0cHM6Ly9wYXJjZWlyby5maW5hbmNpYW1lbnRvLmFpOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=5461qnbbhq1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 10 Jan 2024 07:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 07:13:38 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1ACC 2 KB
2 KB 51ms
51ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 244660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1ACC 10 KB
11 KB 168ms
59ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jan 2024 15:41:54 GMT
x-content-type-options: nosniff
age: 173560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 15:41:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1ACC 11 KB
11 KB 160ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 10 Jan 2024 11:45:12 GMT
x-content-type-options: nosniff
age: 101362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10788
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 11:45:12 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1ACC 102 B
135 B 61ms
61ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeKgSElAAAAANE8M4p3HWvxUMmhQqwRd0-7LYD2&co=aHR0cHM6Ly9wYXJjZWlyby5maW5hbmNpYW1lbnRvLmFpOjQ0Mw..&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=5461qnbbhq1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 15:54:34 GMT

GET
H3 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.zeLn2LGBcw4.es5.O/am=wA/d=1/rs=AOaEmlHb1tDeSbgjEhRNpB-uj2bbzPGX7g/ Frame 1AC1 107 KB
37 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.zeLn2LGBcw4.es5.O/am=wA/d=1/rs=AOaEmlHb1tDeSbgjEhRNpB-uj2bbzPGX7g/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7077b9d3e2063ed347fcd54d69295a478aecc2ba2af4467308854961cd2a5d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jan 2024 01:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37654
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 07:44:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 01:42:39 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 1AC1 49 B
92 B 80ms
80ms XHR
application/json 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fparceiro.financiamento.ai&client_id=418882600175-0aoucg9sra7rn2ld3upm5s1hab67mosv.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.zeLn2LGBcw4.es5.O/am=wA/d=1/rs=AOaEmlHb1tDeSbgjEhRNpB-uj2bbzPGX7g/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-9QcACqfn8t_4Z5S6W07I4g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 11 Jan 2024 15:54:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-9QcACqfn8t_4Z5S6W07I4g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self'
content-encoding: gzip
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 11 Jan 2024 16:54:34 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
parceiro.financiamento.ai/dist/commons/Icon/pages/financiamento	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/dist/commons	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/dist/pages	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/dist/fonts	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/dist/img	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/dist	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/js	1969-12-31 23:59:59	Name: Path Value: /
parceiro.financiamento.ai/	1969-12-31 23:59:59	Name: auth.strategy Value: local
parceiro.financiamento.ai/	1969-12-31 23:59:59	Name: kredito Value: true
parceiro.financiamento.ai/	1969-12-31 23:59:59	Name: brokeragency Value: parceiro.financiamento.ai
parceiro.financiamento.ai/	1969-12-31 23:59:59	Name: Path Value: /
.google.com/	1970-01-20 21:59:59	Name: NID Value: 511=g8XiLkgVTyWpdhxa_D444ntYQXlimafBOCYEkfiniw8LuYRTURrsY3SqymlrZGXHlkdINu_wTnhXta50Av_U5W5iPdJQqmMl5JP8ziyZm6ERWnAJ6lEwwB25O6TciPiLRqnP-vMXZa2gSjH1TBMOj1PQRGI0Ph1ds0Yc9xXjmD8
.financiamento.ai/	1970-01-20 19:46:04	Name: _gcl_au Value: 1.1.431760343.1704988473
.financiamento.ai/	1970-01-21 02:22:04	Name: _hjSessionUser_3218219 Value: eyJpZCI6ImVhMWFkMzI1LWQ3ZDYtNTRkZS05ZmMxLWI5N2YxNTVlOTMxMiIsImNyZWF0ZWQiOjE3MDQ5ODg0NzI5NTQsImV4aXN0aW5nIjpmYWxzZX0=
.financiamento.ai/	1970-01-20 17:36:30	Name: _hjFirstSeen Value: 1
.financiamento.ai/	1970-01-20 17:36:30	Name: _hjIncludedInSessionSample_3218219 Value: 0
.financiamento.ai/	1970-01-20 17:36:30	Name: _hjSession_3218219 Value: eyJpZCI6ImYxNWE4NzRmLWQ1OTItNDFiZC1iNDFjLTA1M2IxZTYxNWFiNSIsImMiOjE3MDQ5ODg0NzI5NTUsInMiOjAsInIiOjAsInNiIjowfQ==
.financiamento.ai/	1970-01-20 17:36:30	Name: _hjAbsoluteSessionInProgress Value: 0
.financiamento.ai/	1970-01-20 19:46:04	Name: _fbp Value: fb.1.1704988472988.383765862
.financiamento.ai/	1970-01-21 03:12:28	Name: _ga Value: GA1.2.1183180021.1704988473
.financiamento.ai/	1970-01-20 17:37:54	Name: _gid Value: GA1.2.1018306632.1704988473
.financiamento.ai/	1970-01-20 17:36:28	Name: _gat_UA-136771565-2 Value: 1
.doubleclick.net/	1970-01-20 17:36:29	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-21 02:22:04	Name: bcookie Value: "v=2&dfd0a15c-c21c-4623-8983-66905a8656b3"
.linkedin.com/	1970-01-20 21:55:40	Name: li_gc Value: MTswOzE3MDQ5ODg0NzM7MjswMjEDo2UBaO6yDCNHybykKs27/3jxohUsLP3aUtg9xb1B1w==
.linkedin.com/	1970-01-20 17:37:54	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2800:u=1:x=1:i=1704988473:t=1705074873:v=2:sig=AQGu2RBnK961p0t4T4DgZkaMnm7vrgSa"
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yJWTrVHROLA
.youtube.com/	1970-01-20 21:55:40	Name: VISITOR_INFO1_LIVE Value: cMz221SBLaY
.parceiro.financiamento.ai/	1970-01-21 03:12:28	Name: G_ENABLED_IDPS Value: google
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __media Value: direct
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __source Value: direct
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __campaign Value:
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __referrer Value:
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __keyword Value:
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __host Value: parceiro.financiamento.ai
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __enterlink Value: https://parceiro.financiamento.ai/login
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __googleid Value: 1183180021.1704988473
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __utmcontent Value:
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __user_uuid Value: k_lr9e46u5_35hbtiby40tiyh1oy6j6l
.parceiro.financiamento.ai/	1970-01-20 18:19:40	Name: __platform Value: mobile

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs(Line 186) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.creditas.com
cdn.segment.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
parceiro.financiamento.ai
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
13.107.42.14
18.155.153.42
2606:4700::6813:b084
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a00:1450:400c:c09::54
2a02:26f0:3500:16::215:1492
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.222.191.44
54.94.61.130
99.86.8.175
05a5df127507c0068c42ee0c198c6cf37c71b20fda96b50b10ae317f90b3b6d0
089794f47a31045c7aef4921cd20e48d39c270867b08c760aab7f39d90841660
10fe300803d945bb90515887a259867e28ed84ef2759941d3d5e863adb6606dc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
211387ad0da0b2c29fd0f91b6c2b0d0352115c513e1064ade5a2cfbed7a91277
345824e961494b8ceecd8b1f38efa4a130eca53fb1bbe00b58879b0d23be340d
379a724c7a5fab08367596cab9fa53916797d976ed0a2eb39d08a1355f7e1900
38466bafcfaeda001f4aa7af264063c6dc9405a67e37620f17ff76b236f27686
38cc04578c85698515bcd2535a01a0c02d81410804609b6c9ee6d70cfad28aa6
396cbc8eb2220844206c05a485570bccf2f5b86a9962ac02362c270cfe561520
3b7d1114d33b6eb76810d674d34404b295ae544307e4c9cf25920d0586f56ee7
3db3610bb37506bb17a553b92792495863805609d163428998a150831ef8c750
4320f040cbe116f8a5587377345eecdae6559359b6274801b00dd7b3de4df4d7
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4d1e1d35266bfd3d12aaf706c3b1d27ff1b003225632f01b8acd1aaa03aa3e34
529c9d6f0823cb193909a37442bc57955741a20ab0499bcb2df3da103fc13f87
5d6761121e36dada7b2cb2088e9749ddc66c64da9a262386e1e358c8dbbeeeeb
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
6a62405fd3388b7d1451392bbc3aaeaf21aa5efd92c9757d280ad1311b26f72e
7077b9d3e2063ed347fcd54d69295a478aecc2ba2af4467308854961cd2a5d8f
72a7097b76d6bc81da128911ac837d41784bf6ea7425563b951bbcf3c1311bbc
7396c24669e903f8202195977c62813a08f0bb03adb5a659c94fecc2b004faa1
74b18b4e406d5d80ecd4a316e4ff7895345f25a91ba8174bb97f77d66d379fc6
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7f9672a6b7ccfaeb45fd231aa15a2e44d7527d076cb8e2ef0299f55c4059d8ea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e94ad4692f12e11822e3674c13219be6c3e3f5c138a42daae9363ab76c6dbdf
8f5a65cb62f4aaf69d0f7cd852acce01446ba483b560a5e5909df27584b7affb
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7
a04bb9b9152115031464d39ea21e71a2485df070fcb4358ecbdbb3ae525d653d
a06d84af2d1e086fe4eade63edc992760a70016fcb41c147297bc01023ee5d0a
a115f1a382fd4c5bf14fb515cb6e1de11f4159ffee8169b363f561b41103ca4f
a544124f98add2e2d508d975d9f14d21c2721681010ff33006518d8a2a2123c4
a73078368e46305407fa0ba2022b4701aff63f33e990d86e3e4e097eac8c010a
aa770fe160a4482cff1df8b543df407d2e4bc7f6b763ea786de017463a93022c
ac9a2bf39fd2d0f98188523ca93c762cc33111ddeaf6e09640305aed3d2ab4e6
ae3c88766b3ee71917c49d338c199860d548a7106b3989994fd870125a74fcce
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03ea2079cabbbd1d06761a124300f6e3137059d863f5a3ddf3f566fec3551e4
b3024490ab64c971498d84a4cda13ea161085a9f7c1635ccc54a7112e844c40d
b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bb84315b4eceeb24823790156d0d67c6824c547e045dd71b4964ab180a0639b8
c02838382b99fe2621213d0fabb51018ca7e18b537dfcab600650aa94d58e183
c90b091dab0c0c6ed5ba1b9867815c4237dd0f7ea3334647fd04495c501a2a1b
d85f21be5db07a2ea03381f9ba5f984d5fd971f4ceb3174957e8cb6f28949aa9
dc9b397a9b4dd9e324a790959360120b15287d7fcb6ed9a5061563bf22be9b00
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb640d6162459dddade256c3211bc43f99233d48802c502b76e7f7d4c6b57091
ed5f99ff9f4568e1fa0a5c4f0e612b19e73f90f7847acefab4cdb7ac60888294
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1759dae8b5a6386ccf52c000efefe03e3b568dbeec6524f8d4801cbd4762bce
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f3932541989ec5fc026de5a89bf39bf7a56be401aada844fc187d0642b338cbf
f473716e417dc3586218a3653a3fb43b5f8fa215dd0e5116bfd03300dc533d9e
f4c21f2c97af0b71a29ad3f427d66a6e26606a3c83751b3588346a1c67e8d542
f77b13b209813da09a0d1af63b7bb71129c58e0b3b29174844ab7e210e2284fe
fff3070ab0b29e5cd3e6fa0d8fc4200aee988104881cfee2ecbb712216483d2e

parceiro.financiamento.ai Open in urlscan Pro 54.94.61.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

78 %IPv6

17 Domains

23 Subdomains

23 IPs

4 Countries

1905 kBTransfer

5431 kBSize

40 Cookies

2 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

parceiro.financiamento.ai Open in urlscan Pro
54.94.61.130 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

78 %
IPv6

17
Domains

23
Subdomains

23
IPs

4
Countries

1905 kB
Transfer

5431 kB
Size

40
Cookies

72 HTTP transactions
0 data transactions