emprestimo.itau.com.br Open in urlscan Pro
65.9.96.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fdr3pnhz.r.sa-east-1.awstrack.me/L0/https:%2F%2Femprestimo.itau.com.br%2F%3Futm_source=mensageiro%26utm_medium=email%26utm_campai...
Effective URL:
https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid...
Submission: On April 01 via api (April 1st 2021, 8:15:32 pm UTC) from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 65.9.96.70, located in United States and belongs to AMAZON-02, US. The main domain is emprestimo.itau.com.br.
TLS certificate: Issued by Amazon on November 19th 2020. Valid for: a year.

This is the only time emprestimo.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.67.214.214 52.67.214.214	16509 (AMAZON-02) (AMAZON-02)
9	65.9.96.70 65.9.96.70	16509 (AMAZON-02) (AMAZON-02)
2	104.84.56.118 104.84.56.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.158.149 13.226.158.149	16509 (AMAZON-02) (AMAZON-02)
5	52.85.115.107 52.85.115.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	13.226.159.62 13.226.159.62	16509 (AMAZON-02) (AMAZON-02)
29	11

1 52.67.214.214 (São Paulo, Brazil) 1 redirects

ASN16509 (AMAZON-02, US)

fdr3pnhz.r.sa-east-1.awstrack.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.96.70 (United States)

ASN16509 (AMAZON-02, US)

emprestimo.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

www.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.158.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-149.dus51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.85.115.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-107.hel50.r.cloudfront.net

ite.dnofd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-62.dus51.r.cloudfront.net

ofdb-u.dnofd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	itau.com.br emprestimo.itau.com.br www.itau.com.br	387 KB
6	dnofd.com ite.dnofd.com ofdb-u.dnofd.com	138 KB
3	facebook.net connect.facebook.net	97 KB
3	google-analytics.com www.google-analytics.com	74 KB
2	googletagmanager.com www.googletagmanager.com	53 KB
1	nr-data.net bam-cell.nr-data.net	647 B
1	newrelic.com js-agent.newrelic.com	14 KB
1	segment.com cdn.segment.com	78 KB
1	awstrack.me 1 redirects fdr3pnhz.r.sa-east-1.awstrack.me	320 B
29	9

	Domain	Requested by
9	emprestimo.itau.com.br	emprestimo.itau.com.br
5	ite.dnofd.com	emprestimo.itau.com.br
3	connect.facebook.net	emprestimo.itau.com.br
3	www.google-analytics.com	emprestimo.itau.com.br
2	www.googletagmanager.com	emprestimo.itau.com.br
2	www.itau.com.br	emprestimo.itau.com.br
1	ofdb-u.dnofd.com	emprestimo.itau.com.br
1	bam-cell.nr-data.net	emprestimo.itau.com.br
1	js-agent.newrelic.com	emprestimo.itau.com.br
1	cdn.segment.com	emprestimo.itau.com.br
1	fdr3pnhz.r.sa-east-1.awstrack.me	1 redirects
29	11

This site contains no links.

Subject Issuer	Validity	Valid
*.emprestimo.itau.com.br Amazon	`2020-11-19` - `2021-12-18`	a year	crt.sh
www.itau.com.br DigiCert SHA2 Extended Validation Server CA	`2020-03-12` - `2022-06-11`	2 years	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.dnofd.com Amazon	`2020-08-24` - `2021-09-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399
Frame ID: F23664C8CB061EAF344EEADC9F9DC151
Requests: 28 HTTP requests in this frame

Frame: https://ofdb-u.dnofd.com/web/ofdb/v.html
Frame ID: AEEF8489E35D86F06C940B5D8127B29E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fdr3pnhz.r.sa-east-1.awstrack.me/L0/https:%2F%2Femprestimo.itau.com.br%2F%3Futm_source=mensageiro%26utm_mediu... HTTP 302
https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_con... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

29
Requests

97 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

842 kB
Transfer

2819 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fdr3pnhz.r.sa-east-1.awstrack.me/L0/https:%2F%2Femprestimo.itau.com.br%2F%3Futm_source=mensageiro%26utm_medium=email%26utm_campaign=emailmkt-empncc%26utm_content=botao-1%26mp_uuid=b62893a5-9199-11eb-9005-02018f77095e%26m_id=284449399/1/010301788ee8a94e-aaac0086-c25f-425d-86eb-69d316bda767-000000/gkDxD_X2pplBV-sXBUTiIL_WJFc=1 HTTP 302
https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
emprestimo.itau.com.br/
Redirect Chain

https://fdr3pnhz.r.sa-east-1.awstrack.me/L0/https:%2F%2Femprestimo.itau.com.br%2F%3Futm_source=mensageiro%26utm_medium=email%26utm_campaign=emailmkt-empncc%26utm_content=botao-1%26mp_uuid=b62893a5-...
https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399

30 KB
9 KB

200ms
78ms

Document
text/html

65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d598bee34b6195e654422a2877ff49b9f832bb04b79e18b0a918b87028172a5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: emprestimo.itau.com.br
:scheme: https
:path: /?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
last-modified: Wed, 31 Mar 2021 19:06:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
referrer-policy: strict-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-encoding: gzip
date: Thu, 01 Apr 2021 20:08:46 GMT
cache-control: public, max-age=0, must-revalidate
etag: W/"4a3b9df02817d860c4799b84294ec168"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 7TdJ8iUGZOJf_unt8mhBJIRZE8-39PNHLoK6U-AFpAQQ8bYT6zKTUQ==
age: 390

Redirect headers

Date: Thu, 01 Apr 2021 20:15:15 GMT
Location: https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399
Server: Apache-Coyote/1.1
Content-Length: 0
Connection: keep-alive

GET
H2 200 main.085659837b17e8a5e2df.css
emprestimo.itau.com.br/styles/ 97 KB
16 KB 144ms
143ms Stylesheet
text/css 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/styles/main.085659837b17e8a5e2df.css

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/?utm_source=mensageiro&utm_medium=email&utm_campaign=emailmkt-empncc&utm_content=botao-1&mp_uuid=b62893a5-9199-11eb-9005-02018f77095e&m_id=284449399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c9c3b0efd9d24e885b5b15d805a64366c7985899d615070a6517b10b3e8410d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:02 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"6ae31fc13e43b0910789285a83f2e016"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: text/css
x-amz-cf-id: PC4Zd-vd02f79w7rtap1rLcLEbEXWbOw1_c_El7lSFemGYAnYGFeEQ==

GET
H2 200 bundle.vendor.085659837b17e8a5e2df.js Show response
emprestimo.itau.com.br/scripts/ 166 KB
52 KB 151ms
151ms Script
application/javascript 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/scripts/bundle.vendor.085659837b17e8a5e2df.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b559b0746810412c22e271940d3f8f938deb52b66bad52599f225c5dab83aac9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:02 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"88949e23783e58b11d01e36174219ee9"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: LOncgbYbMEufoJK_4hOBjw5SprGqGLmWAR6z0V8bv2jRL30_KyBlyQ==

GET
H2 200 bundle.main.085659837b17e8a5e2df.js Show response
emprestimo.itau.com.br/scripts/ 350 KB
99 KB 79ms
79ms Script
application/javascript 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94f3d57a6e2ea0bcbe096fca103f52246b5386e538d6e07bd3fb03a6a17b9c1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87748
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:01 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"78303ea9f59bb58698a03c875f011192"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: sKU-hy1i-bkyxIl_1IfW29VcKUTmWwWHcqkioRg8ZCqg665P__TPuw==

GET
H2 200 importLibJSFrameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 2 KB
1 KB 269ms
54ms Script
application/x-javascript 104.84.56.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?MGJ5DBD

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.84.56.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

5fc14abd3420d0526df2ebf12c84966abbe0c9ae8d826fedbe77b6ef46afa73a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:16 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 19:06:36 GMT
x-frame-options: SAMEORIGIN
etag: "16af4-795-5ab85235f4700"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: internet.itau.com.br
server-timing: cdn-cache; desc=HIT, edge; dur=4
accept-ranges: bytes
content-length: 964

GET
H2 200 frameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 3 KB
1 KB 271ms
56ms Script
application/x-javascript 104.84.56.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/frameworkDA.js?MGJ5DBD

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.84.56.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

fdccada6464c6cbfe883cbf99051fd36d0313d184a22efb79895037513a1ded2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:16 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 19:06:23 GMT
x-frame-options: SAMEORIGIN
etag: "131dd-b3c-5ab852298e9c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/x-javascript
access-control-allow-origin: internet.itau.com.br
server-timing: cdn-cache; desc=HIT, edge; dur=3
accept-ranges: bytes
content-length: 1032

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/AqBoNWjnUymRb8BwRYQEL5ooKucG9LqY/ 397 KB
78 KB 543ms
329ms Script
text/javascript 13.226.158.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/AqBoNWjnUymRb8BwRYQEL5ooKucG9LqY/analytics.min.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.158.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-158-149.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2d64021b97d9875bea616d17086908ed23b2a67684acd7d5c3f1bc14b548966

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VvKboA89WFc9rx30.R.mj59EBTMFwFdh
content-encoding: gzip
etag: "e7225e7d9e139ae13d65ae180496e0dc"
x-amz-cf-pop: DUS51-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 79247
access-control-allow-origin: *
last-modified: Thu, 01 Apr 2021 01:49:26 GMT
server: AmazonS3
date: Thu, 01 Apr 2021 20:15:17 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
cache-control: public, max-age=120
accept-ranges: bytes
x-amz-cf-id: wWdki5ZBCsgUAezOnvgswj3Itwvrz8Aeg5wOEtY5kLktKbwlkfaV2w==

GET
H2 200 bundle.loadAsyncSVG.d2010412844ecb9cbc48.js Show response
emprestimo.itau.com.br/scripts/ 78 KB
20 KB 80ms
80ms Script
application/javascript 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/scripts/bundle.loadAsyncSVG.d2010412844ecb9cbc48.js

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae6ec7cf3c6dbe2c9d792a3291d2002089eca32bf0ed75f9921dea6863d1f148

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 19:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:01 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"48d7a50094876f8121485a781b8fdd58"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: g5e7OwW6mSNElg8_Xg64oxA3QVKxnB4VBT13mjOG4FyAvG-weOg1nw==

GET
H2 200 ItauText-Regular.woff2
emprestimo.itau.com.br/fonts/ 17 KB
18 KB 77ms
77ms Font
font/woff2 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/fonts/ItauText-Regular.woff2

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/styles/main.085659837b17e8a5e2df.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://emprestimo.itau.com.br
Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:29:11 GMT
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 85566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17892
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:06:59 GMT
server: AmazonS3
x-frame-options: DENY
etag: "4c9045c151fd584835340bef1292fa48"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: q8NNGd-jeSdFJdUP4gNTh3aTPkqyr_o6QSOoHl-y7SCc4zArGH4k2w==

GET
H2 200 ItauText-XBold.woff2
emprestimo.itau.com.br/fonts/ 18 KB
19 KB 95ms
95ms Font
font/woff2 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/fonts/ItauText-XBold.woff2

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/styles/main.085659837b17e8a5e2df.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85a10f9746043480ff18e36aafe347847954698d93cab87cb588ad1ced0232df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://emprestimo.itau.com.br
Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:29:11 GMT
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 85566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18808
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:06:59 GMT
server: AmazonS3
x-frame-options: DENY
etag: "0497e59a98e9b5907eada6a161b29c6a"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-version-id: null
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: 3Kq9ncRakrmnLe-W8SJsy8jaBUGZq3I2A5GSwN1lAZZJqSsDeuNHbw==

GET
H2 200 bundle.page-Home-Loans-components-LoanFeatures.f5ba69f524288f75f497.js Show response
emprestimo.itau.com.br/scripts/ 72 KB
18 KB 71ms
70ms Script
application/javascript 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/scripts/bundle.page-Home-Loans-components-LoanFeatures.f5ba69f524288f75f497.js

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

afb4e3bcf85a236e439dcede501d175bc664b911e1a2f5fe21784c7821a9bd4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 20:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85566
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:01 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"00c8e44a4516e7999b14529a1f20b77d"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: IJ7tGHu4LdVypTh6guTJkE0xXsAth6RdUKPNbFAr7swYp31_rKQN5g==

GET
H2 200 OFDB.js Show response
ite.dnofd.com/ofdb/ 396 KB
110 KB 290ms
159ms Script
application/javascript 52.85.115.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ite.dnofd.com/ofdb/OFDB.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-107.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6768bd36cafc17a1ea5830f0de562e010d357c49c246ac6ee2a07f79e4c09b61

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:17 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 13:22:41 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
etag: "13900d69d7bee513d912f807494d343a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6c183700546a331def0de99cb43d1575.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
content-length: 111986
x-amz-cf-id: se3_gHZlANaLN1ZPQTzyOqS6745JCjeOWcATRO4pjGnWU6FEhiXw0w==

GET
H2 200 sprite.svg Show response
emprestimo.itau.com.br/images/ 395 KB
134 KB 76ms
76ms XHR
image/svg+xml 65.9.96.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://emprestimo.itau.com.br/images/sprite.svg?085659837b17e8a5e2df

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7de530debde0abe04d9dfddd7251f0630bc31e32f64ad2d7f8916d8033a3877

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://emprestimo.itau.com.br/
tracestate: 78034@nr=0-1-1891877-545998104-acc68d23806a3f43----1617308116354
traceparent: 00-6eea4b74249cc9e2e80bfdd1f82f4030-acc68d23806a3f43-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE4OTE4NzciLCJhcCI6IjU0NTk5ODEwNCIsImlkIjoiYWNjNjhkMjM4MDZhM2Y0MyIsInRyIjoiNmVlYTRiNzQyNDljYzllMmU4MGJmZGQxZjgyZjQwMzAiLCJ0aSI6MTYxNzMwODExNjM1NCwidGsiOiI3ODAzNCJ9fQ==

Response headers

date: Wed, 31 Mar 2021 19:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 31 Mar 2021 19:07:00 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"608451e01bcd85dcace43c900124010d"
vary: Accept-Encoding
x-amz-version-id: null
via: 1.1 1f98172ca4214b0e937b7d3d534b34cd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors br.originhosting.io *.br.originhosting.io itau.com.br *.itau.com.br
x-amz-cf-pop: PRG50-C1
content-type: image/svg+xml
x-amz-cf-id: 8cIBrVbmQO-fjW4zdsrgbBPudeXX6mdQR5Fzuuf87CaHJ2gpdTCakA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
53 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGJ5DBD

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f4a473d6ef6c9ef83e0079ae23613125369f9fc783e236ef389639253a92070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54409
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 19:36:24 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Apr 2021 20:15:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 9
date: Thu, 01 Apr 2021 20:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 22:15:07 GMT

GET
H3-Q050 404 gtm.js
www.googletagmanager.com/ 0
0 55ms
40ms Script
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZL2CS7&l=dataLayer
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-WK6J4WD&t=itau&cid=1820152828.1617308117

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

755071c070f0f7dc139f082d94f8ad030ebd9787c8fa686d0d26a59efe927295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35940
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 19:36:24 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Apr 2021 20:15:16 GMT

GET
H2 200 o Show response
ite.dnofd.com/ofdb/ 2 KB
3 KB 408ms
280ms XHR
binary/octet-stream 52.85.115.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ite.dnofd.com/ofdb/o
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-107.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a314ca63c97883175f7faa2c8982e28c8b6df28332c42ac50efcef1dc90c041

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 01 Apr 2021 20:15:18 GMT
via: 1.1 6e28f02adabde7d09aba9f5efcd44d1b.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
content-length: 2284
last-modified: Mon, 22 Mar 2021 12:36:03 GMT
server: AmazonS3
etag: "d7a20718c8344244dc59de7ded568fbc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Access-Control-Allow-Origin
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: H0JfC7QpuMQdva4z1CnitoxynqOquQmgDgg_c3jKkID11nGk_XKrsw==

GET
H2 200 nr-spa-1184.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 155ms
52ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:16 GMT
content-encoding: gzip
x-amz-request-id: 6CAF3EA564D1D20C
x-cache: HIT
content-length: 14379
x-amz-id-2: Bqs6b0NYm3vdN7IzLTK1XY1lMoJFHpBlRh9wI252DtvzYkWwYOy/z6pud/adUOeUtD4/6IehNHQ=
x-served-by: cache-fra19131-FRA
last-modified: Mon, 28 Sep 2020 16:34:47 GMT
server: AmazonS3
x-timer: S1617308117.996059,VS0,VE0
etag: "6b93dbf34696df852c6d69d1652851de"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 453

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: W0BCIbQtdVFEpOvT3I7hXP+r/32F+LRoAdjxxQ+uVcbtXt312jfUu3G25AtSib5vVsG8RswY+MtYRUZzJ8utzA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 20:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 9
date: Thu, 01 Apr 2021 20:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 22:15:07 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: yBlQZBFm0OqyUSAY0QeWSZdThhQtSAZwqHcnzx6Mly0zB8uYaf8N4e0LAaF0mXN+bRXCmK2HpjPbqVbZtMol+g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 01 Apr 2021 20:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 760638547840127 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/760638547840127?v=2.9.33&r=stable

Requested by

Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8c275220d5cbc9bc18e70c9c6d0ce6f5d39a38837aa91aa8bc5fcfce1ebad73

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70488
x-fb-rlafr: 0
pragma: public
x-fb-debug: bibYpU9SJ2PihUzos8dyEwxczNSJiPq0SGEfvHv16WXJPS3yLjtLs7I01Mt+iS6Csh2KWfqZVDBIlmoDJ24wfg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 20:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK c348364b3e Show response
bam-cell.nr-data.net/1/ 57 B
647 B 368ms
215ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/c348364b3e?a=545998104&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=2248&ck=1&ref=https://emprestimo.itau.com.br/&be=1372&fe=2065&dc=1420&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1617308114801,%22n%22:0,%22f%22:979,%22dn%22:980,%22dne%22:991,%22c%22:991,%22s%22:1019,%22ce%22:1101,%22rq%22:1101,%22rp%22:1179,%22rpe%22:1180,%22dl%22:1182,%22di%22:1420,%22ds%22:1420,%22de%22:1420,%22dc%22:2064,%22l%22:2065,%22le%22:2065%7D,%22navigation%22:%7B%7D%7D&fp=1231&fcp=1231&jsonp=NREUM.setToken
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 20:15:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 63947d14bf9d4bdd-AMS
cf-request-id: 0930ac80f100004bdd3ba8c000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v.html Show response
ofdb-u.dnofd.com/web/ofdb/ Frame AEEF 25 KB
9 KB 219ms
74ms Document
text/html 13.226.159.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ofdb-u.dnofd.com/web/ofdb/v.html
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b627530ad28b72ecc9189e4a6d168d0fe1fc1eaab4f16af70dc778f4316eb0

Request headers

:method: GET
:authority: ofdb-u.dnofd.com
:scheme: https
:path: /web/ofdb/v.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://emprestimo.itau.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://emprestimo.itau.com.br/

Response headers

content-type: text/html; charset=utf-8
content-length: 8748
last-modified: Mon, 29 Mar 2021 13:20:32 GMT
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Thu, 01 Apr 2021 06:23:00 GMT
cache-control: max-age=86400
etag: "1d10a79c3711b1cd20c503c7f9238860"
x-cache: Hit from cloudfront
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 1DMDO7smKl_QZJacc7ZYeqGeQb5NFid5h5hekc8fYkkEEjadv93siA==
age: 49938

GET
H2 200 jquery.min.js Show response
ite.dnofd.com/ofdb/ 20 KB
7 KB 389ms
388ms XHR
application/javascript 52.85.115.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ite.dnofd.com/ofdb/jquery.min.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-107.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f21809b7d9054ae07e4ec987c2ac505e12cbbbf5dcda95e0808a94f7a7d95f20

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 01 Apr 2021 20:15:18 GMT
content-encoding: gzip
x-amz-cf-pop: HEL50-C2
x-cache: Hit from cloudfront
content-length: 7070
access-control-allow-origin: *
last-modified: Mon, 29 Mar 2021 13:22:42 GMT
server: AmazonS3
etag: "31aa4e93c54cbb4c1d69b2d385a7b82c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
via: 1.1 6e28f02adabde7d09aba9f5efcd44d1b.cloudfront.net (CloudFront)
access-control-expose-headers: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Access-Control-Allow-Origin
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: FHmbGEsV3nuYAg_jrLovxYmF5aECWBKkio-GIkwJE83W3DVv7sD_qQ==

GET
H2 200 warsaw-swfobject.js Show response
ite.dnofd.com/ofdb/ 10 KB
4 KB 442ms
442ms Script
application/javascript 52.85.115.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ite.dnofd.com/ofdb/warsaw-swfobject.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-107.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69b83294cc1f8b6d31e88493a584fc6727b0016153b515a3e2c785624d0d81c5

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:18 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 13:22:43 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
etag: "a7ab9123aae72cd47ffff8cab8a3dfc7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6c183700546a331def0de99cb43d1575.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3975
x-amz-cf-id: Kuqc_jkxXnzfWVALBvK1vQom5wVaTV6MI4ghuNYiOrzXat2uCziF9A==

GET
H2 200 warsaw-web_socket.js Show response
ite.dnofd.com/ofdb/ 13 KB
5 KB 380ms
379ms Script
application/javascript 52.85.115.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ite.dnofd.com/ofdb/warsaw-web_socket.js
Requested by: Host: emprestimo.itau.com.br
URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.115.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-115-107.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9aa187e5b2bb8835ea19ad90087c5e184cdd74768c1f9f31f5ca440e8403260

Request headers

Referer: https://emprestimo.itau.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:15:19 GMT
content-encoding: gzip
last-modified: Mon, 29 Mar 2021 13:22:44 GMT
server: AmazonS3
x-amz-cf-pop: HEL50-C2
etag: "b9155e9864fdbc3873c942f1bb894eef"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6c183700546a331def0de99cb43d1575.cloudfront.net (CloudFront)
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4335
x-amz-cf-id: TKsEnR0sQwWcdOuCup2QmHi3k_H9atBcUMRbt8woJqxlH6a_7Bh8mQ==

POST c348364b3e
bam-cell.nr-data.net/events/1/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/events/1/c348364b3e?a=545998104&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=12248&ck=1&ref=https://emprestimo.itau.com.br/

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.itau.com.br/	1970-01-20 02:00:44	Name: ajs_anonymous_id Value: %2206a4fb3e-24db-44fd-82e5-feefb8674b17%22
.itau.com.br/	1970-01-19 17:16:34	Name: _gid Value: GA1.3.402018586.1617308117
.itau.com.br/	1970-01-20 10:46:20	Name: _ga Value: GA1.3.1820152828.1617308117

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js(Line 1) Message: New Relic is done!
console-api	error	URL: https://emprestimo.itau.com.br/scripts/bundle.vendor.085659837b17e8a5e2df.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://ite.dnofd.com/ofdb/OFDB.js(Line 1) Message: Please give sid
console-api	log	URL: https://emprestimo.itau.com.br/scripts/bundle.page-Home-Loans-components-LoanFeatures.f5ba69f524288f75f497.js(Line 1) Message: OFDb instanced - ID: undefined
console-api	log	URL: https://emprestimo.itau.com.br/scripts/bundle.main.085659837b17e8a5e2df.js(Line 1) Message: [ Segment ] - Ready
console-api	error	URL: https://ite.dnofd.com/ofdb/warsaw-web_socket.js(Line 22) Message: Flash Player >= 11.1.0 is required.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors br.originhosting.io .br.originhosting.io itau.com.br .itau.com.br
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cdn.segment.com
connect.facebook.net
emprestimo.itau.com.br
fdr3pnhz.r.sa-east-1.awstrack.me
ite.dnofd.com
js-agent.newrelic.com
ofdb-u.dnofd.com
www.google-analytics.com
www.googletagmanager.com
www.itau.com.br
bam-cell.nr-data.net
104.84.56.118
13.226.158.149
13.226.159.62
151.101.14.110
162.247.243.146
2a00:1450:4001:802::200e
2a00:1450:4001:813::2008
2a03:2880:f01c:8012:face:b00c:0:3
52.67.214.214
52.85.115.107
65.9.96.70
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3f4a473d6ef6c9ef83e0079ae23613125369f9fc783e236ef389639253a92070
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5fc14abd3420d0526df2ebf12c84966abbe0c9ae8d826fedbe77b6ef46afa73a
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
6768bd36cafc17a1ea5830f0de562e010d357c49c246ac6ee2a07f79e4c09b61
69b627530ad28b72ecc9189e4a6d168d0fe1fc1eaab4f16af70dc778f4316eb0
69b83294cc1f8b6d31e88493a584fc6727b0016153b515a3e2c785624d0d81c5
6a314ca63c97883175f7faa2c8982e28c8b6df28332c42ac50efcef1dc90c041
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
755071c070f0f7dc139f082d94f8ad030ebd9787c8fa686d0d26a59efe927295
85a10f9746043480ff18e36aafe347847954698d93cab87cb588ad1ced0232df
94f3d57a6e2ea0bcbe096fca103f52246b5386e538d6e07bd3fb03a6a17b9c1f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
ae6ec7cf3c6dbe2c9d792a3291d2002089eca32bf0ed75f9921dea6863d1f148
afb4e3bcf85a236e439dcede501d175bc664b911e1a2f5fe21784c7821a9bd4a
b559b0746810412c22e271940d3f8f938deb52b66bad52599f225c5dab83aac9
b8c275220d5cbc9bc18e70c9c6d0ce6f5d39a38837aa91aa8bc5fcfce1ebad73
c7de530debde0abe04d9dfddd7251f0630bc31e32f64ad2d7f8916d8033a3877
c9c3b0efd9d24e885b5b15d805a64366c7985899d615070a6517b10b3e8410d6
d598bee34b6195e654422a2877ff49b9f832bb04b79e18b0a918b87028172a5a
d9aa187e5b2bb8835ea19ad90087c5e184cdd74768c1f9f31f5ca440e8403260
f21809b7d9054ae07e4ec987c2ac505e12cbbbf5dcda95e0808a94f7a7d95f20
f2d64021b97d9875bea616d17086908ed23b2a67684acd7d5c3f1bc14b548966
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fdccada6464c6cbfe883cbf99051fd36d0313d184a22efb79895037513a1ded2

emprestimo.itau.com.br Open in urlscan Pro 65.9.96.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

97 %HTTPS

27 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

842 kBTransfer

2819 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

emprestimo.itau.com.br Open in urlscan Pro
65.9.96.70 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

842 kB
Transfer

2819 kB
Size

3
Cookies

29 HTTP transactions
0 data transactions