simulation-b2b-app.prod.creditas.io Open in urlscan Pro
2a05:d014:275:cb01:190c:7f02:2b97:3b21  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response simulation-b2b-app.prod.creditas.io/	5 KB 2 KB	74ms 8ms	Document text/html	2a05:d014:275:cb01:190c:7f02:2b97:3b21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 147b391520d7b76ae3d7e12265573afc62a874dadcc04829edd58ae6d3e195bb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control public, max-age=0, must-revalidate content-type text/html; charset=UTF-8 date Mon, 07 Mar 2022 21:20:53 GMT etag "1c9d2273eea20b91a226b5258b02ac9f-ssl-df" strict-transport-security max-age=31536000 x-nf-request-id 01FXK43BZ7JZDG5G4HHX7N00RC server Netlify content-encoding gzip age 2 vary Accept-Encoding content-length 1901
GET H2	200	2.979f15b7.chunk.js Show response simulation-b2b-app.prod.creditas.io/simulation/static/js/	520 KB 146 KB	128ms 127ms	Script application/javascript	2a05:d014:275:cb01:190c:7f02:2b97:3b21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash f2dfd5fa7fb5dd2f7c08c7df14f8c5ee9bc741ebc5af4f73c7d1cb6cdcd4da97 Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-nf-request-id 01FXK43C03QHHTJZZM1BBC63PG date Mon, 07 Mar 2022 21:20:55 GMT content-encoding br server Netlify age 0 etag "a2194d1c9a3f234cdecd7cd18190973a-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	main.2b23c329.chunk.js Show response simulation-b2b-app.prod.creditas.io/simulation/static/js/	24 KB 9 KB	120ms 120ms	Script application/javascript	2a05:d014:275:cb01:190c:7f02:2b97:3b21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://simulation-b2b-app.prod.creditas.io/simulation/static/js/main.2b23c329.chunk.js Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a05:d014:275:cb01:190c:7f02:2b97:3b21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software Netlify / Resource Hash 2cea7eccef9f58ccd0e4c6aba138bea76d8cf4af7f54d25f2b5459e80169bfff Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-nf-request-id 01FXK43C032WJRZN5Z5FBE6V24 date Mon, 07 Mar 2022 21:20:55 GMT content-encoding br server Netlify age 0 etag "4badb47840aa5c8f6f1d7ad6dd613441-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	hotjar-2020547.js Show response static.hotjar.com/c/	6 KB 3 KB	54ms 38ms	Script application/javascript	108.138.7.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2020547.js?sv=6 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/main.2b23c329.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-127.fra56.r.cloudfront.net Software / Resource Hash d2f98f5543a6ea17a9d3d78c7ddb695810179aff9d46a909d5de8492b5dd00d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:55 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA56-P6 etag W/8d97c94c85599c8da129c9a635ece17d vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id NYwvkVTITpqpVXNYNVVZaj4tJYDjLU0XHGfWB7YXgAXCqz3NvdtlXg== via 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
GET H2	200	gtm.js Show response www.googletagmanager.com/	114 KB 43 KB	48ms 26ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5Q9SZH6&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 08d9db60205d36dddf28dfc77b1ceb7d0fa489dee87a7edc1b26d24886fdff8d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:55 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43505 x-xss-protection 0 last-modified Mon, 07 Mar 2022 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 07 Mar 2022 21:20:55 GMT
GET H2	200	HelveticaNowDisplay-Light.woff2 assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/	43 KB 44 KB	347ms 299ms	Font binary/octet-stream	2606:4700::6812:a05a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/HelveticaNowDisplay-Light.woff2 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a05a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81b506fa3cc2467d84b5923f8681fedc55a2aecca4c99a3a8774928053a86ede Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Origin https://simulation-b2b-app.prod.creditas.io Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff cf-cache-status MISS x-amz-request-id 8R3YB9JMXF7B4TY3 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44112 x-amz-id-2 a7yNAGUDUgjV5nj3ICU7Y8AdiSSOQXN1D8ysXO806EzymmFf8eD3xIZQ1PboA1f8OrAtfhvrlZU= last-modified Thu, 08 Apr 2021 18:19:24 GMT server cloudflare etag "33143047f075fba6064d059f5b8f3943" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 0 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6e8660bddcf401eb-ZRH expires Tue, 07 Mar 2023 21:20:56 GMT
GET H2	200	HelveticaNowDisplay-Bold.woff2 assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/	44 KB 44 KB	362ms 315ms	Font binary/octet-stream	2606:4700::6812:a05a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/HelveticaNowDisplay-Bold.woff2 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a05a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3024490ab64c971498d84a4cda13ea161085a9f7c1635ccc54a7112e844c40d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Origin https://simulation-b2b-app.prod.creditas.io Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff cf-cache-status MISS x-amz-request-id 8R3GBDJR6KZYB0HT strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 45296 x-amz-id-2 FJhzagYyjtZOmmefnuRgMoha5pzJrwDfuQ4PL+tzzLf3WqxK3NlhJYcGFlyxO8/sDmuA0Uuvg+E= last-modified Thu, 08 Apr 2021 18:19:24 GMT server cloudflare etag "80f363cb60969fc7e5cffb72e13c7bdf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 0 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6e8660bddcf801eb-ZRH expires Tue, 07 Mar 2023 21:20:56 GMT
GET H2	200	HelveticaNowDisplay-Regular.woff2 assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/	41 KB 41 KB	552ms 513ms	Font binary/octet-stream	2606:4700::6812:a05a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.creditas.com/design-system-assets/fonts/1.0.0/helvetica-now-display/HelveticaNowDisplay-Regular.woff2 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a05a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Origin https://simulation-b2b-app.prod.creditas.io Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff cf-cache-status MISS x-amz-request-id 8R3JGD2SZCQJG71S strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 41644 x-amz-id-2 B0YrJvs/HCZbU5/QprbnyuqB14cgpcvIm0CqyarEXac3x0R0GHkuXRFQN7o5IdyhacbchKy07mo= last-modified Thu, 08 Apr 2021 18:19:24 GMT server cloudflare etag "a308f4a646391c18a57ca2256c6c809f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 0 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6e8660bddcf601eb-ZRH expires Tue, 07 Mar 2023 21:20:56 GMT
GET H2	200	modules.f5f76c095cd0aa128146.js Show response script.hotjar.com/	236 KB 62 KB	22ms 7ms	Script application/javascript	108.138.7.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.f5f76c095cd0aa128146.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2020547.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-79.fra56.r.cloudfront.net Software / Resource Hash 56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 03 Mar 2022 08:06:06 GMT content-encoding br x-content-type-options nosniff age 393289 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 62860 access-control-allow-origin * last-modified Thu, 03 Mar 2022 08:05:45 GMT etag "91a379c029db7dab1ba03895733f21a2" vary Accept-Encoding content-type application/javascript via 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P6 accept-ranges bytes x-robots-tag none x-amz-cf-id 7uGaUL7OoOGdgUDnAm3JSpzY-X7BIho-8qQ1lKMqLWO9WLmxHD2bTQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q9SZH6&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4563 date Mon, 07 Mar 2022 20:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 07 Mar 2022 22:04:52 GMT
GET H2	200	sp.js Show response assets.creditas.com/de-assets/snowplow/2.17.3/	77 KB 27 KB	59ms 29ms	Script application/javascript	2606:4700::6812:a05a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.creditas.com/de-assets/snowplow/2.17.3/sp.js Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a05a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 21:20:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 370 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id VXPW5PK31ZCCG87B x-amz-id-2 lSai7QujrH35ZoH/vu1esezAW1vAgNem8eXlYqenLGkK3f69woAQ1WMbMwmFKR4ZqqCT5ODXJbA= last-modified Mon, 22 Feb 2021 18:53:52 GMT server cloudflare etag W/"1400970874add8a03a76148d9fd2f43d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000 cf-ray 6e8660be09d5cc4e-ZRH expires Tue, 07 Mar 2023 21:20:56 GMT
GET H2	200	box-acca23410e696f2ca3087d947271c3d0.html Show response vars.hotjar.com/ Frame 4267	2 KB 1 KB	32ms 10ms	Document text/html	108.157.4.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2020547.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-122.dus51.r.cloudfront.net Software / Resource Hash e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ Response headers content-type text/html content-length 1044 date Fri, 04 Feb 2022 08:52:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "6f65fac4e8efe167ff5132c0c54c5729" last-modified Fri, 04 Feb 2022 08:51:39 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id 8U0Yib1xSgxaX5LWmdJYB7_2Q2dFR6n-6XuFRplwger-vUSe__76xQ== age 2723330
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 220 B	15ms 14ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=923589434&t=pageview&_s=1&dl=https%3A%2F%2Fsimulation-b2b-app.prod.creditas.io%2F&ul=en-us&de=UTF-8&dt=Creditas%20-%20Portal%20de%20parceiros&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=28239282&gjid=1155228900&cid=1149674774.1646688056&tid=UA-91207311-10&_gid=1860125673.1646688056&_r=1&gtm=2wg3205Q9SZH6&z=879167937 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://simulation-b2b-app.prod.creditas.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	tp2 Show response api.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/	2 B 728 B	195ms 176ms	XHR text/plain	2606:4700::6812:a61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:a61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff cf-cache-status DYNAMIC x-kong-proxy-latency 2 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" x-kong-upstream-latency 2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/plain; charset=UTF-8 access-control-allow-origin https://simulation-b2b-app.prod.creditas.io vary Origin access-control-allow-credentials true cf-ray 6e8660bf9bf9cc5a-ZRH
OPTIONS H2	200	tp2 api.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ Frame	0 0	186ms 134ms	Preflight	2606:4700::6812:a61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://simulation-b2b-app.prod.creditas.io User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Sec-Fetch-Mode cors Response headers date Mon, 07 Mar 2022 21:20:56 GMT content-length 0 vary Origin access-control-allow-origin https://simulation-b2b-app.prod.creditas.io access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,OPTIONS,POST strict-transport-security max-age=31536000; includeSubDomains; preload x-frame-options SAMEORIGIN x-content-type-options nosniff x-kong-response-latency 0 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6e8660beaff10229-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 455 B	61ms 20ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91207311-10&cid=1149674774.1646688056&jid=28239282&gjid=1155228900&_gid=1860125673.1646688056&_u=YEBAAEAAAAAAAC~&z=1361023528 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 07 Mar 2022 21:20:56 GMT content-type text/plain access-control-allow-origin https://simulation-b2b-app.prod.creditas.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2020547/	146 B 321 B	101ms 34ms	XHR application/json	34.240.93.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2020547/visit-data?sv=6 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.93.148 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-240-93-148.eu-west-1.compute.amazonaws.com Software / Resource Hash 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Mon, 07 Mar 2022 21:20:56 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	46ms 23ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91207311-10&cid=1149674774.1646688056&jid=28239282&_u=YEBAAEAAAAAAAC~&z=500502544 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	44ms 21ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91207311-10&cid=1149674774.1646688056&jid=28239282&_u=YEBAAEAAAAAAAC~&z=500502544 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://simulation-b2b-app.prod.creditas.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Mon, 07 Mar 2022 21:20:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response o274735.ingest.sentry.io/api/6178827/envelope/	41 B 298 B	48ms 16ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o274735.ingest.sentry.io/api/6178827/envelope/?sentry_key=1e8a3802912247269368cce899d7b75a&sentry_version=7 Requested by Host: simulation-b2b-app.prod.creditas.io URL: https://simulation-b2b-app.prod.creditas.io/simulation/static/js/2.979f15b7.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 7aa50b815163490f17d862bb18194887c0f16420f9958852a30b31fadbc2d350 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://simulation-b2b-app.prod.creditas.io/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 07 Mar 2022 21:20:56 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://simulation-b2b-app.prod.creditas.io access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 2 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 41

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| webpackJsonpb2b-simulation-app object| __SENTRY__ object| regeneratorRuntime function| IMask function| hj object| _hjSettings object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| config object| GlobalSnowplowNamespace function| snowplow_rt object| gaplugins object| gaGlobal object| gaData object| Snowplow

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.creditas.io/	1970-01-20 18:56:00	Name: _ga Value: GA1.2.1149674774.1646688056
			.creditas.io/	1970-01-20 01:26:14	Name: _gid Value: GA1.2.1860125673.1646688056
			.creditas.io/	1970-01-20 01:24:48	Name: _gat_UA-91207311-10 Value: 1
			.creditas.io/	1970-01-20 10:10:24	Name: _hjSessionUser_2020547 Value: eyJpZCI6IjZmNTJlZTJkLWExNGItNTM0MC04ZjhlLWM0ODNiNjM5YTQyNiIsImNyZWF0ZWQiOjE2NDY2ODgwNTYwMDMsImV4aXN0aW5nIjpmYWxzZX0=
			.creditas.io/	1970-01-20 01:24:49	Name: _hjFirstSeen Value: 1
			simulation-b2b-app.prod.creditas.io/	1970-01-20 01:24:48	Name: _hjIncludedInSessionSample Value: 0
			.creditas.io/	1970-01-20 01:24:49	Name: _hjSession_2020547 Value: eyJpZCI6IjA5NjFjZTk3LTIyNDUtNGEyMS1iN2U2LTI2N2IyNTg1MTZkYyIsImNyZWF0ZWQiOjE2NDY2ODgwNTYwNjgsImluU2FtcGxlIjpmYWxzZX0=
			simulation-b2b-app.prod.creditas.io/	1970-01-20 01:24:48	Name: _hjIncludedInPageviewSample Value: 1
			.creditas.io/	1970-01-20 01:24:49	Name: _hjAbsoluteSessionInProgress Value: 0
			api.creditas.io/	1970-01-20 10:10:24	Name: sp Value: 74f53606-f701-427e-9a63-43024c1328dd
			.creditas.io/	1970-01-20 01:24:49	Name: __cf_bm Value: _x_2DgxZXjGSkiDB_ri1tK0cioUyD0kPu9deF6DZsx8-1646688056-0-AQ8BFxIkWkxjPPapuF7nMkkMHWQ/iNNUwHIWxrW6kvsNaRDhoz4FWCXDV1fvkxTGMyTj0if/6zcn640b5ZmVMI0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.creditas.io
assets.creditas.com
in.hotjar.com
o274735.ingest.sentry.io
script.hotjar.com
simulation-b2b-app.prod.creditas.io
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.7.127
108.138.7.79
108.157.4.122
2606:4700::6812:a05a
2606:4700::6812:a61
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9a
2a05:d014:275:cb01:190c:7f02:2b97:3b21
34.120.195.249
34.240.93.148
08d9db60205d36dddf28dfc77b1ceb7d0fa489dee87a7edc1b26d24886fdff8d
147b391520d7b76ae3d7e12265573afc62a874dadcc04829edd58ae6d3e195bb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cea7eccef9f58ccd0e4c6aba138bea76d8cf4af7f54d25f2b5459e80169bfff
56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
7aa50b815163490f17d862bb18194887c0f16420f9958852a30b31fadbc2d350
81b506fa3cc2467d84b5923f8681fedc55a2aecca4c99a3a8774928053a86ede
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b3024490ab64c971498d84a4cda13ea161085a9f7c1635ccc54a7112e844c40d
b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99
d2f98f5543a6ea17a9d3d78c7ddb695810179aff9d46a909d5de8492b5dd00d4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dfd5fa7fb5dd2f7c08c7df14f8c5ee9bc741ebc5af4f73c7d1cb6cdcd4da97