appv1.dev.payhow.com.br Open in urlscan Pro
18.230.13.253  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response appv1.dev.payhow.com.br/	5 KB 3 KB	809ms 242ms	Document text/html	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash 85d550a6d8cd0cb13cf58b8c63dae90e8ffde4a40334066e5be98c6d6dfb09a3 Request headers Host appv1.dev.payhow.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:02 GMT Server Apache Last-Modified Thu, 04 Feb 2021 19:30:31 GMT ETag "138c-5ba87bc9ba412-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 2624 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	css2 fonts.googleapis.com/	13 KB 960 B	20ms 17ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f9afb0e286986c3c4f1a83b1bbafb02a601ff074a2c5962d06a5182fa471e452 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 06 Feb 2021 21:02:57 GMT server ESF date Sat, 06 Feb 2021 22:02:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Feb 2021 22:02:02 GMT
GET H2	200	css2 fonts.googleapis.com/	16 KB 1 KB	29ms 26ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@100;300;400;500;700;900&display=swap Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 24e528bcda4e2121b32b920484c16f109f51bced0f50d1e8db4d59a498be6d9f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 06 Feb 2021 22:02:02 GMT server ESF date Sat, 06 Feb 2021 22:02:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Feb 2021 22:02:02 GMT
GET H/1.1	200 OK	8.10f1856b.chunk.css appv1.dev.payhow.com.br/static/css/	560 KB 67 KB	266ms 264ms	Stylesheet text/css	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appv1.dev.payhow.com.br/static/css/8.10f1856b.chunk.css Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash f4858e324c5f01f08a8b1bf36f6a7727c10ae2f1fb4a5dbd588b4b41e70fa7f4 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:03 GMT Content-Encoding gzip Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "8c1dd-5ba87bc9ba412-gzip" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99
GET H/1.1	200 OK	main.b16ea1fd.chunk.css appv1.dev.payhow.com.br/static/css/	31 KB 7 KB	720ms 240ms	Stylesheet text/css	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash 8086ac0137f855e7cf164c9ac1fc8cb28a52259cb3ae87f1bea20af5c4844f87 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:03 GMT Content-Encoding gzip Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "7a13-5ba87bc9bc352-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6406
GET H/1.1	200 OK	8.c131ab8c.chunk.js Show response appv1.dev.payhow.com.br/static/js/	1 MB 312 KB	749ms 270ms	Script application/javascript	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appv1.dev.payhow.com.br/static/js/8.c131ab8c.chunk.js Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash b81d809e217fddc7834784c8334e174a1c61128550946c9e07d6f43064c35693 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:03 GMT Content-Encoding gzip Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "10a963-5ba87bc9c4052-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	main.56b6ee49.chunk.js Show response appv1.dev.payhow.com.br/static/js/	387 KB 68 KB	742ms 254ms	Script application/javascript	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://appv1.dev.payhow.com.br/static/js/main.56b6ee49.chunk.js Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash 7daf94fa992dd64ea2fd163de64f3fc122ac20863e9d36446761dacec13fcfe9 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:03 GMT Content-Encoding gzip Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "60ce3-5ba87bc9cfbd2-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H3-Q050	200	css2 fonts.googleapis.com/	26 KB 1 KB	50ms 31ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39d372879ca4b9ae07ecefed2b563dd152bb15e68965615b165c4e39a2dfaf91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 06 Feb 2021 21:22:34 GMT server ESF date Sat, 06 Feb 2021 22:02:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Feb 2021 22:02:03 GMT
GET H3-Q050	200	css2 fonts.googleapis.com/	7 KB 1 KB	48ms 29ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8d9ef4cfdaeff6d589b8566592e0bf48f49b8e0cd439c21148e9f474eb070d6b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 06 Feb 2021 21:54:01 GMT server ESF date Sat, 06 Feb 2021 22:02:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 06 Feb 2021 22:02:03 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	15ms 12ms	Script application/x-javascript	2a03:2880:f045:10:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/static/js/8.c131ab8c.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6ce10b18396332916b3f5adefe9282fdf78d19a06b24e2224d067a778f3c5c59 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 fBsksckd3kkSJEoO38yyFg== cross-origin-resource-policy cross-origin expires Sat, 06 Feb 2021 22:11:57 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1778 x-fb-rlafr 0 x-fb-debug cnK6urKqge03kMXo2G4Oj6Gr4dexIXubDN0B76ed3zafoqwQD/N1rx8C8mzQwhYqMl6IKrudTNDTJezoGWLxrQ== x-fb-trip-id 664085054 x-fb-content-md5 cec6103d3380ab930dc72d6a56772597 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 06 Feb 2021 22:02:04 GMT x-frame-options DENY report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "4538a16729c46525a2c6d49e8380a434" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H/1.1	200 OK	payhow_logo.fw.34131863.png appv1.dev.payhow.com.br/static/media/	23 KB 24 KB	241ms 239ms	Image image/png	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://appv1.dev.payhow.com.br/static/media/payhow_logo.fw.34131863.png Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash 3ec70d30504d849bf0f4c47413cdc01c2c9023fcddd8c1fda85c4028f03df410 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:04 GMT Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "5d8f-5ba87bc9d1b12" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 23951
GET H/1.1	200 OK	Grupo%20141.f005dcfa.svg appv1.dev.payhow.com.br/static/media/	26 KB 26 KB	246ms 239ms	Image image/svg+xml	18.230.13.253 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://appv1.dev.payhow.com.br/static/media/Grupo%20141.f005dcfa.svg Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.230.13.253 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-230-13-253.sa-east-1.compute.amazonaws.com Software Apache / Resource Hash 641a732d1f8f1ddffe304abee111ae48672a3d9a4b51dfa93754af9dd5977148 Request headers Referer https://appv1.dev.payhow.com.br/static/css/main.b16ea1fd.chunk.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 22:02:04 GMT Last-Modified Thu, 04 Feb 2021 19:30:31 GMT Server Apache ETag "6623-5ba87bc9d0b72" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 26147
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://appv1.dev.payhow.com.br Referer https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@100;300;400;500;700;900&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 13:34:51 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 462433 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Tue, 01 Feb 2022 13:34:51 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v17/	13 KB 14 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://appv1.dev.payhow.com.br Referer https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@100;300;400;500;700;900&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 01 Feb 2021 16:20:29 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:30 GMT server sffe age 452495 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13732 x-xss-protection 0 expires Tue, 01 Feb 2022 16:20:29 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://appv1.dev.payhow.com.br Referer https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 02 Feb 2021 05:54:34 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:48 GMT server sffe age 403650 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11056 x-xss-protection 0 expires Wed, 02 Feb 2022 05:54:34 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	10ms 10ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://appv1.dev.payhow.com.br Referer https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 02 Feb 2021 05:54:34 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 403650 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Wed, 02 Feb 2022 05:54:34 GMT
GET H2	200	api.js Show response apis.google.com/js/	12 KB 5 KB	27ms 25ms	Script application/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: appv1.dev.payhow.com.br URL: https://appv1.dev.payhow.com.br/static/js/8.c131ab8c.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5856f384bd75b4ea4192054abce59e3dab6a31e3cc7a30aa30d6e364db312ae6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WGLHG5uo4E4FTuBlV6ZvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 06 Feb 2021 22:02:05 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF x-frame-options SAMEORIGIN etag "869bf469703f625700aee253f43b4053" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-WGLHG5uo4E4FTuBlV6ZvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Sat, 06 Feb 2021 22:02:05 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	198 KB 60 KB	20ms 19ms	Script application/x-javascript	2a03:2880:f045:10:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=ccf8d1d8ab0a262f092931658bad0f4b&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c59689b99e8759c274a906df8f03f80fcf3af4e1091376df394748fba51691bd Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://appv1.dev.payhow.com.br Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 8DZG0IZvjNttSeXsSVaygg== cross-origin-resource-policy cross-origin expires Sun, 06 Feb 2022 21:46:07 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 60946 x-fb-rlafr 0 x-fb-debug UPPwiNjzY9C0fhAQxy66wz2lkmiIF1P/4QFauRMGd/f6pPCp6+7ePaJ45LVap9yg7O3EFCRaPoSLt8uLYTHsJw== x-fb-trip-id 664085054 x-fb-content-md5 3c7d3d47173f742c93ad7f4e26755199 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 06 Feb 2021 22:02:05 GMT x-frame-options DENY report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "ba5b8f4914d1797194fd1c95a17e6ce4" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H3-Q050	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/	102 KB 34 KB	42ms 19ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a70ce9822ba7caea388931548a555944039d83caea40daeaaa9040267e40c6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://appv1.dev.payhow.com.br/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Feb 2021 03:49:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 27 Jan 2021 20:08:03 GMT server sffe age 238376 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34781 x-xss-protection 0 expires Fri, 04 Feb 2022 03:49:09 GMT
GET H2	200	iframe accounts.google.com/o/oauth2/ Frame E8CD	0 0	16ms 15ms	Document text/html	2a00:1450:4001:80e::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-nFKOH9gpqMEuMhCYszs5uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/iframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://appv1.dev.payhow.com.br/ accept-encoding gzip, deflate, br accept-language en-US cookie NID=208=MoOY4QowbUSTsFV2lTmOom4VEEyHIGaH9rg8nr8Z2glH2fOpeC-mKXge_LjsHFrqX38GGOGNzACdq24WDodTSSnMVX1UNdalul8djpQ2vgNfKdWLJ6OdgvcXy1l6xCPXmrtccIIS5CqayHNRtZCGAthnU-VVYd4GfHp7YQYBwzA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://appv1.dev.payhow.com.br/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 06 Feb 2021 22:02:05 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-nFKOH9gpqMEuMhCYszs5uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonppayhow number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| fbAsyncInit object| FB object| gapi object| ___jsl object| gadgets object| osapi object| oauth2

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 20:21:00	Name: NID Value: 208=MoOY4QowbUSTsFV2lTmOom4VEEyHIGaH9rg8nr8Z2glH2fOpeC-mKXge_LjsHFrqX38GGOGNzACdq24WDodTSSnMVX1UNdalul8djpQ2vgNfKdWLJ6OdgvcXy1l6xCPXmrtccIIS5CqayHNRtZCGAthnU-VVYd4GfHp7YQYBwzA
			.appv1.dev.payhow.com.br/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
appv1.dev.payhow.com.br
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
18.230.13.253
2a00:1450:4001:80e::200d
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a03:2880:f045:10:face:b00c:0:3
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
24e528bcda4e2121b32b920484c16f109f51bced0f50d1e8db4d59a498be6d9f
39d372879ca4b9ae07ecefed2b563dd152bb15e68965615b165c4e39a2dfaf91
3ec70d30504d849bf0f4c47413cdc01c2c9023fcddd8c1fda85c4028f03df410
4a70ce9822ba7caea388931548a555944039d83caea40daeaaa9040267e40c6e
5856f384bd75b4ea4192054abce59e3dab6a31e3cc7a30aa30d6e364db312ae6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
641a732d1f8f1ddffe304abee111ae48672a3d9a4b51dfa93754af9dd5977148
6ce10b18396332916b3f5adefe9282fdf78d19a06b24e2224d067a778f3c5c59
7daf94fa992dd64ea2fd163de64f3fc122ac20863e9d36446761dacec13fcfe9
8086ac0137f855e7cf164c9ac1fc8cb28a52259cb3ae87f1bea20af5c4844f87
85d550a6d8cd0cb13cf58b8c63dae90e8ffde4a40334066e5be98c6d6dfb09a3
8d9ef4cfdaeff6d589b8566592e0bf48f49b8e0cd439c21148e9f474eb070d6b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
b81d809e217fddc7834784c8334e174a1c61128550946c9e07d6f43064c35693
c59689b99e8759c274a906df8f03f80fcf3af4e1091376df394748fba51691bd
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
f4858e324c5f01f08a8b1bf36f6a7727c10ae2f1fb4a5dbd588b4b41e70fa7f4
f9afb0e286986c3c4f1a83b1bbafb02a601ff074a2c5962d06a5182fa471e452