www.renegocie.gruporecovery.com Open in urlscan Pro
13.249.9.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasi...
Submission: On August 01 via api (August 1st 2023, 9:38:43 pm UTC) from BR — Scanned from DE

Summary HTTP 116 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 116 HTTP transactions. The main IP is 13.249.9.85, located in United States and belongs to AMAZON-02, US. The main domain is www.renegocie.gruporecovery.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 27th 2023. Valid for: a year.

This is the only time www.renegocie.gruporecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	13.249.9.85 13.249.9.85	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
4	99.86.4.73 99.86.4.73	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
3	18.66.147.58 18.66.147.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
18	54.167.153.200 54.167.153.200	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
2	95.101.111.170 95.101.111.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.40 108.138.7.40	16509 (AMAZON-02) (AMAZON-02)
1	34.223.74.168 34.223.74.168	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:a000:14:a44b:7e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
3	162.247.241.2 162.247.241.2	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
116	24

28 13.249.9.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-85.cdg53.r.cloudfront.net

www.renegocie.gruporecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-73.fra6.r.cloudfront.net

assets.renegocie.gruporecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net

cdn.cohesionapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.167.153.200 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-153-200.compute-1.amazonaws.com

ingest.make.rvapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-170.deploy.static.akamaitechnologies.com

www.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-40.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a000:14:a44b:7e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

bucketfileshiio-prd.cloud.itau.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.2 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gruporecovery.com www.renegocie.gruporecovery.com assets.renegocie.gruporecovery.com	2 MB
18	rvapps.io ingest.make.rvapps.io — Cisco Umbrella Rank: 29775	2 KB
9	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 3	55 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	660 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58 region1.google-analytics.com — Cisco Umbrella Rank: 1914	22 KB
5	gstatic.com www.gstatic.com	575 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1557	34 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	278 B
4	google.de www.google.de — Cisco Umbrella Rank: 5772	732 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114	2 KB
3	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 1885	2 KB
3	itau.com.br www.itau.com.br — Cisco Umbrella Rank: 85637 bucketfileshiio-prd.cloud.itau.com.br — Cisco Umbrella Rank: 343445	16 KB
3	cohesionapps.com cdn.cohesionapps.com — Cisco Umbrella Rank: 21014	32 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	241 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 759 script.hotjar.com — Cisco Umbrella Rank: 988	60 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 504	31 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1132	185 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1241	50 KB
116	19

	Domain	Requested by
28	www.renegocie.gruporecovery.com	www.renegocie.gruporecovery.com
18	ingest.make.rvapps.io	www.renegocie.gruporecovery.com
9	www.googletagmanager.com	www.renegocie.gruporecovery.com www.googletagmanager.com www.googleoptimize.com
8	www.google.com	www.renegocie.gruporecovery.com www.gstatic.com www.google.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.renegocie.gruporecovery.com
5	www.gstatic.com	www.google.com
4	cdn.segment.com	www.renegocie.gruporecovery.com cdn.segment.com
4	www.facebook.com	www.renegocie.gruporecovery.com
4	www.google.de	www.renegocie.gruporecovery.com
4	assets.renegocie.gruporecovery.com	www.renegocie.gruporecovery.com
3	bam-cell.nr-data.net	js-agent.newrelic.com www.renegocie.gruporecovery.com
3	stats.g.doubleclick.net	www.renegocie.gruporecovery.com www.googletagmanager.com
3	cdn.cohesionapps.com	www.renegocie.gruporecovery.com cdn.cohesionapps.com
3	connect.facebook.net	www.renegocie.gruporecovery.com connect.facebook.net
2	www.itau.com.br	www.renegocie.gruporecovery.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	www.renegocie.gruporecovery.com
1	js-agent.newrelic.com	www.renegocie.gruporecovery.com
1	bucketfileshiio-prd.cloud.itau.com.br	www.itau.com.br
1	api.segment.io	www.renegocie.gruporecovery.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googleoptimize.com	www.renegocie.gruporecovery.com
116	25

This site contains links to these domains. Also see Links.

Domain
www.itau.com.br

Subject Issuer	Validity	Valid
renegocie.cartoes.itau.com.br Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.renegocie.gruporecovery.com Amazon RSA 2048 M01	`2023-01-23` - `2024-02-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-11` - `2023-08-09`	3 months	crt.sh
cdn.cohesionapps.com Amazon RSA 2048 M01	`2023-02-22` - `2023-12-14`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ingest.make.rvapps.io Amazon RSA 2048 M02	`2023-07-26` - `2024-08-22`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
www.itau.com.br DigiCert SHA2 Extended Validation Server CA	`2023-02-25` - `2024-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
bucketfileshiio-prd.cloud.itau.com.br Amazon RSA 2048 M01	`2023-03-25` - `2024-04-22`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Frame ID: B09B4F3A2C3C05A422C0E227B130D69E
Requests: 97 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: 52F402207661F08B325E052730206E79
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRaGQcAAAAAFpvU2diBUMza_kIJndm3MHfSuVk&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=5g1yhe25ogbr
Frame ID: 1F850B2C122979FDF75D64A5BD295F2A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB0VshAAAAANPsyPPf8LWkZlbUaM9JnCON8kEX&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=a63sygltw6k0
Frame ID: F326AE112258255443879D226F8C799C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Renegocie Recovery: Quite Dívidas Com Até 98% De Descontoicon-cashback

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

116
Requests

100 %
HTTPS

54 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

4236 kB
Transfer

9555 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.itau.com.br/seguranca/termo-autorizacao
Title: termos de autorização

Search URL Search Domain Scan URL

URL: https://www.itau.com.br/cadastro-positivo
Title: cancelamento

Search URL Search Domain Scan URL

URL: https://www.itau.com.br/seguranca/sistema-informacao-credito
Title: sistema de informações de crédito

Search URL Search Domain Scan URL

URL: https://www.itau.com.br/privacidade
Title: política de privacidade.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request registro Show response
www.renegocie.gruporecovery.com/ 150 KB
28 KB 269ms
27ms Document
text/html 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7e79475dec95a30b402f97d5dff3eb6909b8e65b88a5e45078b5086001824ac2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 346710
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
content-type: text/html
date: Fri, 28 Jul 2023 21:20:07 GMT
etag: W/"7ca6b6910937dee608aef90c86eacaae"
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
referrer-policy: strict-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-amz-cf-id: qAdtdnhaVtyw2wHi6fLNUGr-6s4EVJWFFXs5dCZRy14rFvdOciMtZw==
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 Montserrat-Regular.woff2
www.renegocie.gruporecovery.com/fonts/ 7 KB
8 KB 23ms
22ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/Montserrat-Regular.woff2

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

af1f9f06c389ec8060993c9c88a1e3092aca5a47a7804c328458a03422f2cf9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:00 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7160
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "a2eef9b9542da691c4436f318c25b140"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: h4Du1jJKSs4-ACkm8zEwaqiipw2KSSBovTSI3O2g1wWLkNHtE7Irbg==

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
695 B 37ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3470869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 382
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VI4PtyY1yI2qDiaiwZkbgc8AHrINiukBsSmob6K1WFTCqlfrUGkS9RRsdWjT3lb02EPr3oY4VjGVSzlS6HD4WpA38HjRuUf3WVS4bvT21B0yDsegCpuNjhv5E8MKCv%2BpLGkyZIWIf96tBORY7SNMsug"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f013aabcd579bdd-FRA
expires: Sun, 21 Jul 2024 21:38:38 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 36ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5895821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 637
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQpWIy3CWrbonLlsQ52OF4jcdt5HIiTz3BT2AwR9hDsZQ3iqfsedMGb0m1p1uvxpLTtxtrSrMK99RHphQEDXMfYTknpBnrC3uM%2F%2FxuxP6LQBxIHYRHU3I6py0pyLvzEr3H1XVuFes%2B40tsQekPVzcAWx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f013aabcd599bdd-FRA
expires: Sun, 21 Jul 2024 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 50ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45367306-5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfe481f7816600304e460aa1a4f02df4624acf219e6eeac1d72c1c6b485b55d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61583
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:20:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 131 KB
50 KB 64ms
14ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MRNMXPX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe88c83d9f8868f92afda354f6b592e3663602415b4fa7baf944fc7d4674e352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
67 KB 37ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316483997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fe4fb463d88a9117ad763c23a77784441d6034024f9530f9db0e2d6108da8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68335
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:20:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
89 KB 42ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3VDXGSTV7S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

138cd07c0c5b2e003bfbd656cb46ecb439f2dbbec673a028dd417d7809c7d01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-204852905-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12ab64799e55d11c467e47fc9a2562d5541fa99092d11b4dce7af66bf54dc430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61629
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 logo-recovery.svg
assets.renegocie.gruporecovery.com/f/119473/x/ccbfa1f547/ 6 KB
3 KB 295ms
9ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.renegocie.gruporecovery.com/f/119473/x/ccbfa1f547/logo-recovery.svg
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4127bb67cf715592064f9e5e3c59f893b56ecb4f07d6e9f8752ac7509b072b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 16 May 2023 00:42:45 GMT
x-amz-version-id: AvMIa54m280FFaYzl3imLEAi9FD8P.Wt
content-encoding: gzip
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront), 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1, FRA6-C1
age: 6728154
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Sep 2022 17:10:15 GMT
server: AmazonS3
etag: W/"c3989852aa504ce31a8a3048f55b81f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: qDPl0aDH7UcsF8LByyFbEUvq7343S1pacaRN2QZjNi2KzNLiDMk-jw==
expires: Sat, 23 Sep 2023 17:10:13 GMT

GET
H2 200 itauicon_footer.svg
assets.renegocie.gruporecovery.com/f/119473/x/5d3952a243/ 3 KB
2 KB 324ms
38ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.renegocie.gruporecovery.com/f/119473/x/5d3952a243/itauicon_footer.svg
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ac1442c4290be263bfc466e8788f13d2925ade3cd85e44a221516eae9597ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 6ENJFs6BMLiU1J5ytQyNcwcmui1BDUoR
content-encoding: gzip
via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront), 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
date: Tue, 01 Aug 2023 21:38:38 GMT
last-modified: Fri, 11 Mar 2022 21:37:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2, FRA6-C1
etag: W/"a630d9ccd710d7e4d7ee59493af02e27"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-id: R_hNMJ6yiMYM7WmzBkVjPi5ZyDn7SQIHkJYWKQ0LnH583Lvheg0RzQ==
expires: Sat, 11 Mar 2023 21:37:14 GMT

GET
H2 200 discount-coupon.svg
assets.renegocie.gruporecovery.com/f/119473/x/bea2984d41/ 3 MB
2 MB 296ms
10ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.renegocie.gruporecovery.com/f/119473/x/bea2984d41/discount-coupon.svg
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da5fea60fa51cdfaa2f07e1a4d91685d985c7d79dee4705b740750733fcf7564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 14:28:29 GMT
x-amz-version-id: _rIAP0HgUqVOO1thDOqmfwlXhu1bGxS9
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront), 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2, FRA6-C1
age: 2185810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Jun 2023 15:50:30 GMT
server: AmazonS3
etag: W/"25a50b188be62889f17a58ef8741109b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: -eNXB7YqjH8E6IF2i6NUC4iAOjiWyjtYc5DsX1w2c3eNsd0h61o80w==
expires: Fri, 14 Jun 2024 15:50:28 GMT

GET
H2 200 safe-deal.svg
assets.renegocie.gruporecovery.com/f/119473/x/e99b9cc8ce/ 14 KB
6 KB 295ms
10ms Image
image/svg+xml 99.86.4.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.renegocie.gruporecovery.com/f/119473/x/e99b9cc8ce/safe-deal.svg
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99037fed0601f19190ef2c12265f29430cbc0d73075f9a4bfaf6ef6c57d8b44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:40:46 GMT
x-amz-version-id: 3llFz6mpxMYi1xYS.5iltFtNvIv7C1Ks
content-encoding: gzip
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront), 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2, FRA6-C1
age: 3988673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Jun 2023 15:56:16 GMT
server: AmazonS3
etag: W/"67a9bded16ca62675ef1c86aef6cfdea"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public; max-age=31536000
x-amz-cf-id: rn13eoQ8m2n6d-FtloffMwGcaKg6x5VOvtEgmuEtlN5yEtFbtJ_KtA==
expires: Fri, 14 Jun 2024 15:56:14 GMT

GET
H2 200 load-extra-font-weights.js Show response
www.renegocie.gruporecovery.com/ 1 KB
1 KB 22ms
22ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/load-extra-font-weights.js?v=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

04b25fca1ec3729fc2875a339977a7ba2862e876537e0e2038985dc61460f9d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:00 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
server: AmazonS3
etag: W/"f28b5df3c09d372d56bb6eedc8dd8c3d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: SVKNR_ZgcLXVTUECRFK6sZp_qJ0sm-sozWZCUGZnboo0_DW8YW7Ncw==

GET
H2 200 app-3ced4615cc231c50f2d0.js Show response
www.renegocie.gruporecovery.com/ 192 KB
60 KB 26ms
25ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

264bb7a30469a1fe132f8c0fab38cf63e8125d4c7c84322815135a7e10c450f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:00 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:50 GMT
server: AmazonS3
etag: W/"1572b86b614d202057c6583b2e78683c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: dO7HnvUbO6tzI-4GZXj60bccwLlg2wd72FJvVJSm6n3pcDOIwUhIxg==

GET
H2 200 framework-db088ed32cf07940f169.js Show response
www.renegocie.gruporecovery.com/ 127 KB
42 KB 45ms
44ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/framework-db088ed32cf07940f169.js?v=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

edc2182e09ce758378c8a7563dc6873e3d2361ab17514455a47f7129840ca33e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:00 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: W/"6c575ee30b3aa64dbcdd2cff4389c5cb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: iB--8tmm58ZYGCpmhlujGHWHWhMsLdQXmNjNvjWx8V_HwvYi2Vk0GA==

GET
H2 200 webpack-runtime-1cfd7489d95398411008.js Show response
www.renegocie.gruporecovery.com/ 6 KB
4 KB 51ms
50ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

019d7a30d2fbaf6da1e2b3fadaca540253601f0cf5958c9135739ec2519d4ebe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:00 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339939
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:57 GMT
server: AmazonS3
etag: W/"d2d476ded3887382669bf4e1844248e6"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: Y2IYkPtKZz0TeoIUNTQ34d_IGeosKxe0V7bqFKUyTZTdWkldgyQWvg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47198
x-xss-protection: 0
pragma: public
x-fb-debug: ONCpih+RtODb2mr1gc0myZ1dDpketewRp0+kx4nIOgi8NeQS96rP0/vI5sWYH1aUUrJI/0GjJ6KrSlkpcH4hfw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 default-whatsapp.svg
www.renegocie.gruporecovery.com/ 141 KB
86 KB 809ms
809ms Image
image/svg+xml 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.renegocie.gruporecovery.com/default-whatsapp.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

03f1746e69df5ca73651a3ba852f6a1c2492b59745b1cb95ecf21f9d06540721

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:39 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:52 GMT
server: AmazonS3
etag: W/"5142d460d9a1ed7e1efa627f267f31a9"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
x-amz-cf-id: 4K0pEvBIg4Wqkuo3kOCmqmLxJU5DLf-drSCMx2KZvak9Y8m7Ypjvdg==

GET
H2 200 Montserrat-Medium.woff2
www.renegocie.gruporecovery.com/fonts/ 7 KB
8 KB 29ms
28ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/Montserrat-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3fb5adbe583f810c219c92f2c850bbec95e387c00516ff2c5daaefef67d47aff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7120
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "8bfdbf2e5508f4a0ab182d7f33ef4c69"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: 1BkKT0iPX_HtibHXLC2CK-B_VoO3URgI881Ny9VETnQCpIbovuRD3Q==

GET
H2 200 Montserrat-Bold.woff2
www.renegocie.gruporecovery.com/fonts/ 7 KB
8 KB 31ms
30ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/Montserrat-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6d102e885322a75dd5d0f4b16ff0a5efccc3834385d088839eb71c91c4dc056

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7196
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "93062036c4e2ebda15b5e329d8302ed5"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: fhHqSwgoFJuKx4UypEhCAGmCCLzVHwdVKsMq60x-T2yJRmC53wBZTw==

GET
H2 200 Montserrat-ExtraBold.woff2
www.renegocie.gruporecovery.com/fonts/ 7 KB
8 KB 32ms
31ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/Montserrat-ExtraBold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f7d4a8874bc784a0c4d2b4ad3fa31233c1eb13ee04a9cf097ce36cc6e9662334

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7244
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "ad8fa6987449eccd408829f88ab79834"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: EF1BLxOcFhH-VY0XK-aSQvmHEF5SiyX9u8djeKtUZj6EZn6FtVyDiQ==

GET
H2 200 BaseFont-Regular.woff
www.renegocie.gruporecovery.com/fonts/ 21 KB
22 KB 39ms
38ms Font
font/woff 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/BaseFont-Regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d8de96ab472c386d60f5cc19856547265a2142d669817c7dc86ae06663898879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21944
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:53 GMT
server: AmazonS3
etag: "b7abf0be4c34548620698278c628b02a"
x-frame-options: DENY
content-type: font/woff
accept-ranges: bytes
x-amz-cf-id: emDwB87094ZPYMt-VTMXnq1eQeP0DrbVBGnwX19Sdk9_DebshO2_OQ==

GET
H2 200 BaseFont-Bold.woff
www.renegocie.gruporecovery.com/fonts/ 22 KB
23 KB 35ms
34ms Font
font/woff 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/BaseFont-Bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

badc9551f4f71c1b27fbe30f2356e55420305b93ad38c2e8507eadc2aff1bce8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22724
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:53 GMT
server: AmazonS3
etag: "cd55edfce5ca8f792f65bfd3486c54bf"
x-frame-options: DENY
content-type: font/woff
accept-ranges: bytes
x-amz-cf-id: ujXQ_Grd6nJ3flzsxZrkSCWTB1boNIrrsf5LgEffZFOg1sKKsVwoSw==

GET
H2 200 Montserrat-Italic.woff2
www.renegocie.gruporecovery.com/fonts/ 7 KB
8 KB 40ms
40ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/Montserrat-Italic.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

35b7967df75f45f9235b643f41f41d6aa51329886dda169f2e08b435328b9469

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "ae6ea8114ef3198313170ec6aaa767e5"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: fJopUEa3OETFX6qMSFntZ-Detd4srM-Jq5T_uUdZod4fiAOQ_Ok5Fw==

GET
H2 200 201159448648003 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/201159448648003?v=2.9.120&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d8508935c502b8184edda69363ef65e795fc3fada09161c78cfc6a9d9b636b4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UqtmPhvNPQJaOC4Uqars0Hx/Dfd8Za8aIajyNha39ti9FlkIdnxm/alPA2KpH0uACBBXPKOcw5XVGKj9xlnKrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
67 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316483997&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204852905-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79c4bd701d00fbdabb6964d99b459f598f074535ab0a17a6a858d75764f29416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68323
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:20:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45367306-5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204852905-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43477b3719220bc4bcabf55f94e6384d8399b25fb847f124511c6406e518611d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61582
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
89 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3VDXGSTV7S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204852905-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5724495004df211a714164336aced1466efda95951c0f7dcae44888a52b3a60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-204852905-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 01 Aug 2023 19:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6533
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 01 Aug 2023 21:49:45 GMT

GET
H2 200 sprite.svg Show response
www.renegocie.gruporecovery.com/ 349 KB
120 KB 22ms
22ms XHR
image/svg+xml 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/sprite.svg?v=

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

27244641720c2fc097be1938dc82d6b2a6abc24ce4fcd6500650f6217f1385df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:57 GMT
server: AmazonS3
etag: W/"2f1e390863762e8cbcc97429883c9372"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
x-amz-cf-id: ZnUEsApD91rZETbObUJrzPsmDOmC-NHJ46rQP_1y-HAklXSVn_opHA==

GET
H2 200 thirdPartyScripts-ddca46d2f1f3cd672c0c.js Show response
www.renegocie.gruporecovery.com/ 23 KB
9 KB 24ms
21ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ec53c0d1f065ff9ace0b02a89e4c8b727ca1177a85dc3bcff1bc1376be6b3a14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:09:56 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 347323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:57 GMT
server: AmazonS3
etag: W/"6fe0d84ace67ad9e21900372a3fd562b"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: CHbDO9kJLQjWsPU1es_gwcPkUfPg8h7KVa7L7N3OR1zonyCjm3CPkQ==

GET
H2 200 ItauDisplay_900.woff2
www.renegocie.gruporecovery.com/fonts/ 19 KB
19 KB 24ms
21ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/ItauDisplay_900.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

106bffc32da7a3d192fb20e86ecf7ffc0a608a633e008739b6dcc441628cdc66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19248
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:53 GMT
server: AmazonS3
etag: "ba75522bf67f55308a709febcd331979"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: LUNi1TE78IDchhWN9uCweVdbLvOi-mLL5qziEkptPVl2gIcxqdnTFg==

GET
H2 200 itautext_400_new.woff2
www.renegocie.gruporecovery.com/fonts/ 17 KB
18 KB 26ms
23ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/itautext_400_new.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17892
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "4c9045c151fd584835340bef1292fa48"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: 2RUH9SRH8Rg4DiTsaMXvPhsozLB6TFmG76Y2GPN74zVK4GoD4eS6VA==

GET
H2 200 itautext_700_new.woff2
www.renegocie.gruporecovery.com/fonts/ 18 KB
18 KB 26ms
23ms Font
font/woff2 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/fonts/itautext_700_new.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18140
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:54 GMT
server: AmazonS3
etag: "6c8fe1156552769b5e65e3fc1eb81395"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-amz-cf-id: NUwHhG4uyyStqhEunVYwFvtlic2v186zXNnst3vtc-U6Cj9dD1Yfgw==

GET
H2 200 cohesion-latest.min.js Show response
cdn.cohesionapps.com/cohesion/ 112 KB
31 KB 44ms
7ms Script
text/javascript 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 428f978123ae00c835616e67d0dedf1273aa1265b49926ce51e9d9a4f52c0abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
date: Tue, 01 Aug 2023 01:28:45 GMT
last-modified: Tue, 18 Jul 2023 13:15:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72599
x-amz-server-side-encryption: AES256
etag: W/"9abedf4f7bf3f5b3af52f13a515d484e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4eh4sFvwAv68XMKF6HUM-ijsUTGhWOvR8KcrLnGE23_kUqyv5IhMaA==

GET
H2 200 app-data.json Show response
www.renegocie.gruporecovery.com/page-data/ 50 B
715 B 22ms
21ms XHR
application/json 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/page-data/app-data.json

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1890614a342b0500d5e21f3f33ef54c26dc0382cbcad2b951dd3a20e95f1d04e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:01 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339937
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 50
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
server: AmazonS3
etag: "17468087cdc61631cf90ef23974e690b"
x-frame-options: DENY
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: -cJTgfqyIsuehaKAjb6plAbdUQrio-QEQqJdJhnOZWTrGfhs0Zea9A==

GET
H2 200 page-data.json Show response
www.renegocie.gruporecovery.com/page-data/registro/ 167 B
834 B 22ms
22ms XHR
application/json 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/page-data/registro/page-data.json?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

658c1fbd74ec748f4dabdb04a03ef24fed92aae1b01f135819f14d69c2153137

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 12:14:51 GMT
x-amz-version-id: null
x-content-type-options: nosniff
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 293027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 167
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
server: AmazonS3
etag: "bba42473a77f3a3cd025b1b05e69d527"
x-frame-options: DENY
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: MXBcyEFREdpY4X0ien2XTq5J3J42zdqoAEnT6Obi9fs3Osic-H1-HA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316483997/ 3 KB
2 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316483997/?random=1690925918192&cv=11&fst=1690925918192&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&hn=www.googleadservices.com&frm=0&tiba=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&auid=796433894.1690925918&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316483997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

355ff7bc1d5b52cf4eba675d06de9b5fb8471ff7f0ef9143ead9be190835b381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1457
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-9WE0CQLPEY&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MRNMXPX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88d99b90db00d127b6f233761780ff2f55f018bdf3ed64b33bd314b4d070389e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 01 Aug 2023 21:38:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3VDXGSTV7S&gtm=45je37v0&_p=99693598&cid=636018300.1690925918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690925918&sct=1&seg=0&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VDXGSTV7S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d2dfc318615c33bd1b138aa0f2ed7e5c41ccebc0-181cc0e3887d65542d06.js Show response
www.renegocie.gruporecovery.com/ 19 KB
8 KB 22ms
21ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/d2dfc318615c33bd1b138aa0f2ed7e5c41ccebc0-181cc0e3887d65542d06.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

368d9131743bd0b6b85b27669b2ac7155214f61c02fae15f3397fb398c16f706

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:52 GMT
server: AmazonS3
etag: W/"dd9ed7172c04d15a55458c495996f146"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: iUjmxpaa_SEkWZp2iSPSE8Y8-9-x7uNcz2zuLvWybwYBg6rGb4_gOg==

GET
H2 200 38655a17d0677363ff4f4e07c4e8cd7a1afea532-521f49df7b73b82f7b97.js Show response
www.renegocie.gruporecovery.com/ 10 KB
5 KB 24ms
23ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/38655a17d0677363ff4f4e07c4e8cd7a1afea532-521f49df7b73b82f7b97.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5d16f71d70699ed76f8d10a4917285f24d9f82bb8336bf571e4c650a07616246

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:09:59 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 347320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:50 GMT
server: AmazonS3
etag: W/"983bfb408ca597ed42bdc2c172da3fa5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: Ve3nscPi2_UMewR7oboRiKV1t5pIxcKAKAzghV-t_hwXBgA5LGFJ2A==

GET
H2 200 90ecadc96eadee653b53587a234ad971751c9506-1ab5acd65afc42fc7151.js Show response
www.renegocie.gruporecovery.com/ 16 KB
7 KB 25ms
24ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/90ecadc96eadee653b53587a234ad971751c9506-1ab5acd65afc42fc7151.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fb47ccedae6fad577d6061828f573c72d505790dfba2dc86ae06251701f0f8d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 12:14:52 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 293026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:50 GMT
server: AmazonS3
etag: W/"c35e8409891e4601ef4738f06d8848d5"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: z0TZivlMxnCbhUVph6Ml7ELShZ6zOog4Ak_VsvVT_VfYKrL4YLGCtw==

GET
H2 200 11921bb05f6ccc298aa39f7ec28df2fbb469286a-ba0dd317832d43dd2953.js Show response
www.renegocie.gruporecovery.com/ 11 KB
5 KB 26ms
25ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/11921bb05f6ccc298aa39f7ec28df2fbb469286a-ba0dd317832d43dd2953.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3346a681acd2d82be386bad70e256978e61bbd5ae6c73ac6eafc798e17e9f159

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 12:14:52 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 293026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:50 GMT
server: AmazonS3
etag: W/"f73385eb4e33a4996b53449e58b5d332"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 0PTe4siUQ4_syb6dNCVeJThGLQE1YnbUFr8tr52trgQYJeTQtm49uA==

GET
H2 200 e47a2462d865da13bd40cda5a7332697acfa4ca7-426c88ed40d788b45807.js Show response
www.renegocie.gruporecovery.com/ 55 KB
19 KB 25ms
24ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/e47a2462d865da13bd40cda5a7332697acfa4ca7-426c88ed40d788b45807.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8396b1085a680feebc7f65e8a546a40ea7acbcb66d73e609a35cf0e3583e5da5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:53 GMT
server: AmazonS3
etag: W/"28b0669b61bcb18db89d4fa61104a86e"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: 6mHwHGeAv-U19F26s0SYDlrTJUWjA1RfU8VY-67ff11uzYzNf_LjXw==

GET
H2 200 component---src-pages-landing-register-index-js-ef70060afb8c4df6baab.js Show response
www.renegocie.gruporecovery.com/ 32 KB
11 KB 26ms
25ms Script
text/javascript 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/component---src-pages-landing-register-index-js-ef70060afb8c4df6baab.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/webpack-runtime-1cfd7489d95398411008.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0aef00c6ecd5e3810bc1cfaa7197adf116906740ae0476831cf4d201eaf77356

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 12:14:52 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 293026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:52 GMT
server: AmazonS3
etag: W/"ffbbddd9fec1f3a54776a7c531a77b38"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: pOty__ik1liKA6Kq3cQdnnZoQ9VWsHWDkuqJlLW57vYDJA5I_azMDg==

GET
H2 200 2815802919.json Show response
www.renegocie.gruporecovery.com/page-data/sq/d/ 26 KB
4 KB 28ms
27ms XHR
application/json 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/page-data/sq/d/2815802919.json

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8cb83b2118a746e12cfa702257dc809d3094e3ff3f773afe10bde5b63c418802

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:13:02 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 339936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
server: AmazonS3
etag: W/"c3f0173af53c46dd121a0c9e18ae9aae"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json
x-amz-cf-id: BRWa311UyxOyPpSMcp-KrR8KecKhcaImZqh2G1FThw6lyRFhalQlag==

GET
H2 200 4123232587.json Show response
www.renegocie.gruporecovery.com/page-data/sq/d/ 34 KB
7 KB 28ms
27ms XHR
application/json 13.249.9.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.renegocie.gruporecovery.com/page-data/sq/d/4123232587.json

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-85.cdg53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0497b930703706c5e6be7cf824e4450adab9f592ea71cdf4a45e1931b16affa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:09:59 GMT
x-amz-version-id: null
content-encoding: gzip
content-security-policy: frame-ancestors internaltools.com.br *.internaltools.com.br itau.com.br *.itau.com.br credicard.com.br *.credicard.com.br app.storyblok.com/#!/me/spaces/119473? *.gruporecovery.com
via: 1.1 76d5d69c7419d6e5ee08d1a87f9d8316.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: CDG53-C1
age: 347320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 28 Jul 2023 20:29:56 GMT
server: AmazonS3
etag: W/"eb4f927396fdf257e9fc2c9d007fea7f"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json
x-amz-cf-id: 225yYZGh_AIo0YYm7mupm6sUZAb1Jri8DgTdx9orQInEoQV4BncwVA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
217 B 15ms
15ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=99693598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&ul=en-us&de=UTF-8&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUADQAAAACAAI~&jid=597156857&gjid=1257105767&cid=636018300.1690925918&tid=UA-204852905-1&_gid=1488375914.1690925918&_r=1&gtm=457e37v0&jsscut=1&z=509650201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 14ms
14ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=99693598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&ul=en-us&de=UTF-8&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUADQAAAACAAI~&jid=1059706834&gjid=922343235&cid=636018300.1690925918&tid=UA-45367306-5&_gid=1488375914.1690925918&_r=1&gtm=457e37v0&jsscut=1&z=799386838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 254012737059341 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 59ms
57ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/254012737059341?v=2.9.120&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e3b2a7c17df94fdb1adf536ca082ab4dc35ddd12acb6ed1753476ccfe286039

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dxAYutQRBypFzQd9XTbHhcurrWuMDA41u4EchVvDeV9cPzq2RexLIo6O2j8RdTbWjx9ygXs5aTwhDXUx8lEaCQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 326ms
97ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 322ms
97ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 323ms
98ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 320ms
97ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 110ms
109ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: d3db2d41f0e4c2cf33aae2fc96f4f490941b0cb167ecfb23bf8018554e41b2b0

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 137 B
270 B 111ms
109ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: 1b2527715ec555d91faa674cb8172c659f1dc511599750c7a12e36418b749253

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 137
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 110ms
109ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: fbcb325d6f349ffc56550927daf1d273cd7c2b5b6905d4cd68e2405c9175feb0

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 118ms
117ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: 529f3e5ff86223751e8c79e927e5251254f43af9a111bdfd1b0ad34570daa95e

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 xs1.html Show response
cdn.cohesionapps.com/cohesion/ Frame 52F4 906 B
1 KB 7ms
6ms Document
text/html 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 56678
content-length: 906
content-type: text/html
date: Tue, 01 Aug 2023 10:09:34 GMT
etag: "5cbe3d7df3c3ca6d8e47d2bd44687396"
last-modified: Tue, 18 Jul 2023 13:15:49 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id: NPwId06_UnRdYTb7K9zX78q6gk1q4K_z-cuVu7aeRWFiotCgdT3eJg==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
360 B 65ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=1059706834&gjid=922343235&_gid=1488375914.1690925918&_u=YCDAAUADQAAAACAAI~&z=805483891

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9WE0CQLPEY&gtm=45je37v0&_p=99693598&_gaz=1&cid=636018300.1690925918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1690925918&sct=1&seg=0&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&en=scroll&_fv=1&_ss=2&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9WE0CQLPEY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 48ms
20ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9WE0CQLPEY&cid=636018300.1690925918&gtm=45je37v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-9WE0CQLPEY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 44ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9WE0CQLPEY&cid=636018300.1690925918&gtm=45je37v0&aip=1&z=2050127103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/316483997/ 42 B
455 B 47ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316483997/?random=1690925918192&cv=11&fst=1690923600000&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&frm=0&tiba=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3623299226&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/316483997/ 42 B
154 B 43ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/316483997/?random=1690925918192&cv=11&fst=1690923600000&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&frm=0&tiba=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3623299226&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xs2.html Show response
cdn.cohesionapps.com/cohesion/ Frame 52F4 346 B
709 B 7ms
6ms Document
text/html 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by: Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0

Request headers

Referer: https://cdn.cohesionapps.com/cohesion/xs1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71788
content-length: 346
content-type: text/html
date: Tue, 01 Aug 2023 01:42:11 GMT
etag: "4b5f9eae0703e5970dae0efc366d7c1b"
last-modified: Tue, 18 Jul 2023 13:15:49 GMT
server: AmazonS3
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id: E7JMcWpNTgcOr-iI9g8HLRCiIvr8gdBkB88_CravfZwY9vZc3GDwPQ==
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 916 B
769 B 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/11921bb05f6ccc298aa39f7ec28df2fbb469286a-ba0dd317832d43dd2953.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0c8a1fb35c9426fe213dce35981e2ad6ef684d0d2ae699e1e39d6a1a1d77f9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 577
x-xss-protection: 1; mode=block
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=201159448648003&ev=PageView&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&rl=&if=false&ts=1690925918451&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.1.1690925918450.412192567&cs_est=true&it=1690925918120&coo=false&exp=a3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254012737059341&ev=PageView&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&rl=&if=false&ts=1690925918452&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.1.1690925918450.412192567&it=1690925918120&coo=false&exp=a3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=1059706834&_u=YCDAAUADQAAAACAAI~&z=1574002358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=1059706834&_u=YCDAAUADQAAAACAAI~&z=1574002358

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 195ms
97ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
84 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSJJGTX

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bfb887e86f3386a3050ab3168e8a063d327a527800f2b98046fffea161d2d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86036
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/ 105 KB
28 KB 32ms
11ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/analytics.min.js
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f253d2346718af98924a8f42d8dc7c087e1064e81cc0ab72897c94b9a140616d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: lNKNV_o725n6WR7wqtV0wDBqBmx_aNfD
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
date: Tue, 01 Aug 2023 21:38:38 GMT
x-amz-cf-pop: FRA6-C1
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Jun 2023 05:46:50 GMT
server: AmazonS3
etag: W/"6725d757d32ca604930d71585289a51d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: _8-IVJOLD7SWucGto2hgtHZNnyn-T8dDKGH4EvwoE51GI1rtoK0n6g==

GET
H2 200 importLibJSFrameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 2 KB
1 KB 383ms
18ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?NSJJGTX
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/38655a17d0677363ff4f4e07c4e8cd7a1afea532-521f49df7b73b82f7b97.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5fc14abd3420d0526df2ebf12c84966abbe0c9ae8d826fedbe77b6ef46afa73a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 01 Aug 2023 21:38:38 GMT
x-amz-cf-pop: MAN50-C2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1690925918818_35115178_1353207032_35_10873_6_0_146";dur=1
content-length: 970
last-modified: Thu, 13 May 2021 15:41:55 GMT
server: AmazonS3
etag: W/"59527c7807d1544f47f10c3cf52eb6f7"
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: internet.itau.com.br
cache-control: max-age=285100
x-amz-cf-id: b2QxedmeGpKyQFXizl889X2xgD8zhLSQAes5UY8cZl9TGEFWqpKPdg==
expires: Sat, 05 Aug 2023 04:50:18 GMT

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 119ms
118ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: 3eef097313a5bb318ceb90faeff65e8bd103c1dc5620469e02cdc88e9079dfe1

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 114ms
114ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 105ms
105ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: 8a510acebd3a6537f4c3443f37ba5690101b2f4b26b0b7acca6d610a6d6acfbf

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 436 KB
176 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?&onload=GoogleRecaptchaLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Origin: https://www.renegocie.gruporecovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 19:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179643
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jul 2024 19:13:31 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/ 616 B
1 KB 24ms
7ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/settings
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dee39147c9d62ccb7228f7944c86f85f7f6a1adcd2bc294c824f8bedce2842f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 7JWqt3YsL9YEhFU.KOhAogPXOL0Gg70l
date: Tue, 01 Aug 2023 20:18:28 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 4811
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 616
last-modified: Tue, 18 Jul 2023 20:22:36 GMT
server: AmazonS3
etag: "832028f078a4f04a2cbb1d4d06a59043"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: eFyepmNgRzUalFmmjFGAG4S66wbDL5p0uuPpToDFnuC-NB7X-SwRPQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=99693598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&ul=en-us&de=UTF-8&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAACAAI~&jid=536968867&gjid=1868825228&cid=636018300.1690925918&tid=UA-45367306-5&_gid=1488375914.1690925918&_r=1&_slc=1&gtm=45He37v0n81NSJJGTX&z=1354350667

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1860132.js Show response
static.hotjar.com/c/ 11 KB
5 KB 57ms
42ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1860132.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSJJGTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

ee9450c97014b6484b7e1f76b4720fdbee5c4414a5cdf0db0665b783eae7f7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 01 Aug 2023 21:38:38 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/ac53ba9e315bc13834ac33f416670b82
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: U10L6rD_z_ev93AbiKqO-tSQP1lGYlnoubExnXDvFhWDeYb4IQL-aA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=99693598&t=pageview&_s=2&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&ul=en-us&de=UTF-8&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAACAAI~&jid=&gjid=&cid=636018300.1690925918&tid=UA-45367306-5&_gid=1488375914.1690925918&gtm=457e37v0&jsscut=1&z=840221151

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 00:29:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76137
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=536968867&gjid=1868825228&_gid=1488375914.1690925918&_u=aCDAAUADQAAAACAAI~&z=841761274

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:33:37 GMT
x-amz-version-id: _H9yZPSmslU0Ha7Pi0hl0RDILCgEno6Z
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1886702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 00:08:20 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Ll6uOjz7oRSAwYy-1fg9wT5CcrmvjZAdvu9P4Yu-22_GBC1E2udxLA==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1F85 48 KB
26 KB 27ms
26ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRaGQcAAAAAFpvU2diBUMza_kIJndm3MHfSuVk&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=5g1yhe25ogbr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93e643dc07076aa206f03b59eb397539a7c51dbd0b3315f4f7678e1070cb1a81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a2L9C4zwke5x2FPdqrnURQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26634
content-security-policy: script-src 'report-sample' 'nonce-a2L9C4zwke5x2FPdqrnURQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 21:38:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F326 51 KB
27 KB 36ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB0VshAAAAANPsyPPf8LWkZlbUaM9JnCON8kEX&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=a63sygltw6k0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da8753754df41457eda6170e4756e4c1d71a255e52deed893762408899f8dfd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C82QrW1qbDL56xYFT_VfuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.renegocie.gruporecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28098
content-security-policy: script-src 'report-sample' 'nonce-C82QrW1qbDL56xYFT_VfuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 21:38:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=536968867&_u=aCDAAUADQAAAACAAI~&z=1778862702

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45367306-5&cid=636018300.1690925918&jid=536968867&_u=aCDAAUADQAAAACAAI~&z=1778862702

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.c4770505768b5ede43ea.js Show response
script.hotjar.com/ 227 KB
56 KB 20ms
6ms Script
application/javascript 108.138.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c4770505768b5ede43ea.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1860132.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-40.fra56.r.cloudfront.net

Software

Resource Hash

b7a9cde8317792327c112065ec423196947efcc8059b14745c6a1c59cd77a66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 11:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 35971
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56523
last-modified: Tue, 01 Aug 2023 11:38:27 GMT
etag: "42a641210bfde3da54995de5ace993eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Hf5jPkopcXebrpmiW7itbz-8CcMeQwlqlsRSWRYGz2rasJva33ZUBQ==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 6ms
6ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Q7sEjFsoBZqDcqYoPRx0cKxDy1npLaj5/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 00:10:37 GMT
x-amz-version-id: MniMHHUYFjJc54scO3EWeBryCREtRHVz
content-encoding: br
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 10186082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 00:06:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: XdkK4CAtmLwTe0Vw681kzeCQJxY2dT-vlWV6xx9QUInHtvF0nTnM4w==

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
185 B 530ms
173ms Fetch
application/json 34.223.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-74-168.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.renegocie.gruporecovery.com
date: Tue, 01 Aug 2023 21:38:39 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 1F85 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRaGQcAAAAAFpvU2diBUMza_kIJndm3MHfSuVk&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=5g1yhe25ogbr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 19:36:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 1F85 436 KB
175 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 19:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179643
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jul 2024 19:13:31 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame F326 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB0VshAAAAANPsyPPf8LWkZlbUaM9JnCON8kEX&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=a63sygltw6k0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 19:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jul 2024 19:36:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame F326 436 KB
175 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 19:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 179643
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jul 2024 19:13:31 GMT

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 107ms
103ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: a5e7e5c1e4b85c5d7ca81c37fb9a9164751646141ea2c84609d7fbf859f5f2a6

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:38 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 97ms
96ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1F85 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRaGQcAAAAAFpvU2diBUMza_kIJndm3MHfSuVk&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=5g1yhe25ogbr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F326 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB0VshAAAAANPsyPPf8LWkZlbUaM9JnCON8kEX&co=aHR0cHM6Ly93d3cucmVuZWdvY2llLmdydXBvcmVjb3ZlcnkuY29tOjQ0Mw..&hl=de&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&badge=bottomright&cb=a63sygltw6k0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 01 Aug 2023 21:38:38 GMT

GET
H2 200 frameworkDA.js Show response
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 5 KB
2 KB 19ms
19ms Script
application/javascript 95.101.111.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/frameworkDA.js?NSJJGTX
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/38655a17d0677363ff4f4e07c4e8cd7a1afea532-521f49df7b73b82f7b97.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f5568f23c304a07a17926ccd0add23acaca930bdb4abff86162226ef0867bfb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Tue, 01 Aug 2023 21:38:38 GMT
x-amz-cf-pop: MAN50-C2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1690925918919_35115178_1353207080_27_11642_6_0_146";dur=1
content-length: 1754
last-modified: Wed, 19 Jul 2023 04:06:38 GMT
server: AmazonS3
etag: W/"e9ab97a23c735976e772fb3baaad53d3"
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: internet.itau.com.br
cache-control: max-age=285091
x-amz-cf-id: CZDdpVH0P59RTB9hqUw-gqTYPH98DntEPWhS_q4vD5cLByA0rrqQdg==
expires: Sat, 05 Aug 2023 04:50:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=201159448648003&ev=Microdata&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&rl=&if=false&ts=1690925918982&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto%22%2C%22meta%3Adescription%22%3A%22Negocie%20d%C3%ADvidas%20100%25%20online%2C%20com%20seguran%C3%A7a%20e%20at%C3%A9%2098%25%20de%20desconto%20no%20acordo.%20Limpe%20o%20nome%20na%20Recovery.%22%2C%22meta%3Akeywords%22%3A%22Negocia%C3%A7%C3%A3o%20de%20d%C3%ADvidas%2C%20limpar%20o%20nome%2C%20renegociar%20d%C3%ADvida%2C%20aumentar%20score%2C%20feir%C3%A3o%20limpa%20nome%2C%20recovery%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22Negocie%20d%C3%ADvidas%20100%25%20online%2C%20com%20seguran%C3%A7a%20e%20at%C3%A9%2098%25%20de%20desconto%20no%20acordo.%20Limpe%20o%20nome%20na%20Recovery.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.120&r=stable&ec=1&o=30&fbp=fb.1.1690925918450.412192567&it=1690925918120&coo=false&es=automatic&tm=3&exp=a3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254012737059341&ev=Microdata&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&rl=&if=false&ts=1690925918984&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto%22%2C%22meta%3Adescription%22%3A%22Negocie%20d%C3%ADvidas%20100%25%20online%2C%20com%20seguran%C3%A7a%20e%20at%C3%A9%2098%25%20de%20desconto%20no%20acordo.%20Limpe%20o%20nome%20na%20Recovery.%22%2C%22meta%3Akeywords%22%3A%22Negocia%C3%A7%C3%A3o%20de%20d%C3%ADvidas%2C%20limpar%20o%20nome%2C%20renegociar%20d%C3%ADvida%2C%20aumentar%20score%2C%20feir%C3%A3o%20limpa%20nome%2C%20recovery%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Adescription%22%3A%22Negocie%20d%C3%ADvidas%20100%25%20online%2C%20com%20seguran%C3%A7a%20e%20at%C3%A9%2098%25%20de%20desconto%20no%20acordo.%20Limpe%20o%20nome%20na%20Recovery.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.120&r=stable&ec=1&o=30&fbp=fb.1.1690925918450.412192567&it=1690925918120&coo=false&es=automatic&tm=3&exp=a3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 01 Aug 2023 21:38:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sdk-interaction-studio-web-universal.min.js Show response
bucketfileshiio-prd.cloud.itau.com.br/itau-sdk-interaction-studio/assets/ 42 KB
13 KB 925ms
879ms Script
application/javascript 2600:9000:2057:a000:14:a44b:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucketfileshiio-prd.cloud.itau.com.br/itau-sdk-interaction-studio/assets/sdk-interaction-studio-web-universal.min.js
Requested by: Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/frameworkDA.js?NSJJGTX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a000:14:a44b:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20d3f950f05fab894eba4980ec862c31cfb80903cd3bd0757c94f09c427634af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:38:40 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 29 Jun 2023 02:10:40 GMT
server: AmazonS3
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"23809f0c00cee52bdb9e1c52ab12986f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: _MGtKFjW5UYJBt5Fvvz19YrXgjUsQqK9s_V-hAlobfbiEYYUQ1i8bw==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=99693598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&dp=%2FIT%2FNL%2FNCC%2FRenegocie%2FRecovery%2FPaginadeRegistro&ul=en-us&de=UTF-8&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAAUADQAAAACAAI~&jid=&gjid=&cid=636018300.1690925918&tid=UA-45367306-5&_gid=1488375914.1690925918&gtm=45He37v0n81NSJJGTX&cd2=IT%3ANL%3ANCC%3ARenegocie%3ARecovery%3APaginadeRegistro&z=53667780

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 00:29:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76138
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 97ms
96ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:39 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 1367ms
1367ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: 917a3b4ae78444de4e80b01db4f8aab1ccac5e0e88cfffb4813e299b5597b736

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:40 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
31 KB 38ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1208.min.js

Requested by

Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
date: Tue, 01 Aug 2023 21:38:40 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V1652AQAPH9GHXBC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 31332
x-amz-id-2: nIPHjTmXAJTbzjaeFsR+jip8GdK0SCIKJfPafdMPvkgiPkm3yqch0giAd/nUBSJz8AbFSk5w3dU=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1690925920.191704,VS0,VE0
etag: "1a71e4208296f97b465116492f59124d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 77

OPTIONS
H2 200 t
ingest.make.rvapps.io/v2/ Frame 0
0 97ms
96ms Preflight 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.renegocie.gruporecovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 900
content-length: 0
date: Tue, 01 Aug 2023 21:38:40 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 t Show response
ingest.make.rvapps.io/v2/ 138 B
271 B 108ms
108ms XHR
application/json 54.167.153.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ingest.make.rvapps.io/v2/t
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.153.200 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-153-200.compute-1.amazonaws.com
Software: /
Resource Hash: c4a7d374b83e634e30fad0496ce514fa68887a4a060220f1cd0807d8d5a4e098

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic d2tfMkVQNWlLTEJZQUJmNmNhVXg1c3FTUmhyUXVDOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 01 Aug 2023 21:38:40 GMT
access-control-allow-credentials: true
content-length: 138
vary: Origin
content-type: application/json

GET
H/1.1 200
OK NRBR-d800922aa57dcf7b830 Show response
bam-cell.nr-data.net/1/ 56 B
954 B 645ms
574ms Script
text/javascript 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRBR-d800922aa57dcf7b830?a=691515579&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=2479&ck=1&ref=https://www.renegocie.gruporecovery.com/registro&be=581&fe=2432&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1690925917730,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:189,%22c%22:189,%22s%22:210,%22ce%22:243,%22rq%22:243,%22rp%22:270,%22rpe%22:275,%22dl%22:278,%22di%22:356,%22ds%22:370,%22de%22:370,%22dc%22:2431,%22l%22:2431,%22le%22:2438%7D,%22navigation%22:%7B%7D%7D&fp=361&fcp=361&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Tue, 01 Aug 2023 21:38:40 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKxp5kHaI2U2W5sVRCVYnUMYLxgRu8g7zJoTO6yk65H%2BzA6iW5m8i%2Flb%2FPwQ7QBMwfi4NG6B3lMWX8KpbMbWrQhFFD6VWdOTC2mqPikFfe6iEWglsnNrqSRydHCZOhRNnAx7leku"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7f013ab9bbad1c0f-FRA

POST
H/1.1 200
OK NRBR-d800922aa57dcf7b830 Show response
bam-cell.nr-data.net/resources/1/ 36 B
764 B 280ms
280ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/resources/1/NRBR-d800922aa57dcf7b830?a=691515579&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=3142&ck=1&ref=https://www.renegocie.gruporecovery.com/registro&st=1690925917730
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea86e8c10d7c3c50e07472dad9aa369c33658733131639f3bb8f750c6d4561d

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 01 Aug 2023 21:38:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.renegocie.gruporecovery.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MY6GnvQmqJGoFcFNn%2BSmzD6mROeze6MuGGMSWpkutIFBIlG4gzYGgERIDygBgTqSt1hx%2Fu0laz1BBsooTrmEzINEFuomqO8qzsIx9p315FpcfAqVIjlScVbv62ZuPXOz6%2BwtIVD%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7f013abd788c1c0f-FRA
Content-Length: 36

POST
H/1.1 204
No Content NRBR-d800922aa57dcf7b830 Show response
bam-cell.nr-data.net/ins/1/ 0
690 B 275ms
259ms XHR
text/plain 162.247.241.2
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/ins/1/NRBR-d800922aa57dcf7b830?a=691515579&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=3156&ck=1&ref=https://www.renegocie.gruporecovery.com/registro
Requested by: Host: www.renegocie.gruporecovery.com
URL: https://www.renegocie.gruporecovery.com/thirdPartyScripts-ddca46d2f1f3cd672c0c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.2 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.renegocie.gruporecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 01 Aug 2023 21:38:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTBMjsYdzwS7Lp0jBbUOps9OSd8PXpHhjt%2FH%2BbXRBMQKq35CeTUvfhfOJl91hy%2F2I%2FyzNjKpNeIgOxM2yVcXBnpNvE5t8MEMSSfjnugjDEV3spg4cI8X9uVAOoATbZm6s3IWcbyO"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin: https://www.renegocie.gruporecovery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7f013abdaecd362c-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3VDXGSTV7S&gtm=45je37v0&_p=99693598&cid=636018300.1690925918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1690925918&sct=1&seg=0&dl=https%3A%2F%2Fwww.renegocie.gruporecovery.com%2Fregistro%3Futm_source%3Dcrm%26utm_medium%3Dsms%26utm_campaign%3Dcrm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d%2B_step1_renegocie_01082023&dt=Renegocie%20Recovery%3A%20Quite%20D%C3%ADvidas%20Com%20At%C3%A9%2098%25%20De%20Desconto&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VDXGSTV7S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.renegocie.gruporecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Aug 2023 21:38:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.renegocie.gruporecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gruporecovery.com/	1970-01-20 15:51:41	Name: _gcl_au Value: 1.1.796433894.1690925918
.gruporecovery.com/	1970-01-20 23:18:05	Name: _ga_3VDXGSTV7S Value: GS1.1.1690925918.1.0.1690925918.0.0.0
.doubleclick.net/	1970-01-20 13:42:06	Name: test_cookie Value: CheckForPermission
.gruporecovery.com/	1970-01-20 13:43:32	Name: _gid Value: GA1.2.1488375914.1690925918
.gruporecovery.com/	1970-01-20 13:42:05	Name: _gat_gtag_UA_204852905_1 Value: 1
.gruporecovery.com/	1970-01-20 13:42:05	Name: _gat_gtag_UA_45367306_5 Value: 1
.www.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: chsn_cnsnt Value: www.renegocie.gruporecovery.com%3AC0001%2CC0002%2CC0003%2CC0004%2CC0005
.www.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: tglr_anon_id Value: 14012500-ead1-4b17-8947-d13098bba265
.www.renegocie.gruporecovery.com/	1970-01-20 13:42:07	Name: tglr_sess_id Value: 77a35612-d141-4a5b-844a-26b7cdec224d
.www.renegocie.gruporecovery.com/	1970-01-20 13:42:07	Name: tglr_ref Value:
.www.renegocie.gruporecovery.com/	1970-01-20 13:42:07	Name: tglr_req Value: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023
.www.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: tglr_sess_count Value: 1
.www.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: tglr_tenant_id Value: src_2EP5iNhah7PotvGssqbAAaK5GMT
.cohesionapps.com/	1970-01-20 23:18:05	Name: cohsn_xs_id Value: b713ddc0-7a28-4af7-8067-1779b48d147c
.gruporecovery.com/	1970-01-20 15:51:41	Name: _fbp Value: fb.1.1690925918450.412192567
.www.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: cohsn_xs_id Value: b713ddc0-7a28-4af7-8067-1779b48d147c
.renegocie.gruporecovery.com/	1970-01-20 23:18:05	Name: _ga Value: GA1.3.636018300.1690925918
.renegocie.gruporecovery.com/	1970-01-20 13:43:32	Name: _gid Value: GA1.3.1488375914.1690925918
.renegocie.gruporecovery.com/	1970-01-20 13:42:05	Name: _gat_UA-45367306-5 Value: 1
.gruporecovery.com/	1970-01-20 22:27:41	Name: ajs_anonymous_id Value: 18c71683-c984-4f3a-a2c8-c312915f8c1f
.gruporecovery.com/	1970-01-20 22:27:41	Name: _hjSessionUser_1860132 Value: eyJpZCI6IjBmMThmZTMwLTgzN2EtNTBlNi05MGM1LTY4MTMzZDVjOTQ5ZiIsImNyZWF0ZWQiOjE2OTA5MjU5MTg3NjgsImV4aXN0aW5nIjpmYWxzZX0=
.gruporecovery.com/	1970-01-20 13:42:07	Name: _hjFirstSeen Value: 1
.gruporecovery.com/	1970-01-20 13:42:06	Name: _hjIncludedInSessionSample_1860132 Value: 0
.gruporecovery.com/	1970-01-20 13:42:07	Name: _hjSession_1860132 Value: eyJpZCI6IjA5Zjg4NjY4LTEyYjItNGY0Zi1hZWYxLTEwOGUyMDhjZGM5ZSIsImNyZWF0ZWQiOjE2OTA5MjU5MTg3NzQsImluU2FtcGxlIjpmYWxzZX0=
.gruporecovery.com/	1970-01-20 13:42:07	Name: _hjAbsoluteSessionInProgress Value: 0
.gruporecovery.com/	1970-01-20 23:18:05	Name: _ga_9WE0CQLPEY Value: GS1.1.1690925918.1.1.1690925918.59.0.0
.gruporecovery.com/	1970-01-20 23:18:05	Name: _ga Value: GA1.2.636018300.1690925918
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7e0b873f46ce3dac

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.renegocie.gruporecovery.com/registro?utm_source=crm&utm_medium=sms&utm_campaign=crm_pf_sms_sf_adhoc_ativacao_desenrola-brasil_lp-rv_collection-d+_step1_renegocie_01082023 Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
rendering	error	URL: https://www.renegocie.gruporecovery.com/app-3ced4615cc231c50f2d0.js?v=0(Line 1) Message: Error: <symbol> attribute viewBox: Expected number, "0 0 18px 18px".
security	error	URL: https://cdn.cohesionapps.com/cohesion/cohesion-latest.min.js Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js(Line 280) Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js(Line 280) Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://script.hotjar.com/modules.c4770505768b5ede43ea.js Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://script.hotjar.com/modules.c4770505768b5ede43ea.js Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js(Line 336) Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.
security	error	URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__de.js(Line 336) Message: The source list for Content Security Policy directive 'frame-ancestors' contains a source with an invalid path: '/#!/me/spaces/119473?'. The fragment identifier, including the '#', will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors internaltools.com.br .internaltools.com.br itau.com.br .itau.com.br credicard.com.br .credicard.com.br app.storyblok.com/#!/me/spaces/119473? .gruporecovery.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
assets.renegocie.gruporecovery.com
bam-cell.nr-data.net
bucketfileshiio-prd.cloud.itau.com.br
cdn.cohesionapps.com
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
googleads.g.doubleclick.net
ingest.make.rvapps.io
js-agent.newrelic.com
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.itau.com.br
www.renegocie.gruporecovery.com
108.138.7.40
13.249.9.85
151.101.66.137
162.247.241.2
18.66.147.58
18.66.97.10
2001:4860:4802:32::36
2001:4860:4802:36::178
2600:9000:2057:a000:14:a44b:7e00:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.223.74.168
54.167.153.200
95.101.111.170
99.86.4.73
99.86.8.175
019d7a30d2fbaf6da1e2b3fadaca540253601f0cf5958c9135739ec2519d4ebe
03f1746e69df5ca73651a3ba852f6a1c2492b59745b1cb95ecf21f9d06540721
0497b930703706c5e6be7cf824e4450adab9f592ea71cdf4a45e1931b16affa6
04b25fca1ec3729fc2875a339977a7ba2862e876537e0e2038985dc61460f9d0
0aef00c6ecd5e3810bc1cfaa7197adf116906740ae0476831cf4d201eaf77356
106bffc32da7a3d192fb20e86ecf7ffc0a608a633e008739b6dcc441628cdc66
12ab64799e55d11c467e47fc9a2562d5541fa99092d11b4dce7af66bf54dc430
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
138cd07c0c5b2e003bfbd656cb46ecb439f2dbbec673a028dd417d7809c7d01e
1890614a342b0500d5e21f3f33ef54c26dc0382cbcad2b951dd3a20e95f1d04e
1ac1442c4290be263bfc466e8788f13d2925ade3cd85e44a221516eae9597ab1
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
1b2527715ec555d91faa674cb8172c659f1dc511599750c7a12e36418b749253
20d3f950f05fab894eba4980ec862c31cfb80903cd3bd0757c94f09c427634af
21bdc339e4790a92409ca02d53b91c0812316d9805cdff2cceac1bed926ef232
25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e
264bb7a30469a1fe132f8c0fab38cf63e8125d4c7c84322815135a7e10c450f0
27244641720c2fc097be1938dc82d6b2a6abc24ce4fcd6500650f6217f1385df
2ea86e8c10d7c3c50e07472dad9aa369c33658733131639f3bb8f750c6d4561d
3346a681acd2d82be386bad70e256978e61bbd5ae6c73ac6eafc798e17e9f159
355ff7bc1d5b52cf4eba675d06de9b5fb8471ff7f0ef9143ead9be190835b381
35b7967df75f45f9235b643f41f41d6aa51329886dda169f2e08b435328b9469
368d9131743bd0b6b85b27669b2ac7155214f61c02fae15f3397fb398c16f706
3bfb887e86f3386a3050ab3168e8a063d327a527800f2b98046fffea161d2d37
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3eef097313a5bb318ceb90faeff65e8bd103c1dc5620469e02cdc88e9079dfe1
3fb5adbe583f810c219c92f2c850bbec95e387c00516ff2c5daaefef67d47aff
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
4127bb67cf715592064f9e5e3c59f893b56ecb4f07d6e9f8752ac7509b072b32
428f978123ae00c835616e67d0dedf1273aa1265b49926ce51e9d9a4f52c0abb
43477b3719220bc4bcabf55f94e6384d8399b25fb847f124511c6406e518611d
529f3e5ff86223751e8c79e927e5251254f43af9a111bdfd1b0ad34570daa95e
5724495004df211a714164336aced1466efda95951c0f7dcae44888a52b3a60a
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5d16f71d70699ed76f8d10a4917285f24d9f82bb8336bf571e4c650a07616246
5edcf7d806426c8fd41b5a92dfca5131ad449c275a97610f259ca81c1d031419
5fc14abd3420d0526df2ebf12c84966abbe0c9ae8d826fedbe77b6ef46afa73a
658c1fbd74ec748f4dabdb04a03ef24fed92aae1b01f135819f14d69c2153137
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79c4bd701d00fbdabb6964d99b459f598f074535ab0a17a6a858d75764f29416
7d8508935c502b8184edda69363ef65e795fc3fada09161c78cfc6a9d9b636b4
7e79475dec95a30b402f97d5dff3eb6909b8e65b88a5e45078b5086001824ac2
7fe4fb463d88a9117ad763c23a77784441d6034024f9530f9db0e2d6108da8e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8396b1085a680feebc7f65e8a546a40ea7acbcb66d73e609a35cf0e3583e5da5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88d99b90db00d127b6f233761780ff2f55f018bdf3ed64b33bd314b4d070389e
8a510acebd3a6537f4c3443f37ba5690101b2f4b26b0b7acca6d610a6d6acfbf
8cb83b2118a746e12cfa702257dc809d3094e3ff3f773afe10bde5b63c418802
8e3b2a7c17df94fdb1adf536ca082ab4dc35ddd12acb6ed1753476ccfe286039
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
917a3b4ae78444de4e80b01db4f8aab1ccac5e0e88cfffb4813e299b5597b736
93e643dc07076aa206f03b59eb397539a7c51dbd0b3315f4f7678e1070cb1a81
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99037fed0601f19190ef2c12265f29430cbc0d73075f9a4bfaf6ef6c57d8b44c
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0
a5e7e5c1e4b85c5d7ca81c37fb9a9164751646141ea2c84609d7fbf859f5f2a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1f9f06c389ec8060993c9c88a1e3092aca5a47a7804c328458a03422f2cf9c
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7a9cde8317792327c112065ec423196947efcc8059b14745c6a1c59cd77a66a
badc9551f4f71c1b27fbe30f2356e55420305b93ad38c2e8507eadc2aff1bce8
c4a7d374b83e634e30fad0496ce514fa68887a4a060220f1cd0807d8d5a4e098
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5
cfe481f7816600304e460aa1a4f02df4624acf219e6eeac1d72c1c6b485b55d3
d3db2d41f0e4c2cf33aae2fc96f4f490941b0cb167ecfb23bf8018554e41b2b0
d8de96ab472c386d60f5cc19856547265a2142d669817c7dc86ae06663898879
da5fea60fa51cdfaa2f07e1a4d91685d985c7d79dee4705b740750733fcf7564
da8753754df41457eda6170e4756e4c1d71a255e52deed893762408899f8dfd2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee39147c9d62ccb7228f7944c86f85f7f6a1adcd2bc294c824f8bedce2842f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec53c0d1f065ff9ace0b02a89e4c8b727ca1177a85dc3bcff1bc1376be6b3a14
edc2182e09ce758378c8a7563dc6873e3d2361ab17514455a47f7129840ca33e
ee9450c97014b6484b7e1f76b4720fdbee5c4414a5cdf0db0665b783eae7f7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8a1fb35c9426fe213dce35981e2ad6ef684d0d2ae699e1e39d6a1a1d77f9c
f253d2346718af98924a8f42d8dc7c087e1064e81cc0ab72897c94b9a140616d
f5568f23c304a07a17926ccd0add23acaca930bdb4abff86162226ef0867bfb8
f6d102e885322a75dd5d0f4b16ff0a5efccc3834385d088839eb71c91c4dc056
f7d4a8874bc784a0c4d2b4ad3fa31233c1eb13ee04a9cf097ce36cc6e9662334
fb47ccedae6fad577d6061828f573c72d505790dfba2dc86ae06251701f0f8d9
fbcb325d6f349ffc56550927daf1d273cd7c2b5b6905d4cd68e2405c9175feb0
fe88c83d9f8868f92afda354f6b592e3663602415b4fa7baf944fc7d4674e352

www.renegocie.gruporecovery.com Open in urlscan Pro 13.249.9.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

54 %IPv6

19 Domains

25 Subdomains

24 IPs

3 Countries

4236 kBTransfer

9555 kBSize

28 Cookies

4 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.renegocie.gruporecovery.com Open in urlscan Pro
13.249.9.85 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

54 %
IPv6

19
Domains

25
Subdomains

24
IPs

3
Countries

4236 kB
Transfer

9555 kB
Size

28
Cookies

116 HTTP transactions
0 data transactions