urlscan.io logo urlscan.io
SecurityTrails logo

lp-ion.cloud.itau.com.br Open in urlscan Pro
54.192.116.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://meu.itau/cashback-ion-1
Effective URL: https://lp-ion.cloud.itau.com.br/cashback.html
Submission: On December 27 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 54.192.116.73, located in United States and belongs to AMAZON-02, US. The main domain is lp-ion.cloud.itau.com.br.
TLS certificate: Issued by Amazon on July 27th 2022. Valid for: a year.
This is the only time lp-ion.cloud.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.72.49.79 14618 (AMAZON-AES)
5 54.192.116.73 16509 (AMAZON-02)
4 52.84.45.96 16509 (AMAZON-02)
2 13.107.6.194 8068 (MICROSOFT...)
7 23.59.168.26 20940 (AKAMAI-ASN1)
20 5
1    52.72.49.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-49-79.compute-1.amazonaws.com
meu.itau
5    54.192.116.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-116-73.cgk52.r.cloudfront.net
lp-ion.cloud.itau.com.br
4    52.84.45.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-96.mrs52.r.cloudfront.net
uploads-ssl.webflow.com
2    13.107.6.194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
7    23.59.168.26 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-26.deploy.static.akamaitechnologies.com
cdn.forms.office.net
Apex Domain
Subdomains		 Transfer
7 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 17771
240 KB
5 itau.com.br
lp-ion.cloud.itau.com.br
360 KB
4 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 17794
674 KB
2 office.com
forms.office.com — Cisco Umbrella Rank: 9869
26 KB
1 meu.itau
meu.itau
282 B
20 5
Domain Requested by
7 cdn.forms.office.net forms.office.com
cdn.forms.office.net
5 lp-ion.cloud.itau.com.br lp-ion.cloud.itau.com.br
4 uploads-ssl.webflow.com lp-ion.cloud.itau.com.br
2 forms.office.com lp-ion.cloud.itau.com.br
forms.office.com
1 meu.itau 1 redirects
20 5

This site contains links to these domains. Also see Links.

Domain
www.itau.com.br
Subject Issuer Validity Valid
lp-ion.cloud.itau.com.br
Amazon		 2022-07-27 -
2023-08-26		 a year crt.sh
uploads-ssl.webflow.com
Amazon		 2022-08-28 -
2023-09-26		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lp-ion.cloud.itau.com.br/cashback.html
Frame ID: DEB78825A3B816418131C633B0F51FC8
Requests: 10 HTTP requests in this frame

Frame: https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Frame ID: A3AD074CDCD0D6C9017F99552495DA64
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

íon Itaú | invista com cashback

Page URL History Show full URLs

  1. https://meu.itau/cashback-ion-1 HTTP 301
    https://lp-ion.cloud.itau.com.br/cashback.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1303 kB
Transfer

1781 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://meu.itau/cashback-ion-1 HTTP 301
    https://lp-ion.cloud.itau.com.br/cashback.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cashback.html
lp-ion.cloud.itau.com.br/
Redirect Chain
  • https://meu.itau/cashback-ion-1
  • https://lp-ion.cloud.itau.com.br/cashback.html
24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-73.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66ad92d0b2ee98a1c53aa676afc504e9fa27d7ce68a8e5c46cb61257e215884e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
24974
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 14:31:30 GMT
etag
"ecf1f2a5c9b5123d1b82f914d82b5fd3"
last-modified
Wed, 21 Dec 2022 01:06:18 GMT
server
AmazonS3
via
1.1 324c63cc75521ddb30fc564630fc188a.cloudfront.net (CloudFront)
x-amz-cf-id
3y_VLgv80pJxJdGBwli4Te8piclUz-ZbVJy2LDCsWRLqgBZEJmy7JA==
x-amz-cf-pop
CGK52-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
9ZgIkYqXSI_rq27v6_8GhGC767Xluhzt
x-cache
RefreshHit from cloudfront

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
0
Date
Tue, 27 Dec 2022 14:31:26 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://lp-ion.cloud.itau.com.br/cashback.html
Strict-Transport-Security
max-age=15552000
cashback-ion.webflow.653b0005b.css
lp-ion.cloud.itau.com.br/cashback_ion_files/ 		47 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp-ion.cloud.itau.com.br/cashback_ion_files/cashback-ion.webflow.653b0005b.css
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-73.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a75547d9430990094c35f19b472671c153620062c7e32f0fb45e94168b4ab8c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://lp-ion.cloud.itau.com.br/cashback.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 14:31:32 GMT
x-amz-version-id
.nBxCx7tLIEAiAMdb_9oPKECEHWtpFoy
via
1.1 324c63cc75521ddb30fc564630fc188a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 01:06:18 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
etag
"caa231d6d3fea7d0d4192c723d750958"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
48070
x-amz-cf-id
6cy9KAQc-ZNgeJ1U6hQGqdbB-TnR-4IWoPtuw97rlV3Q-HR9cezT0A==
jquery-3.5.1.min.dc5e7f18c8.js.download
lp-ion.cloud.itau.com.br/cashback_ion_files/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp-ion.cloud.itau.com.br/cashback_ion_files/jquery-3.5.1.min.dc5e7f18c8.js.download
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-73.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://lp-ion.cloud.itau.com.br/cashback.html
Origin
https://lp-ion.cloud.itau.com.br
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 14:31:32 GMT
x-amz-version-id
qfnLgmW4XlVIc2ee8GcJ3iVRO12BYdzy
via
1.1 324c63cc75521ddb30fc564630fc188a.cloudfront.net (CloudFront)
last-modified
Sat, 17 Dec 2022 01:58:44 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
89476
x-amz-cf-id
8J8IzPWGVtlc9hWONMSe-iPBom0agAXiTA6pkuoBNNHBEmZtmaCHwg==
webflow.dfe5ded70.js.download
lp-ion.cloud.itau.com.br/cashback_ion_files/ 		196 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp-ion.cloud.itau.com.br/cashback_ion_files/webflow.dfe5ded70.js.download
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-73.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9960d788b65f9c1e4c697e9e5771ad68234d2817b77c5ce5437ecbee0264c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://lp-ion.cloud.itau.com.br/cashback.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 14:31:32 GMT
x-amz-version-id
B8YOCpofj2Lw5Ir1XB.R4EXjFJhJECLu
via
1.1 324c63cc75521ddb30fc564630fc188a.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 01:06:18 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
etag
"0ee3ad9076d365b732e6e91a8264ad46"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
200218
x-amz-cf-id
kb_2vFPSVckhiS40U_N4pphpqL-qZt38lXt61lV9Jk0_9YRw8ZZx2A==
6397a30fd6dfa2367e07f41d_Sem%20t%C3%ADtulo.png
uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/ 		608 KB
609 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/6397a30fd6dfa2367e07f41d_Sem%20t%C3%ADtulo.png
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback_ion_files/cashback-ion.webflow.653b0005b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-96.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3d317bb52848428a3a43516831474a0c94753f352bfd2eb02df387ac20bc8e6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://lp-ion.cloud.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:13:45 GMT
x-amz-version-id
VIfkDw9Qkemq2htHhjlet.8JUB7Zh1uT
via
1.1 d61097c4bb79608bbb315ab823bf79e4.cloudfront.net (CloudFront)
age
4670
x-amz-cf-pop
MRS52-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
622526
last-modified
Mon, 12 Dec 2022 22:00:25 GMT
server
AmazonS3
etag
"24d4e82749cd13462dab2f6676963af3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Beq3iH_VLIDRDxeAMrDIXJwBFonfa7Xg0LT94urjXQ4KBqzjP5RMGQ==
6397603d006e1a7d08bc4049_ItauDisplayPro_W_Rg.woff
uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/6397603d006e1a7d08bc4049_ItauDisplayPro_W_Rg.woff
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback_ion_files/cashback-ion.webflow.653b0005b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-96.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d26f2cacfe51903f35aea05dc4602af602e53a5929d6130f9170673efa512b

Request headers

Referer
https://lp-ion.cloud.itau.com.br/
Origin
https://lp-ion.cloud.itau.com.br
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:13:45 GMT
x-amz-version-id
Qr50VjxKPlWbCxrFGHRM0y5yFW6zLxQG
via
1.1 246214ef31ed453f8169b5e54f10a176.cloudfront.net (CloudFront)
age
4670
x-amz-cf-pop
MRS52-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21852
last-modified
Mon, 12 Dec 2022 17:26:08 GMT
server
AmazonS3
etag
"16a99558ca8a946be4852548c2910dcf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
SsTRBPViD7ZDO4THtgQsdBBWfNtamGEu7VBbtp-24JhGhe3OtLnkmw==
6397603cdcf64306b4512252_ItauDisplayPro_W_Lt.woff
uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/6397603cdcf64306b4512252_ItauDisplayPro_W_Lt.woff
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback_ion_files/cashback-ion.webflow.653b0005b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-96.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75871783875a259c4e9118f0a6baf05387cb19006d295f5479db0c4a3fdfc8b4

Request headers

Referer
https://lp-ion.cloud.itau.com.br/
Origin
https://lp-ion.cloud.itau.com.br
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:13:45 GMT
x-amz-version-id
KwztQNG_AFikS93oNwGFi4E7UBrOfn_T
via
1.1 246214ef31ed453f8169b5e54f10a176.cloudfront.net (CloudFront)
age
4670
x-amz-cf-pop
MRS52-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21584
last-modified
Mon, 12 Dec 2022 17:26:10 GMT
server
AmazonS3
etag
"92422ef76a0b37ee059fc5002c109e73"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
1cHpBAqVZMDeL9FtSwiaaRkPphJ1aj-f-ViJiBwcQ3dLEa5ycueCAQ==
6397603c1f2f91c807a0a102_ItauDisplayPro_W_Bd.woff
uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/63975ff72cbd0204b4a67d82/6397603c1f2f91c807a0a102_ItauDisplayPro_W_Bd.woff
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback_ion_files/cashback-ion.webflow.653b0005b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-96.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
712570793f6f05122255d6fdf6b50419e3a6125d83b2ae3ace969327b560a411

Request headers

Referer
https://lp-ion.cloud.itau.com.br/
Origin
https://lp-ion.cloud.itau.com.br
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 13:13:45 GMT
x-amz-version-id
fCpLrz0GJ.PXfV_6.rvQIOgbfSV7rDCd
via
1.1 246214ef31ed453f8169b5e54f10a176.cloudfront.net (CloudFront)
age
4670
x-amz-cf-pop
MRS52-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21916
last-modified
Mon, 12 Dec 2022 17:26:08 GMT
server
AmazonS3
etag
"21ec1a1c06275ab9f658ed7227eb48c8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
OrUsKZwBJZ1FnwqUSkE4qfAcmWzKHVaux95pZYdZfsSEpVN-4aaUZg==
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin
https://lp-ion.cloud.itau.com.br
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
6397a344e6e64e1702e3008c_logo[1].svg
lp-ion.cloud.itau.com.br/cashback_ion_files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp-ion.cloud.itau.com.br/cashback_ion_files/6397a344e6e64e1702e3008c_logo[1].svg
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-73.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6013ae025bbc8fd126be4d97ab1c73265bc4dde50341789a96fa77091ba372e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://lp-ion.cloud.itau.com.br/cashback.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 14:31:35 GMT
x-amz-version-id
ru7OBQZ35.gqvhxMYVq4bvm7vRmQao4q
via
1.1 324c63cc75521ddb30fc564630fc188a.cloudfront.net (CloudFront)
last-modified
Sat, 17 Dec 2022 01:58:44 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
etag
"b8674b765168232890a4d2e9c9c8eaf7"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
3776
x-amz-cf-id
yn2353zy7VPtRy9X_1jWGeyk_-OoK-pNa2FED-6VORXiA8nkH-QaBA==
ResponsePage.aspx
forms.office.com/Pages/ Frame A3AD 		78 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Requested by
Host: lp-ion.cloud.itau.com.br
URL: https://lp-ion.cloud.itau.com.br/cashback.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
344e88f9c50b869a5c2c8c2263b7137d9f07acb87a38b04d0ad0c130bec9390c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://lp-ion.cloud.itau.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 14:31:34 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-correlationid
630c2ab4-7f5c-4634-8dd1-cc7d52ce396f
x-msedge-ref
Ref A: C4CFF030BEFA4904B0A7F28ABC338E11 Ref B: SYD03EDGE1513 Ref C: 2022-12-27T14:31:33Z
x-officecluster
ause-100.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16020.42054
x-robots-tag
noindex, nofollow
x-routingcorrelationid
630c2ab4-7f5c-4634-8dd1-cc7d52ce396f
x-routingofficecluster
ause-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16020.42054
x-routingsessionid
68828378-6536-4b49-af27-585ce72de388
x-usersessionid
68828378-6536-4b49-af27-585ce72de388
ls-response.default.109722ad9.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/ls-response.default.109722ad9.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
63c10ab8d14874df62c8f76c2b1d58eba37dfc7bc042c07d9f99447bac88d5f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:36 GMT
content-encoding
br
content-md5
t1HoDD9DPHamUHD5UYFxeA==
content-length
7712
x-ms-lease-status
unlocked
last-modified
Wed, 21 Dec 2022 07:24:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE3246C871ACB
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
69063c3c-301e-0005-2b14-155d86000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:36 GMT
light-response-page.min.28b54b5.css
cdn.forms.office.net/forms/css/dist/ Frame A3AD 		144 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/light-response-page.min.28b54b5.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b2f5122e9ebee7920b43eaf55fe7a8d9804aea81fffb13549ffadd97285103ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:36 GMT
content-encoding
br
content-md5
pXDhBBlao+noKmMd1mGPwA==
content-length
23496
x-ms-lease-status
unlocked
last-modified
Thu, 22 Dec 2022 03:06:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE3C996FFC644
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ed4f6fcc-501e-005a-5eca-15af78000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:36 GMT
light-response-page.min.0e0a2ae.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.0e0a2ae.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c4651251fa12ab86cab1f9e23b406be11e6f860a4ae693fd7c4ebd5d22015c3

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:36 GMT
content-encoding
br
content-md5
brMxz1ASK9IIy6hxPKmkpw==
content-length
88052
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:37:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F596B308B
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0461386a-a01e-0044-1296-167595000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:36 GMT
runtimeFormsWithResponses('oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u')
forms.office.com/formapi/api/591669a0-183f-49a5-98f4-9aa0d0b63d81/users/afc3736a-343b-465e-aec0-6cfbad862db0/light/ Frame A3AD 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/formapi/api/591669a0-183f-49a5-98f4-9aa0d0b63d81/users/afc3736a-343b-465e-aec0-6cfbad862db0/light/runtimeFormsWithResponses('oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u')?$expand=questions($expand=choices)
Requested by
Host: forms.office.com
URL: https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a686d2cbf6d9b040858d90733380644ed187d85a67085f457e10a3013d874800
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://forms.office.com/Pages/ResponsePage.aspx?id=oGkWWT8YpUmY9Jqg0LY9gWpzw687NF5GrsBs-62GLbBUMTRGTEVBTzVESzRINUlPSTUyWTlaQjZYVS4u&embed=true
X-UserSessionId
68828378-6536-4b49-af27-585ce72de388
accept-language
en-AU,en;q=0.9
__RequestVerificationToken
3uEu3myT723FztXNF_4xS17zq1k22U8M8CfNI76noqQRNUsC35qtj2oEGdCyq1l6dgNXPF2EVkRgaaurvNrdXtHEoK6YdQ1DWd4QsHTQt1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
date
Tue, 27 Dec 2022 14:31:35 GMT
x-officeversion
16.0.16020.42054
x-officefe
FormsSingleBox_IN_1
x-cache
CONFIG_NOCACHE
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.16020.42054
x-correlationid
f23ea654-8c26-41a7-8e67-6f13775dc6c9
x-officecluster
aue-001.forms.office.com
x-usersessionid
68828378-6536-4b49-af27-585ce72de388
x-msedge-ref
Ref A: C60CFBAE4BC34254B8E55D9D508D3DC5 Ref B: SYD03EDGE1513 Ref C: 2022-12-27T14:31:35Z
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-routingcorrelationid
f23ea654-8c26-41a7-8e67-6f13775dc6c9
x-routingsessionid
68828378-6536-4b49-af27-585ce72de388
x-robots-tag
noindex, nofollow
x-routingofficecluster
aue-001.forms.office.com
light-response-page.chunk.lrp_ext.52eca51.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		0
59 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.52eca51.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.0e0a2ae.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:37 GMT
content-encoding
br
content-md5
sd2TFIl9wpuTeQqwz+FTdQ==
content-length
59596
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:37:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F59230E8A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9ea0ea4-901e-002a-6f96-16dcbc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:37 GMT
light-response-page.chunk.lrp_cover.1c95836.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_cover.1c95836.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.0e0a2ae.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:37 GMT
content-encoding
br
content-md5
kkY+PnicK6Rdv8aecnR6rQ==
content-length
33699
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:37:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F5921D637
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
96e3b135-601e-0070-6c96-16da3d000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:37 GMT
light-response-page.chunk.lrp_post.boot.0d33652.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0d33652.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.0e0a2ae.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:37 GMT
content-encoding
br
content-md5
XdoE3zb1U7fvx2s5gc/Wew==
content-length
4396
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:37:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F5967D5AE
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a2dbe6a7-c01e-001b-2296-16876b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:37 GMT
light-response-page.chunk.lrp_ext.52eca51.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		192 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_ext.52eca51.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/light-response-page.min.0e0a2ae.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.26 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-26.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 14:31:37 GMT
content-encoding
br
content-md5
sd2TFIl9wpuTeQqwz+FTdQ==
content-length
59596
x-ms-lease-status
unlocked
last-modified
Fri, 23 Dec 2022 04:37:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAE49F59230E8A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9ea0ea4-901e-002a-6f96-16dcbc000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Wed, 27 Dec 2023 14:31:37 GMT
light-response-page.chunk.lrp_post.boot.0d33652.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		0
0
light-response-page.chunk.sw.d097b04.js
cdn.forms.office.net/forms/scripts/dists/ Frame A3AD 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.forms.office.net
URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.lrp_post.boot.0d33652.js
Domain
cdn.forms.office.net
URL
https://cdn.forms.office.net/forms/scripts/dists/light-response-page.chunk.sw.d097b04.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery function| tram object| Webflow

1 Cookies

Domain/Path Name / Value
forms.office.com/ Name: __RequestVerificationToken
Value: diVQx1J8JmHls0tMKd3jRUUQQocI7TRqN30VrIReUMKhwqApmQw3a66hq6aflW86TKCXUy5YBuMRG8Uw4AoQoKrTpHmDq4pOEIUFvfT02lc1