app.nubank.com.br Open in urlscan Pro
99.86.2.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://autentication-cliente.com/
Effective URL:
https://app.nubank.com.br/
Submission: On May 10 via automatic, source certstream-suspicious (May 10th 2021, 7:40:50 pm UTC)

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 39 HTTP transactions. The main IP is 99.86.2.129, located in United States and belongs to AMAZON-02, US. The main domain is app.nubank.com.br.
TLS certificate: Issued by Amazon on January 11th 2021. Valid for: a year.

This is the only time app.nubank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:303... 2606:4700:3037::ac43:b501	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	99.86.2.129 99.86.2.129	16509 (AMAZON-02) (AMAZON-02)
1	104.111.232.231 104.111.232.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	18.229.212.176 18.229.212.176	16509 (AMAZON-02) (AMAZON-02)
1	13.32.23.71 13.32.23.71	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	44.237.23.82 44.237.23.82	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
39	14

5 2606:4700:3037::ac43:b501 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

autentication-cliente.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 99.86.2.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-129.fra6.r.cloudfront.net

app.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.232.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-231.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.229.212.176 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-212-176.sa-east-1.compute.amazonaws.com

prod-global-webapp-proxy.nubank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-71.fra56.r.cloudfront.net

d24n15hnbwhuhn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.23.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-23-82.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nubank.com.br app.nubank.com.br prod-global-webapp-proxy.nubank.com.br	478 KB
5	autentication-cliente.com 2 redirects autentication-cliente.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	cloudflare.com cdnjs.cloudflare.com	16 KB
2	googleapis.com ajax.googleapis.com	153 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	90 B
1	amplitude.com api.amplitude.com	168 B
1	cloudfront.net d24n15hnbwhuhn.cloudfront.net	17 KB
1	typekit.net use.typekit.net
1	typography.com cloud.typography.com	247 B
39	13

	Domain	Requested by
17	app.nubank.com.br	app.nubank.com.br ajax.googleapis.com
5	autentication-cliente.com	2 redirects autentication-cliente.com
4	prod-global-webapp-proxy.nubank.com.br	ajax.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	app.nubank.com.br www.googletagmanager.com
2	cdnjs.cloudflare.com	app.nubank.com.br
2	ajax.googleapis.com	app.nubank.com.br
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.amplitude.com	d24n15hnbwhuhn.cloudfront.net
1	d24n15hnbwhuhn.cloudfront.net	app.nubank.com.br
1	use.typekit.net	app.nubank.com.br
1	cloud.typography.com	app.nubank.com.br
39	14

This site contains links to these domains. Also see Links.

Domain
nubank.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-10` - `2022-05-09`	a year	crt.sh
nubank.com.br Amazon	`2021-01-11` - `2022-02-08`	a year	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2020-04-26` - `2021-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app.nubank.com.br/
Frame ID: 8B4575BC9BD41B1F891FE258F66B00A2
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://autentication-cliente.com/ HTTP 302
https://autentication-cliente.com/login/ Page URL
https://autentication-cliente.com/login/home.php HTTP 302
https://app.nubank.com.br/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

39
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

755 kB
Transfer

1857 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://nubank.com.br/pedir/nu/?utm_source=webapp&utm_medium=none
Title: Ainda não sou cliente

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://autentication-cliente.com/ HTTP 302
https://autentication-cliente.com/login/ Page URL
https://autentication-cliente.com/login/home.php HTTP 302
https://app.nubank.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://autentication-cliente.com/ HTTP 302
https://autentication-cliente.com/login/

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3-29

200

/ Show response
autentication-cliente.com/login/
Redirect Chain

https://autentication-cliente.com/
https://autentication-cliente.com/login/

1 KB
1007 B

316ms
299ms

Document
text/html

2606:4700:3037::ac43:b501
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autentication-cliente.com/login/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec8e9ed1eeceda8e863422d87247693084d6787510fc80aa213a6fac84278dd

Request headers

:method: GET
:authority: autentication-cliente.com
:scheme: https
:path: /login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:30 GMT
content-type: text/html
last-modified: Sun, 09 May 2021 12:00:03 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 09f964acb300002c4aaba8e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v1Yl5ge6n8qKepq5rIWlbuJZbASAkl35eWjj5nRE6uFQR2pdBer0G6xR6N%2BKWheapThHSsW1TaqM85J5lEA5%2F7yBI75m2nBlJzy7D%2FvobhMgmiroxu1NmzZp68eaLUp3W5DnkTUg"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64d5a3c119af2c4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 10 May 2021 19:40:30 GMT
content-type: text/html; charset=UTF-8
location: login/
cf-cache-status: DYNAMIC
cf-request-id: 09f964ab3d00004de8673f6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8FTX%2BoiFH8%2BunrRC5Xkm2oPlPzpEUkCM0THQ1wggMoUEMui2YcgX4v87uMbsEIdELZB4pigi7D%2FWqD%2BcGUbSsa35LG2B%2FEYsYgXNZgpj4KuFklmCK7j8S2FasQTrkG3r2ViSYjk"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64d5a3becc564de8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 404 jquery.js
autentication-cliente.com/login/js/ 0
0 239ms
238ms Script
text/html 2606:4700:3037::ac43:b501
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autentication-cliente.com/login/js/jquery.js
Requested by: Host: autentication-cliente.com
URL: https://autentication-cliente.com/login/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /login/js/jquery.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: autentication-cliente.com
referer: https://autentication-cliente.com/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autentication-cliente.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FmACX9kq7eFyI50UvW6mc3HCFd8bDa1HVCMx84lCVY48XfwKiSC4QDohtbA2ybR6MTn3DenUx%2BCHicmRUHdwicjw02Wc4YcXa%2BPwDAyS7LTHau8EhjCP7S7IUNjGZD9faI6GvRSG"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 64d5a3c318532c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f964adf000002c4a84a1d000000001

GET
H3-29 200 white.svg
autentication-cliente.com/login/files/ 822 B
997 B 239ms
239ms Image
image/svg+xml 2606:4700:3037::ac43:b501
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autentication-cliente.com/login/files/white.svg
Requested by: Host: autentication-cliente.com
URL: https://autentication-cliente.com/login/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b501 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d2fa080b10cf0943944abfa25e9f0c37824a219c73b85b3cc9c7dbd062ce94c

Request headers

:path: /login/files/white.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: autentication-cliente.com
referer: https://autentication-cliente.com/login/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://autentication-cliente.com/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:30 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f964adf100002c4acf1ac000000001
last-modified: Fri, 27 Dec 2019 13:32:56 GMT
server: cloudflare
etag: W/"5e060808-336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1uDv88aRtDZZCwu9gTLRHl7iXNyWABHiAMbacodYAwvLTKTM%2Bmp1i3EahR7VKwAQEitxP1aPraItHr7B97k%2BP%2FPAIHStyxESyh5Q9HgJnUfqI%2F2rDI9oZHExR%2FDgoe46K3liCBL1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 64d5a3c318582c4a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

Primary Request / Show response
app.nubank.com.br/
Redirect Chain

https://autentication-cliente.com/login/home.php
https://app.nubank.com.br/

4 KB
2 KB

128ms
42ms

Document
text/html

99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd42a39683fb08fa87c881635b1e57f9ec1b30cd7b2f9e748a7f5ef59382656d

Request headers

:method: GET
:authority: app.nubank.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://autentication-cliente.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://autentication-cliente.com/login/

Response headers

content-type: text/html
content-length: 1919
x-amz-meta-x-content-type-options: nosniff
content-encoding: gzip
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
x-amz-meta-x-frame-options: DENY
x-amz-meta-x-xss-protection: 1; mode=block
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
date: Mon, 10 May 2021 12:06:13 GMT
etag: "53f27b13567fc184dd0cf7bcc8807621"
x-cache: Hit from cloudfront
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: chqqRt0memTC7VYkTe-27ThLFjj41R-LdQ2xuJH3aLtWoxj98Vt7XQ==
age: 27261

Redirect headers

date: Mon, 10 May 2021 19:40:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=47531e405eihatctkg2i85ilq7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://app.nubank.com.br/
cf-cache-status: DYNAMIC
cf-request-id: 09f964b6c900002c4ad7204000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rccISo8SMQ5OcAjbpIISSDxckKJhWcdjECToDX63DMSdKJdW5tRMpQjcAnZ%2BknLq5TDkxEIxFwo1VSdz888FxWzpXvvFxroW7bKIteYv%2F5d4C5qRWENq6gzyLAVFFE%2FCt3xQhWDq"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64d5a3d148bf2c4a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nu.css
app.nubank.com.br/styles/ 297 KB
60 KB 50ms
47ms Stylesheet
text/css 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/styles/nu.css
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b9fc7bdc4629bd2e244eb4e59d0fd6e27cc5443ba13fbc98b8ceea2668ab44

Request headers

:path: /styles/nu.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:02 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:58:17 GMT
server: AmazonS3
age: 31532
etag: "7f7beb4064bc3b553fc35720a04d4cdc"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 61041
x-amz-cf-id: QkLlk2PNBKKkfVlGBq89-qMgT5Xv_QJIcqxOfZ0bWSE1mmd7uiJ1rw==

GET
H/1.1 200
OK fonts.css
cloud.typography.com/6952912/640924/css/ 17 B
247 B 93ms
30ms Stylesheet
text/css 104.111.232.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6952912/640924/css/fonts.css
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-231.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 19:40:33 GMT
Cache-Control: max-age=74
Server: AkamaiNetStorage
Connection: keep-alive
ETag: "f130fd70bd4cfa88cacd6d9b4c8c0f19:1596722122"
Content-Length: 17
Content-Type: text/css

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.3.15/ 123 KB
123 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:50:28 GMT
x-content-type-options: nosniff
age: 593405
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125909
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 22:50:28 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 22:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422283
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 22:22:30 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.3/ 32 KB
10 KB 18ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.8.3/moment.min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f20b251189e476e544eb66bfdf4ddace0531af67ace628226e3bde5ff408599f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 92603
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10141
cf-request-id: 09f964b8d900004a9df3a65000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-7e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Fv5vImkjvt54IvOM1ulmEIh3nf8vYNXNIbz73GWJadfoCOBABiutZTVX5y59KHeKPf3Uz79rRCZSxyVODPe4hlKCky7xoYJZSxgPKUm1e%2FC9SFf8JSMY4jvgBnW9ZZ1LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64d5a3d48bfb4a9d-FRA
expires: Sat, 30 Apr 2022 19:40:33 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 26ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1561726
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5303
cf-request-id: 09f964b8db00004a9d12043000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RW2j9WbLyqVKQzeiAh98Qs3eN2p0uyHOlD%2FBGCDDXJ72k%2ByjAjLG6L%2BORyeV4SaXPR%2B2sG932m9I7SCANTSgxOyhCHeFeswir3h8YLEiTrLk0mnpWOGpLhPOXOGOJsutBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64d5a3d48bfd4a9d-FRA
expires: Sat, 30 Apr 2022 19:40:33 GMT

GET
H2 200 config.js Show response
app.nubank.com.br/config/ 2 KB
1 KB 49ms
47ms Script
application/javascript 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/config/config.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dde51d4beb6a1329ddfd56547a9c5a9b57f57dfed6b63e51eda220acab8cb1a

Request headers

:path: /config/config.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 00:02:02 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
age: 70711
etag: "4dc16636b5490362bfa4d8d5e3c2da52"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 1192
x-amz-cf-id: ekU1-Du4v-jGklI-BtlQt8rEBY381Yah4qG84iNxRG54sjplTTyuBw==

GET
H2 200 modules.js Show response
app.nubank.com.br/scripts/ 842 KB
299 KB 79ms
77ms Script
application/javascript 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/scripts/modules.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ae957d70d09f11b7f31067919165a1da54e4c9058cabab3e951e323fb0145f1

Request headers

:path: /scripts/modules.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:02 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
age: 31532
etag: "24acbeacf1f0bfdc470a8c5a033b9fd0"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 305750
x-amz-cf-id: NNo3-DzUauw6re_nDkTwDOd8L3yzTJL0iI1ga5zF8_rKozpB2Y7J_Q==

GET
H2 200 scripts.js Show response
app.nubank.com.br/scripts/ 75 KB
26 KB 48ms
47ms Script
application/javascript 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/scripts/scripts.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96e7e052ce66e91197a3d2fd191b24f1ba8e4b110fdc082cb3114c62a54bc41d

Request headers

:path: /scripts/scripts.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:02 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
age: 31532
etag: "c3aab91a3975470e6063831e1080ae6c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 26671
x-amz-cf-id: 91K7-CO_tZJjsUQy9iVjef5xzJusDqPoutn6fkOpgsC6pzKU32id3A==

GET
H2 404 ksz1bpt.js
use.typekit.net/ 0
0 149ms
133ms Script
text/plain 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ksz1bpt.js

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
date: Mon, 10 May 2021 19:40:33 GMT
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-cascade: pass
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9

GET
H2 200 nu_bg_pattern.png
app.nubank.com.br/images/ 5 KB
5 KB 40ms
39ms Image
image/png 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/nu_bg_pattern.png
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/styles/nu.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a376868ce82e7c27aebb88e1b84a85e79739e35f572548a58ca2c06a7077e367

Request headers

:path: /images/nu_bg_pattern.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/styles/nu.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/styles/nu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 31530
etag: "0199cd6febaa9ac5f88975c2a7438ee3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
content-length: 5184
x-amz-cf-id: LDB0L1GvdVxAnGqnyb_Ey5GPVvLsx-YYzdlVtvsfG_xsYTdKPgVVTw==

OPTIONS
H/1.1 200
OK discovery
prod-global-webapp-proxy.nubank.com.br/api/ 0
0 1035ms
233ms Preflight 18.229.212.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-global-webapp-proxy.nubank.com.br/api/discovery
Protocol: HTTP/1.1
Server: 18.229.212.176 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-212-176.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlation-id
Origin: https://app.nubank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type, x-correlation-id, Origin, Sec-Fetch-Site, Host, User-Agent, Access-Control-Request-Headers, X-Forwarded-Port, Referer, Connection, Pragma, Accept, Accept-Language, Access-Control-Request-Method, Sec-Fetch-Dest, X-Forwarded-For, Accept-Encoding, X-Forwarded-Proto, Sec-Fetch-Mode, Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS
Access-Control-Allow-Origin: https://app.nubank.com.br
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK discovery
prod-global-webapp-proxy.nubank.com.br/api/app/ 0
0 1035ms
233ms Preflight 18.229.212.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-global-webapp-proxy.nubank.com.br/api/app/discovery
Protocol: HTTP/1.1
Server: 18.229.212.176 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-212-176.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlation-id
Origin: https://app.nubank.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type, x-correlation-id, Origin, Sec-Fetch-Site, Host, User-Agent, Access-Control-Request-Headers, X-Forwarded-Port, Referer, Connection, Pragma, Accept, Accept-Language, Access-Control-Request-Method, Sec-Fetch-Dest, X-Forwarded-For, Accept-Encoding, X-Forwarded-Proto, Sec-Fetch-Mode, Cache-Control
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS
Access-Control-Allow-Origin: https://app.nubank.com.br
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK amplitude-2.9.0-min.gz.js Show response
d24n15hnbwhuhn.cloudfront.net/libs/ 55 KB
17 KB 153ms
51ms Script
application/javascript 13.32.23.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-2.9.0-min.gz.js
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b57069b3fd795e6bcd5d191157dc2e46b86d3aa39f504aa655ba6b4436768b27

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 07 Feb 2021 11:10:03 GMT
Content-Encoding: gzip
Age: 7979431
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16708
Last-Modified: Mon, 21 Oct 2019 15:45:34 GMT
Server: AmazonS3
ETag: "9bf8f5ec2e10112ba66c7858fcdded37"
x-amz-version-id: F3rNtRZMUyxTGveaBT.h2ip.8b_rM_LP
Via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 5LnGvIERL8HM98-VZKr3em-eWwtOKG7WbkO1ZmskrIpWIn3Xq0YpWg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
32 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Requested by

Host: app.nubank.com.br
URL: https://app.nubank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7ca2d0a467c34fc729079a38a5fc21c88a98ea7d28a475aeca8941c011a4b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32786
x-xss-protection: 0
last-modified: Mon, 10 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 19:40:33 GMT

GET
H/1.1 200
OK discovery Show response
prod-global-webapp-proxy.nubank.com.br/api/ 3 KB
2 KB 260ms
259ms XHR
application/json 18.229.212.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-global-webapp-proxy.nubank.com.br/api/discovery

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.229.212.176 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-229-212-176.sa-east-1.compute.amazonaws.com

Software

Resource Hash

4eaf7c421e297ab34025cd7f0144df3662b2996f321dcc0b8a35081c5651de12

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.FPxb7
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://app.nubank.com.br
Access-Control-Expose-Headers: Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, X-Xss-Protection, X-Download-Options, X-Permitted-Cross-Domain-Policies, Content-Security-Policy, Content-Type
transfer-encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, User-Agent
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK discovery Show response
prod-global-webapp-proxy.nubank.com.br/api/app/ 5 KB
2 KB 265ms
265ms XHR
application/json 18.229.212.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-global-webapp-proxy.nubank.com.br/api/app/discovery

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.229.212.176 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-229-212-176.sa-east-1.compute.amazonaws.com

Software

Resource Hash

023581317473d06dbe47cbda502f36fe42c77a9e26e6677d462c28fb0f19c727

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.2R8AU
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Download-Options: noopen
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://app.nubank.com.br
Access-Control-Expose-Headers: Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, X-Xss-Protection, X-Download-Options, X-Permitted-Cross-Domain-Policies, Content-Security-Policy, Content-Type
transfer-encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, User-Agent
X-XSS-Protection: 1; mode=block

GET
H2 200 navigation-base.template.html Show response
app.nubank.com.br/components/navigation/ 295 B
636 B 39ms
38ms XHR
text/html 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/navigation-base.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 703f018c56741536876ddf4e25efb3b8dcfa1995532b2d6f415e7bf09d3fb084

Request headers

:path: /components/navigation/navigation-base.template.html
pragma: no-cache
x-correlation-id: WEB-APP.ni1BJ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.ni1BJ
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:03 GMT
content-encoding: gzip
age: 25290
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
content-length: 175
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "25bd7c1e0c7c07677639ddf18ab56351"
content-type: text/html
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 9RuFEgLCky2TEMvev5lAJRIgrBly2d4RA2hs056cf6_PyPmTQIPxYA==
x-amz-meta-x-content-type-options: nosniff

GET
H2 200 login.template.html Show response
app.nubank.com.br/components/login/ 3 KB
2 KB 39ms
39ms XHR
text/html 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/login/login.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05f1c91dc3e461c5f6f14de6550385c8981ef90c0f530aa69009de406f491488

Request headers

sec-fetch-mode: cors
x-correlation-id: WEB-APP.NL26j
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: lang=pt
:path: /components/login/login.template.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.NL26j
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:23 GMT
content-encoding: gzip
age: 31511
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
content-length: 1247
last-modified: Tue, 16 Mar 2021 21:58:15 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "7d504f2f3c59a635b23e77d7435d21c6"
content-type: text/html
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 38Zkn-XjbIqJXqbHnfVP0U4wQUvVQKT6H7tYaukbHB9GpTP8JAVM_g==
x-amz-meta-x-content-type-options: nosniff

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
38 KB 38ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQHBFWB&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGFBFP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee572a01be8b48cdb1e514580d2af3ecee1958a3a338bf368bffb06c0664b1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 19:40:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38848
x-xss-protection: 0
last-modified: Mon, 10 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 May 2021 19:40:33 GMT

GET
H2 200 navigation-menu.template.html Show response
app.nubank.com.br/components/navigation/ 1 KB
1 KB 40ms
40ms XHR
text/html 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/navigation-menu.template.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e3f7287056c79f7cf5cfa5fd934c52bbb42c712d583ab1562a203b5eddb8147

Request headers

sec-fetch-mode: cors
x-correlation-id: WEB-APP.XEaPh
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: lang=pt
:path: /components/navigation/navigation-menu.template.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.XEaPh
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
content-encoding: gzip
age: 25290
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
content-length: 614
last-modified: Tue, 16 Mar 2021 21:58:15 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "98e8738a5c527d2fb28b24bf84806b96"
content-type: text/html
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: VaHMORSOTVACXClTNNBXj6CQB94ghsO4gm4p7lknoWJruHVKf3QA9w==
x-amz-meta-x-content-type-options: nosniff

GET
H2 200 fontawesome-webfont.woff
app.nubank.com.br/fonts/ 64 KB
64 KB 41ms
41ms Font
font/woff 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/styles/nu.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

sec-fetch-mode: cors
origin: https://app.nubank.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lang=pt
:path: /fonts/fontawesome-webfont.woff?v=4.2.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/styles/nu.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://app.nubank.com.br
Referer: https://app.nubank.com.br/styles/nu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:24 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 31510
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
x-cache: Hit from cloudfront
content-type: font/woff
x-amz-cf-pop: FRA6-C1
content-length: 65452
x-amz-cf-id: _DctXNHMNo5GS9q29-gr3C_SpShpVlHZsHqdvGGavOK6whZxc6ncIg==

GET
H2 200 white.svg
app.nubank.com.br/images/ 822 B
1 KB 41ms
40ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/white.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d2fa080b10cf0943944abfa25e9f0c37824a219c73b85b3cc9c7dbd062ce94c

Request headers

:path: /images/white.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:15 GMT
server: AmazonS3
age: 25290
etag: "7e2be025cd6b17a27e8bd8a3e8dc6ce0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 822
x-amz-cf-id: bNhWPonEObGlNdaF4TbuSfCYlzowtmItwBh-PqMPjGdKU4A7wm0viA==

GET
H2 200 back.svg
app.nubank.com.br/images/ 225 B
529 B 42ms
41ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/back.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 961204348dc2507c21f2f213578fbc8ae4cbbd0c8a30a50779fe1b9e3582f60b

Request headers

:path: /images/back.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:24 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 31510
etag: "de71e0ea40202345cfd314af91f9c427"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 225
x-amz-cf-id: 9KUK5OaRyCdLnxWQLKlpUxpxReHmguOQc5OduyAj1FfEJXbjyCRR8g==

GET
H2 200 nu-purple.svg
app.nubank.com.br/images/ 2 KB
2 KB 41ms
40ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/nu-purple.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7940dc3e9c50d7d823a6ba72bf72b763b300bc0cdaf28468ddf920fd2d2f03b6

Request headers

:path: /images/nu-purple.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 25290
etag: "3aceeb9bf00970c278f17ce10888e560"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 2124
x-amz-cf-id: yTtr3P-w5e0agnIJbeywvmPC_-hDI-HXL4Dn-EscSjESeAZjs_b8_A==

GET
H2 200 nu-settings.svg
app.nubank.com.br/images/ 4 KB
5 KB 41ms
40ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/nu-settings.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 064039dec0e22da680624f79d926c796437f3a155daa9d7e5a0ae89258beaef8

Request headers

:path: /images/nu-settings.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 25290
etag: "a404a9ca0d0799ed2124411bd03f3de3"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 4491
x-amz-cf-id: gTgpOhbh0er5_6QOUF4NScSp1kgEIixKILo9R9ZucMq42axhdHW3Iw==

GET
H2 200 email.svg
app.nubank.com.br/images/ 239 B
542 B 42ms
41ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/email.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ebc83ba76f95033527d0e898a4e7fc6ab051058a6c2a47cafb652729e14b812

Request headers

:path: /images/email.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:14 GMT
server: AmazonS3
age: 25290
etag: "6cc55dedbf3a7e86ff4badaada3e22fc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 239
x-amz-cf-id: 0vsV1-IFBHkSiQYfBlChbtLB6cF_Vw3mCJM2IOfMcB_ppkriz8fMcw==

GET
H2 200 phone.svg
app.nubank.com.br/images/ 1 KB
1 KB 42ms
41ms Image
image/svg+xml 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.nubank.com.br/images/phone.svg
Requested by: Host: app.nubank.com.br
URL: https://app.nubank.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a7aa24fcc081e9fda384a4b8b3eb64ac4f9682b56b8c875e0f9564229e68c87

Request headers

:path: /images/phone.svg
pragma: no-cache
cookie: lang=pt
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 12:39:04 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 21:58:15 GMT
server: AmazonS3
age: 25290
etag: "2da7596fc8979dfadac4885e21a6ca22"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA6-C1
content-length: 1176
x-amz-cf-id: old_tGMi1mTsnXHMp-fKF4-sCVyn0zQ9Fm3CU1IXmrmiXUYDjMAwvA==

GET
H2 200 limit-bar.html Show response
app.nubank.com.br/components/navigation/ 2 KB
996 B 40ms
39ms XHR
text/html 99.86.2.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.nubank.com.br/components/navigation/limit-bar.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-129.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1c02af2f70bd0f7e5fc6f7091437d8a420c5df43141d1d13a5632a026ddfb14

Request headers

sec-fetch-mode: cors
x-correlation-id: WEB-APP.InaAB
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: lang=pt
:path: /components/navigation/limit-bar.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: app.nubank.com.br
referer: https://app.nubank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
X-Correlation-Id: WEB-APP.InaAB
Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 10:55:05 GMT
content-encoding: gzip
age: 31528
x-amz-meta-x-xss-protection: 1; mode=block
x-cache: Hit from cloudfront
x-amz-meta-x-frame-options: DENY
content-length: 536
last-modified: Tue, 16 Mar 2021 21:58:16 GMT
server: AmazonS3
x-amz-meta-strict-transport-security: max-age=31536000; includeSubdomains
etag: "1899b0cabe61cfec909c82d9899d2127"
content-type: text/html
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rnPaH4KGznbetQCgsaExMY8XDdedPGCzcYOzWTe0NrYWoUEKw9D2bQ==
x-amz-meta-x-content-type-options: nosniff

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 611ms
211ms XHR
text/html 44.237.23.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: d24n15hnbwhuhn.cloudfront.net
URL: https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-2.9.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.23.82 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-23-82.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 10 May 2021 19:40:34 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQHBFWB&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4421
date: Mon, 10 May 2021 18:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 10 May 2021 20:26:52 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=56081715&t=pageview&_s=1&dl=https%3A%2F%2Fapp.nubank.com.br%2F&dr=https%3A%2F%2Fautentication-cliente.com%2F&dp=%2Flogin&ul=en-us&de=UTF-8&dt=Login%20-%20Nubank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1226092944&gjid=335540659&cid=485114110.1620675634&tid=UA-54526048-10&_gid=115803383.1620675634&_r=1&gtm=2wg4s0PQHBFWB&cd9=%2Flogin&z=1960895227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 May 2021 19:40:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.nubank.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-54526048-10&cid=485114110.1620675634&jid=1226092944&gjid=335540659&_gid=115803383.1620675634&_u=YEBAAEAAAAAAAC~&z=106054073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 May 2021 19:40:33 GMT
content-type: text/plain
access-control-allow-origin: https://app.nubank.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-54526048-10&cid=485114110.1620675634&jid=1226092944&_u=YEBAAEAAAAAAAC~&z=745992563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 19:40:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-54526048-10&cid=485114110.1620675634&jid=1226092944&_u=YEBAAEAAAAAAAC~&z=745992563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.nubank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 May 2021 19:40:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nubank.com.br/	1970-01-20 11:42:27	Name: _ga Value: GA1.3.485114110.1620675634
.nubank.com.br/	1970-01-23 09:47:15	Name: amplitude_idnubank.com.br Value: eyJkZXZpY2VJZCI6IjIyOTdkODM1LThiNGQtNGU4Yy1hNWQ0LTI4MGZmN2I5NDAxOCIsInVzZXJJZCI6bnVsbCwib3B0T3V0IjpmYWxzZSwic2Vzc2lvbklkIjoxNjIwNjc1NjMzODMxLCJsYXN0RXZlbnRUaW1lIjoxNjIwNjc1NjMzODMxLCJldmVudElkIjowLCJpZGVudGlmeUlkIjoxLCJzZXF1ZW5jZU51bWJlciI6MX0=
.nubank.com.br/	1970-01-19 18:11:15	Name: _gat_UA-54526048-10 Value: 1
.nubank.com.br/	1970-01-19 18:12:42	Name: _gid Value: GA1.3.115803383.1620675634
app.nubank.com.br/	1969-12-31 23:59:59	Name: lang Value: pt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
app.nubank.com.br
autentication-cliente.com
cdnjs.cloudflare.com
cloud.typography.com
d24n15hnbwhuhn.cloudfront.net
prod-global-webapp-proxy.nubank.com.br
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.111.232.231
13.32.23.71
18.229.212.176
2606:4700:3037::ac43:b501
2606:4700::6810:135e
2a00:1450:4001:803::2003
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9d
2a02:26f0:6c00::210:ba2a
44.237.23.82
99.86.2.129
023581317473d06dbe47cbda502f36fe42c77a9e26e6677d462c28fb0f19c727
02b9fc7bdc4629bd2e244eb4e59d0fd6e27cc5443ba13fbc98b8ceea2668ab44
05f1c91dc3e461c5f6f14de6550385c8981ef90c0f530aa69009de406f491488
064039dec0e22da680624f79d926c796437f3a155daa9d7e5a0ae89258beaef8
0ae957d70d09f11b7f31067919165a1da54e4c9058cabab3e951e323fb0145f1
0dde51d4beb6a1329ddfd56547a9c5a9b57f57dfed6b63e51eda220acab8cb1a
0e3f7287056c79f7cf5cfa5fd934c52bbb42c712d583ab1562a203b5eddb8147
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1ebc83ba76f95033527d0e898a4e7fc6ab051058a6c2a47cafb652729e14b812
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
4eaf7c421e297ab34025cd7f0144df3662b2996f321dcc0b8a35081c5651de12
6ec8e9ed1eeceda8e863422d87247693084d6787510fc80aa213a6fac84278dd
703f018c56741536876ddf4e25efb3b8dcfa1995532b2d6f415e7bf09d3fb084
7940dc3e9c50d7d823a6ba72bf72b763b300bc0cdaf28468ddf920fd2d2f03b6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8d2fa080b10cf0943944abfa25e9f0c37824a219c73b85b3cc9c7dbd062ce94c
961204348dc2507c21f2f213578fbc8ae4cbbd0c8a30a50779fe1b9e3582f60b
96e7e052ce66e91197a3d2fd191b24f1ba8e4b110fdc082cb3114c62a54bc41d
9a7aa24fcc081e9fda384a4b8b3eb64ac4f9682b56b8c875e0f9564229e68c87
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a376868ce82e7c27aebb88e1b84a85e79739e35f572548a58ca2c06a7077e367
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1c02af2f70bd0f7e5fc6f7091437d8a420c5df43141d1d13a5632a026ddfb14
b57069b3fd795e6bcd5d191157dc2e46b86d3aa39f504aa655ba6b4436768b27
b7ca2d0a467c34fc729079a38a5fc21c88a98ea7d28a475aeca8941c011a4b4c
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ee572a01be8b48cdb1e514580d2af3ecee1958a3a338bf368bffb06c0664b1c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20b251189e476e544eb66bfdf4ddace0531af67ace628226e3bde5ff408599f
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
fd42a39683fb08fa87c881635b1e57f9ec1b30cd7b2f9e748a7f5ef59382656d

app.nubank.com.br Open in urlscan Pro 99.86.2.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

64 %IPv6

13 Domains

14 Subdomains

14 IPs

4 Countries

755 kBTransfer

1857 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.nubank.com.br Open in urlscan Pro
99.86.2.129 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

755 kB
Transfer

1857 kB
Size

5
Cookies

39 HTTP transactions
0 data transactions