lp.xpi.com.br Open in urlscan Pro
2a02:26f0:11a::5f65:1751 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lp.xpi.com.br/cartao-credito-xp
Submission: On October 14 via manual (October 14th 2023, 3:12:32 pm UTC) from BR — Scanned from DE

Summary HTTP 113 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 23 domains to perform 113 HTTP transactions. The main IP is 2a02:26f0:11a::5f65:1751, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is lp.xpi.com.br.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 7th 2023. Valid for: a year.

This is the only time lp.xpi.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a02:26f0:11a... 2a02:26f0:11a::5f65:1751	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	35.244.137.202 35.244.137.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	34.36.17.181 34.36.17.181	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::ac40:9b7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.71.95.65 34.71.95.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.193.175 151.101.193.175	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.36.162.74 23.36.162.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	13.227.222.191 13.227.222.191	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2.16.238.17 2.16.238.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.69.251.6 54.69.251.6	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
113	32

4 2a02:26f0:11a::5f65:1751 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

lp.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.137.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.137.244.35.bc.googleusercontent.com

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.17.181 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.17.36.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:9b7c (United States)

ASN13335 (CLOUDFLARENET, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.71.95.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.95.71.34.bc.googleusercontent.com

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9143205.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.162.74 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-74.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.227.222.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-191.ams54.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-17.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.251.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-251-6.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 5354 udc-neb.kampyle.com — Cisco Umbrella Rank: 2769	140 KB
18	fastcdn.co g.fastcdn.co — Cisco Umbrella Rank: 54015 v.fastcdn.co — Cisco Umbrella Rank: 49182	881 KB
12	doubleclick.net 5 redirects 9143205.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	9 KB
10	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6147	1 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 w.clarity.ms — Cisco Umbrella Rank: 7887 c.clarity.ms — Cisco Umbrella Rank: 1548	28 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	60 KB
6	gstatic.com fonts.gstatic.com	84 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	139 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	454 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1967	34 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 427 c.bing.com — Cisco Umbrella Rank: 257	14 KB
4	xpi.com.br lp.xpi.com.br	121 KB
3	instapagemetrics.com cdn.instapagemetrics.com — Cisco Umbrella Rank: 70874 ec.instapagemetrics.com — Cisco Umbrella Rank: 65675	55 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	81 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1258	173 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	907 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1361	54 KB
1	instapage.com heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 61763	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
113	23

	Domain	Requested by
12	v.fastcdn.co	lp.xpi.com.br
10	nebula-cdn.kampyle.com	www.googletagmanager.com nebula-cdn.kampyle.com
9	udc-neb.kampyle.com
8	www.google.de	lp.xpi.com.br 9143205.fls.doubleclick.net
7	www.google.com	3 redirects lp.xpi.com.br
6	www.googleadservices.com	9143205.fls.doubleclick.net www.googleadservices.com
6	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com
6	fonts.gstatic.com	fonts.googleapis.com
6	g.fastcdn.co	lp.xpi.com.br
5	analytics.tiktok.com	lp.xpi.com.br analytics.tiktok.com
5	www.googletagmanager.com	lp.xpi.com.br www.googletagmanager.com
4	cdn.segment.com	lp.xpi.com.br cdn.segment.com
4	9143205.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	lp.xpi.com.br	lp.xpi.com.br
3	w.clarity.ms	www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com lp.xpi.com.br
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	lp.xpi.com.br
2	adservice.google.com	9143205.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	lp.xpi.com.br connect.facebook.net
2	www.clarity.ms	lp.xpi.com.br www.clarity.ms
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	c.bing.com	1 redirects
1	api.segment.io	cdn.segment.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	heatmap-events-collector.instapage.com	lp.xpi.com.br
1	cdn.jsdelivr.net	lp.xpi.com.br
1	cdn.instapagemetrics.com	lp.xpi.com.br
1	fonts.googleapis.com	lp.xpi.com.br
113	33

This site contains links to these domains. Also see Links.

Domain
cadastro.xpi.com.br
valorinveste.globo.com

Subject Issuer	Validity	Valid
xpi.com.br DigiCert TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-06`	a year	crt.sh
g.fastcdn.co GTS CA 1D4	`2023-09-21` - `2023-12-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.instapagemetrics.com GTS CA 1D4	`2023-08-24` - `2023-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
fastcdn.co E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh
heatmap-events-collector.instapage.com R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
ec.instapagemetrics.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://lp.xpi.com.br/cartao-credito-xp
Frame ID: DFDD88D4023D24B236DA71D87B268EA0
Requests: 100 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp
Frame ID: B8FBF289FF3A3F2F38AFDC730EA5093A
Requests: 8 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp
Frame ID: CA913656F5AEAAD39A9202F24E8A53FB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cartão de Crédito XP

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

113
Requests

96 %
HTTPS

58 %
IPv6

23
Domains

33
Subdomains

32
IPs

5
Countries

2185 kB
Transfer

5781 kB
Size

36
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://cadastro.xpi.com.br/cadastro
Title: ABRA SUA CONTA

Search URL Search Domain Scan URL

URL: https://valorinveste.globo.com/blogs/nathalia-larghi/post/2023/05/qual-cartao-tem-os-melhores-beneficios-e-menores-juros-veja-o-ranking.ghtml
Title: Saiba Mais

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp HTTP 302
https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp

Request Chain 35

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp HTTP 302
https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp

Request Chain 83

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=268qZbecIcyT1PIPntKNqAM&sscte=1&crd=&pscrd=IhMI9_X-zun1gQMVzAlVCB0eaQM1 HTTP 302
https://www.google.com/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI9_X-zun1gQMVzAlVCB0eaQM1&is_vtc=1&ocp_id=268qZbecIcyT1PIPntKNqAM&cid=CAQSKQDICaaNfmb0oHx8kd89mdlzVz_xbmXq8JMeRAyOXSNEI9e-c89InKp9&random=589617523&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI9_X-zun1gQMVzAlVCB0eaQM1&is_vtc=1&ocp_id=268qZbecIcyT1PIPntKNqAM&cid=CAQSKQDICaaNfmb0oHx8kd89mdlzVz_xbmXq8JMeRAyOXSNEI9e-c89InKp9&random=589617523&resp=GooglemKTybQhCsO&ipr=y

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=268qZejRJ4KXx_APi_6-iAM&sscte=1&crd=&pscrd=IhMIqKuFz-n1gQMVgssRCB0Lvw8x HTTP 302
https://www.google.com/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqKuFz-n1gQMVgssRCB0Lvw8x&is_vtc=1&ocp_id=268qZejRJ4KXx_APi_6-iAM&cid=CAQSKQDICaaNNkCihQPOkTHQ6Cbv38xLIdi1SyKyk6uBgCIxeqK_8uHbE4-A&random=3221546995&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqKuFz-n1gQMVgssRCB0Lvw8x&is_vtc=1&ocp_id=268qZejRJ4KXx_APi_6-iAM&cid=CAQSKQDICaaNNkCihQPOkTHQ6Cbv38xLIdi1SyKyk6uBgCIxeqK_8uHbE4-A&random=3221546995&resp=GooglemKTybQhCsO&ipr=y

Request Chain 88

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=268qZYimLbHnx_APxbeliAI&sscte=1&crd=&pscrd=IhMIyP-Kz-n1gQMVsfMRCB3FWwkh HTTP 302
https://www.google.com/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyP-Kz-n1gQMVsfMRCB3FWwkh&is_vtc=1&ocp_id=268qZYimLbHnx_APxbeliAI&cid=CAQSKQDICaaNXR4Q9KjhT8JwT1w65EWGDPvbdLJYM4lgSewt_fLKg3tlqoM3&random=561202486&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyP-Kz-n1gQMVsfMRCB3FWwkh&is_vtc=1&ocp_id=268qZYimLbHnx_APxbeliAI&cid=CAQSKQDICaaNXR4Q9KjhT8JwT1w65EWGDPvbdLJYM4lgSewt_fLKg3tlqoM3&random=561202486&resp=GooglemKTybQhCsO&ipr=y

Request Chain 92

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&RedC=c.clarity.ms&MXFR=2B59A111742E6B8B2D99B2BB702E65E8 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&MUID=0CEA7C16608B6EC231076FBC61276FFA

113 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cartao-credito-xp Show response
lp.xpi.com.br/ 265 KB
40 KB 892ms
626ms Document
text/html 2a02:26f0:11a::5f65:1751
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::5f65:1751 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f82a3e7a4b7eeae50dac358780185db9173c9c29643e7692e88f7292a2f59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8160c2b3fafd0d68-MXP
content-encoding: gzip
content-length: 39552
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:12:26 GMT
etag: W/"423b6-lHm+Z5SwU13olN4GMROm219+SkE"
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-akamai-transformed: 9 39470 0 pmb=mTOE,1

GET
H2 200 utils.b4c8feedb36b8ec3c007.js Show response
g.fastcdn.co/js/ 56 KB
19 KB 40ms
9ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.b4c8feedb36b8ec3c007.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5b593e7ab0339a6fa51df85b039fbf0c671ad227a47c34e9f06f4b2b27fe4105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:52:52 GMT
content-encoding: gzip
age: 2441974
x-guploader-uploadid: ADPycdu6lwxFVbfDtFIgeYeuhnyXwHd2OqHpxteYmhfsbyrxbuUFnF0DleBHK16INoHtIkrI_y06qlhNoPgky5vKrvcbzZtFllHQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19563
last-modified: Wed, 16 Aug 2023 13:40:31 GMT
server: UploadServer
etag: "3adfd30dd3e9db51e331049995899d6c"
vary: Accept-Encoding
x-goog-generation: 1692193231170938
x-goog-hash: crc32c=ZAEvsQ==, md5=Ot/TDdPp21HjMQSZlYmdbA==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 19563
accept-ranges: bytes
expires: Sun, 15 Sep 2024 08:52:52 GMT

GET
H2 200 Cradle.c9144221d5b5d6147353.js Show response
g.fastcdn.co/js/ 15 KB
4 KB 39ms
8ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.c9144221d5b5d6147353.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:28:59 GMT
content-encoding: gzip
age: 2526207
x-guploader-uploadid: ADPycdugROMzKUvIcijtFeJ3C6eYHPatB-fTuHukdnjNBppr0PpjHEk1DTQ-wSn2H9vgFUPKShoPHLNK8FeUBTlDrNFaQZCainC6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4001
last-modified: Thu, 17 Aug 2023 08:46:03 GMT
server: UploadServer
etag: "83131494fd187537d0742a06ac0791a9"
vary: Accept-Encoding
x-goog-generation: 1692177691311370
x-goog-hash: crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4001
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:28:59 GMT

GET
H2 200 Popup.ea024e85dc5043444492.js Show response
g.fastcdn.co/js/ 11 KB
3 KB 45ms
14ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Popup.ea024e85dc5043444492.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e01c2469427f03ea2386c7fc32ec51918a3e8813320465b59aa50be1a26d952d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:29:41 GMT
content-encoding: gzip
age: 859365
x-guploader-uploadid: ADPycduRf6JR_pUyJas1A7qoqAfUPJzUtjVyVKVaLSrZulmrkZcyPstz8opfugxqzNCq4cXycHvzNsfmHZPS_ku2VN-FL8FKXTvm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2722
last-modified: Tue, 26 Sep 2023 07:35:12 GMT
server: UploadServer
etag: "93e7a46a7bed1c69ee9c550c53a93f4d"
vary: Accept-Encoding
x-goog-generation: 1692261964284020
x-goog-hash: crc32c=w1drDQ==, md5=k+ekanvtHGnunFUMU6k/TQ==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2722
accept-ranges: bytes
expires: Thu, 03 Oct 2024 16:29:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 53ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 15:12:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 15:12:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 15:12:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 438 KB
124 KB 90ms
63ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d4ce55f9502507af18ca06e4d51d7cecd3ddef6cc9cbec3296abe5e537edcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 126576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:26 GMT

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/3/ 54 KB
54 KB 49ms
11ms Script
text/javascript 34.36.17.181
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 181.17.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:16:49 GMT
age: 3337
x-guploader-uploadid: ADPycdv7gxjnq_tOAAAJsv4RWpxIA3fHX10hXECCW6HvqCmWZlg7jJcjJsjXPMt9u7wMaloitw9mDHvJHi7hHEgOj1zJ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55266
last-modified: Tue, 13 Jun 2023 11:21:34 GMT
server: UploadServer
etag: "eee931187060719ab17a352de2424e0c"
x-goog-generation: 1686655294888925
x-goog-hash: crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 55266
accept-ranges: bytes

GET
H2 200 sptw.2ab2ac49302c4b984117.js Show response
g.fastcdn.co/js/ 60 KB
20 KB 11ms
10ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.2ab2ac49302c4b984117.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:53:00 GMT
content-encoding: gzip
age: 2441966
x-guploader-uploadid: ADPycduSZwtEpK84mZMI4XFWrNV6m14TkdyG7Zfnq6juyZ5l1OZsfQBIW09IggMvunfxbW2IyHCF9V3eU94MLUOBksquf-rA9Szt
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20036
last-modified: Wed, 16 Aug 2023 13:40:31 GMT
server: UploadServer
etag: "f45dd54250d70fea6f62da3471aa05e9"
vary: Accept-Encoding
x-goog-generation: 1692193231030023
x-goog-hash: crc32c=GfzCLA==, md5=9F3VQlDXD+pvYto0caoF6Q==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 20036
accept-ranges: bytes
expires: Sun, 15 Sep 2024 08:53:00 GMT

GET
H2 200 cm.js Show response
g.fastcdn.co/js/ 51 KB
18 KB 9ms
8ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/cm.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 12:15:01 GMT
content-encoding: gzip
age: 2516245
x-guploader-uploadid: ADPycdv_h6MraAEEho0X_01RODJ03xD0XGMyfgm0BouyW2IRQfxXqov8Eyl8vTqBkvqN_3lzugvzkHuUPY9bh0tr7bpjFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17906
last-modified: Thu, 30 Jun 2022 02:12:17 GMT
server: UploadServer
etag: "8e466d98fa1f746c74b1b409d20a0cf3"
vary: Accept-Encoding
x-goog-generation: 1656555137097208
x-goog-hash: crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 17906
accept-ranges: bytes
expires: Sat, 14 Sep 2024 12:15:01 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 52ms
26ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20241527
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BhL9Dcv4w17Qb7Tc5Gj1P%2BX4IIU63ykX6dNU0zVmZnEZ%2FuQ6GGzhEdE6en8gj4lVcw2ggqDMfLP9c%2FGuUuqE8rTXfPOK65jTafSwzJ9nglC5QSiYYu2AUB3nd8IaPaTgNf1Va065TVmMS2zqCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8160c2b80c942c2d-FRA

GET
H2 200 63367014-0-Logos.png
v.fastcdn.co/u/344766a4/ 4 KB
4 KB 223ms
180ms Image
image/png 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63367014-0-Logos.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc2d63ec0e63132ecd4260b62cea2977e4da6f08e06e5221f7b461e5967b4090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycds-QmFaROeOjvTPEIVRBmV5pzeFROkkeF99BsYp5MO3pDabEzOQ0gATekqTcw0kxmuuO030EUUaICFl9Ao2WZria0pA7uJ0
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:16:07 GMT
content-length: 3757
last-modified: Tue, 17 Jan 2023 16:16:08 GMT
server: cloudflare
etag: "fd5b06eddc3cc4434e8d8b3d57ff5797"
vary: Accept-Encoding
x-goog-generation: 1673972168013797
content-type: image/png
x-goog-hash: crc32c=1H/rZA==, md5=/VsG7dw8xENOjYs9V/9Xlw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 3757
accept-ranges: bytes
cf-ray: 8160c2b81a1d3aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 63366975-0-Icone-Check.png
v.fastcdn.co/u/344766a4/ 366 B
720 B 223ms
179ms Image
image/png 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63366975-0-Icone-Check.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e176ee02676068302f7f4189631a2f41ed6f92124312947088df1c0a4d5379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdshw091r80Dy86jirgG37GOv34Wb7gBrkiKpoEggtkSZjf-HshZEEla5tKGgcMnNc_4zhr5nMDUZZEo29YI9d4gjXBzUoe0
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:16:06 GMT
content-length: 366
last-modified: Tue, 17 Jan 2023 16:16:06 GMT
server: cloudflare
etag: "66418e2bc5f7573cab0ae3d2946369a1"
vary: Accept-Encoding
x-goog-generation: 1673972166730050
content-type: image/png
x-goog-hash: crc32c=Um8ocg==, md5=ZkGOK8X3VzyrCuPSlGNpoQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 366
accept-ranges: bytes
cf-ray: 8160c2b81a193aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 63997024-0-carTOES.png
v.fastcdn.co/u/344766a4/ 660 KB
661 KB 38ms
36ms Image
image/webp 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63997024-0-carTOES.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e95be4d99144b4c49f591d9227e30b444387bacb945a02c9397d90be2c0536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
cf-cache-status: HIT
age: 86570
cf-polished: origFmt=png, origSize=1389643
x-guploader-uploadid: ADPycdvirwMVTbjy3KDOLZ8xnwsvPdLPUBa_-XH-bOQxaajLO8nyGH8WqiVS9vvr4eCJdgDpGuyHZZ7Dkh9nlpzMrnd9YX6fUrvp
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="63997024-0-carTOES.webp"
x-goog-meta-expires: Sun, 09 Jun 2024 09:14:41 GMT
content-length: 675774
cf-bgj: imgq:85,h2pri
last-modified: Wed, 19 Apr 2023 17:14:41 GMT
server: cloudflare
etag: "84e7fc69984cb60e56b7d50ead5a53b8"
vary: Accept
x-goog-generation: 1681924481187665
content-type: image/webp
x-goog-hash: crc32c=4LB5YQ==, md5=hOf8aZhMtg5Wt9UOrVpTuA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1389643
accept-ranges: bytes
cf-ray: 8160c2b83a473aa4-FRA
expires: Tue, 11 Oct 2033 15:12:26 GMT

GET
H2 200 LazyImage.59626ef3f961b8927cb6.js Show response
g.fastcdn.co/js/ 2 KB
1 KB 10ms
9ms Script
application/javascript 35.244.137.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.59626ef3f961b8927cb6.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 20:21:23 GMT
content-encoding: gzip
age: 1277463
x-guploader-uploadid: ADPycdt8ZlLcrXDHCexppmfnSKpJrMgpT9F2M7yv3qvnAgCHJ-65dyOH9Hl6QO7hsbucVcPXVb0kCbM71ptuT0n2WyXaMyYsdV5i
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1022
last-modified: Tue, 26 Sep 2023 07:35:11 GMT
server: UploadServer
etag: "b0ae2275f5d011ac64917080661e4956"
vary: Accept-Encoding
x-goog-generation: 1692261963852825
x-goog-hash: crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg==
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1022
accept-ranges: bytes
expires: Sat, 28 Sep 2024 20:21:23 GMT

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 24 KB
9 KB 367ms
116ms Script
application/javascript 34.71.95.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.95.71.34.bc.googleusercontent.com

Software

Resource Hash

5adf96e308da99ff859ce9f9def91ab592aaf77f0cd528a09727c40dbccaac5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Oct 2023 12:45:23 GMT
x-download-options: noopen
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 14 Oct 2023 15:17:27 GMT

GET
H2 200 cxSRYvIBkB Show response
lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/ 213 KB
80 KB 23ms
22ms Script
application/javascript 2a02:26f0:11a::5f65:1751
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/cxSRYvIBkB
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1751 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0243ee263ff5a7ff2d302b924c33446bbb96af894873e5bcb298a9d9bf21b881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/cartao-credito-xp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 16:14:29 GMT
mpulse_cdn_cache: HIT
etag: "6b9180591f79289fa8954fbb7abf4f0659645e91265e92a164466a28e63d1cb0"
stored-attribute-sha-checksum: 0243ee263ff5a7ff2d302b924c33446bbb96af894873e5bcb298a9d9bf21b881
content-type: application/javascript
cache-control: max-age=21600
mpulse_origin_time: 0
content-length: 80904

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 63367141-0-BG-IMG-01.jpg
v.fastcdn.co/u/344766a4/ 49 KB
50 KB 349ms
348ms Image
image/jpeg 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63367141-0-BG-IMG-01.jpg
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa26bde65d6222b690433b62a0b94ca891532a69d22a1d574568cca53eafaab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvciWRXMS5Py0r1Ux7PKjI4Uk5TyA2QcPZ7LhDFNziUGNKBXu1sWNTddlIbn33PsmunFObuTChw4SYzERE-EjWkJebAE3rJ
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:25:18 GMT
content-length: 50547
last-modified: Tue, 17 Jan 2023 16:25:18 GMT
server: cloudflare
etag: "fd297a12c6e70e44e0bf0735ee7fb19b"
vary: Accept-Encoding
x-goog-generation: 1673972718163042
content-type: image/jpeg
x-goog-hash: crc32c=e3CMwQ==, md5=/Sl6EsbnDkTgvwc17n+xmw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 50547
accept-ranges: bytes
cf-ray: 8160c2b83a663aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 1693998486-63367141-ghost-BG-IMG-01.jpg
v.fastcdn.co/t/344766a4/7abe19e3/ 14 KB
15 KB 241ms
241ms Image
image/jpeg 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/344766a4/7abe19e3/1693998486-63367141-ghost-BG-IMG-01.jpg
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1668365b8e4506ed8ba8437a6c451d7200f270bb862c625fbd44d59fda4e960c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtH-ZpZLHv7AFI5ZksJnvVTJEGcaBMhFbBl7IoeBfC8UNiQRul8tm6Gh1rfrwSdHXFAiK0jQqSo2DD4gC-5UlGzoJVRL0sm
x-goog-meta-content-length: 14802
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sun, 27 Oct 2024 03:08:07 GMT
content-length: 14802
last-modified: Wed, 06 Sep 2023 11:08:07 GMT
server: cloudflare
etag: "12c5f5aff6224b6cb3b5765958e6206f"
vary: Accept-Encoding
x-goog-generation: 1693998487151899
content-type: image/jpeg
x-goog-hash: crc32c=Xas3fA==, md5=EsX1r/YiS2yztXZZWOYgbw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 14802
accept-ranges: bytes
cf-ray: 8160c2b83a6c3aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 64556345-0-images.png
v.fastcdn.co/u/344766a4/ 3 KB
4 KB 195ms
195ms Image
image/png 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/64556345-0-images.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bf0a6e6af354e339aba8730c5d137286a0fb67ef4c336988ff1e0820f77b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycds17E0HqltggZrZozvvxWOuOYNQlO4QW_rCTwKxQkEV10-tYkmjULc2m4ndRaUFvRQAmQj0I9Pr6nphpuwH_n3nqqZ9wUrd
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Mon, 11 Nov 2024 19:45:32 GMT
content-length: 3244
last-modified: Fri, 22 Sep 2023 03:45:33 GMT
server: cloudflare
etag: "862e86f64d285e17f7f3f258c83193d0"
vary: Accept-Encoding
x-goog-generation: 1695354333814595
content-type: image/png
x-goog-hash: crc32c=UkiNjA==, md5=hi6G9k0oXhf38/JYyDGT0A==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 3244
accept-ranges: bytes
cf-ray: 8160c2b83a723aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 63367175-0-IMG-05.jpg
v.fastcdn.co/u/344766a4/ 51 KB
51 KB 313ms
313ms Image
image/jpeg 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63367175-0-IMG-05.jpg
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb2f3d6c05ccf97adc5961e1cc9a0b0e4f58402c14c66c141f333e81167668e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycduxfGf3rrLAi3zNyfPrhKjxEACI2Be14jfZhdNgSKG0xFnHXT9AYVtT0HyKGL9dtpUy6EYOb5au8Rp3EoGMl5ByV5UFGP9O
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:29:48 GMT
content-length: 51886
last-modified: Tue, 17 Jan 2023 16:29:49 GMT
server: cloudflare
etag: "f8ffacdb88d3d0f133e965e0dd3dbcec"
vary: Accept-Encoding
x-goog-generation: 1673972989106573
content-type: image/jpeg
x-goog-hash: crc32c=hpwUFw==, md5=+P+s24jT0PEz6WXg3T287A==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 51886
accept-ranges: bytes
cf-ray: 8160c2b84a743aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 63366984-0-BG-IMG-02.jpg
v.fastcdn.co/u/344766a4/ 23 KB
23 KB 211ms
210ms Image
image/jpeg 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63366984-0-BG-IMG-02.jpg
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27aca3a62c383fe56a27138ddc1947445d37d45c363df5b28e8a7bfa1b79b35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdu2-U-bdAoT9jbz2YQsjxQ-YdpuCwPl8-zTsnM4zvaHezC6ycmogmnMug2db9Rl0RerJYz4GswMk3o_zWIhKzOn_wS9jkjV
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:16:07 GMT
content-length: 23248
last-modified: Tue, 17 Jan 2023 16:16:07 GMT
server: cloudflare
etag: "f698afec22cdb399d245e7c00d65657b"
vary: Accept-Encoding
x-goog-generation: 1673972167639167
content-type: image/jpeg
x-goog-hash: crc32c=4UXfFg==, md5=9piv7CLNs5nSRefADWVlew==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 23248
accept-ranges: bytes
cf-ray: 8160c2b84a793aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 1693998487-63366984-ghost-BG-IMG-02.jpg
v.fastcdn.co/t/344766a4/7abe19e3/ 3 KB
3 KB 38ms
37ms Image
image/webp 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/t/344766a4/7abe19e3/1693998487-63366984-ghost-BG-IMG-02.jpg
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833ffea4efbd767c70abe840bd8cb4fb326a0e47cf829154cd0042bb52eb6488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
cf-cache-status: HIT
age: 499114
cf-polished: qual=85, origFmt=jpeg, origSize=5845
x-guploader-uploadid: ADPycdtFrOfsVtqT-9CyhUtQJUlLzEj8GN2O7FkibBdViX_mPMZaxLRthVFSjUpKxL477JU3VI1MRAcTxrcQx6RFcK-DxwVi6sBd
x-goog-meta-content-length: 5845
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1693998487-63366984-ghost-BG-IMG-02.webp"
x-goog-meta-expires: Sun, 27 Oct 2024 03:08:07 GMT
content-length: 2856
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Sep 2023 11:08:07 GMT
server: cloudflare
etag: "42c45eacf7c4f0a140234310bd7bddef"
vary: Accept
x-goog-generation: 1693998487875279
content-type: image/webp
x-goog-hash: crc32c=LvSsjA==, md5=QsRerPfE8KFAI0MQvXvd7w==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 5845
accept-ranges: bytes
cf-ray: 8160c2b84a7b3aa4-FRA
expires: Tue, 11 Oct 2033 15:12:26 GMT

GET
H2 200 54230351-0-bg-footer.png
v.fastcdn.co/u/344766a4/ 50 B
398 B 36ms
36ms Image
image/webp 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/54230351-0-bg-footer.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a81b25e39e421b082118205814b8ae0e32f6104007e3fe90c114d9bcdd6fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:26 GMT
cf-cache-status: HIT
age: 86589
cf-polished: origFmt=png, origSize=4030
x-guploader-uploadid: ADPycduePl3MnNk3_FJV3HZXd_jaE8bBJ-a8XG2GamN-0KXgYRHmPJ0UWTmy2B_JPGLTlbG4dFs317cI3PNNBkGI3UZdB--Ikv5h
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="54230351-0-bg-footer.webp"
x-goog-meta-expires: Mon, 03 Jan 2022 14:57:26 GMT
content-length: 50
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Nov 2020 22:57:26 GMT
server: cloudflare
etag: "441837671b311745ad26b2a4025ce4db"
vary: Accept
x-goog-generation: 1605221846386784
content-type: image/webp
x-goog-hash: crc32c=WvqTaw==, md5=RBg3ZxsxF0WtJrKkAlzk2w==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 4030
accept-ranges: bytes
cf-ray: 8160c2b84a833aa4-FRA
expires: Tue, 11 Oct 2033 15:12:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 49ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 85771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 46ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 5707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:37:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 126334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 42ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 04:28:14 GMT
x-content-type-options: nosniff
age: 38652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 04:28:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 161538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:20:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:50:37 GMT
x-content-type-options: nosniff
age: 127309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 03:50:37 GMT

POST
H2 201 cxSRYvIBkB Show response
lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/ 18 B
682 B 495ms
495ms XHR
application/json 2a02:26f0:11a::5f65:1751
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/cxSRYvIBkB
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/cxSRYvIBkB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1751 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://lp.xpi.com.br/cartao-credito-xp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
x_req_id: ddfb1814-705d-42d7-81e4-62c8e3ea3627
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 63366985-0-Icone-01.png
v.fastcdn.co/u/344766a4/ 2 KB
2 KB 175ms
175ms Image
image/png 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63366985-0-Icone-01.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aab0b663cc922a7781824196f4b922d5d17bb890fb5277132cbc12bfa1cb885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsoce2yXjMPHq2x9D3xqNgtyHQWsTY1ha6Eea4lzAhN5fE5LLz8aCfZmiMHCPcNcfErnxnjBCdLlRcBHIeDr1vI0BVCIk64
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:16:07 GMT
content-length: 1766
last-modified: Tue, 17 Jan 2023 16:16:07 GMT
server: cloudflare
etag: "6b207106498c5623dc0cea26315e2ea8"
vary: Accept-Encoding
x-goog-generation: 1673972167675512
content-type: image/png
x-goog-hash: crc32c=pEV5Rg==, md5=ayBxBkmMViPcDOomMV4uqA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1766
accept-ranges: bytes
cf-ray: 8160c2b91bbc3aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 63366980-0-Icone-03.png
v.fastcdn.co/u/344766a4/ 1 KB
2 KB 205ms
205ms Image
image/png 2606:4700:4400::ac40:9b7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63366980-0-Icone-03.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612e70a2ae412d4ed4b9903bbc24fb7f403123886776869dff2f24b6fe0e124b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdspaweyLsaDFqq5IBE5w3DObrZl91tGpj2x7cyZh_nLg49gULDptPh7aRH6BBiPgM5RpbzdMP-GxzMUYAtT316OGE6ZADCo
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 09 Mar 2024 08:16:06 GMT
content-length: 1239
last-modified: Tue, 17 Jan 2023 16:16:07 GMT
server: cloudflare
etag: "a233870287bf96be9e7928637ce12e30"
vary: Accept-Encoding
x-goog-generation: 1673972167145596
content-type: image/png
x-goog-hash: crc32c=UOGJUg==, md5=ojOHAoe/lr6eeShjfOEuMA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1239
accept-ranges: bytes
cf-ray: 8160c2b91bbe3aa4-FRA
expires: Tue, 11 Oct 2033 15:12:27 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 149 KB
54 KB 80ms
17ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WTDNLDV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

975121ec6c41c4e61102665c537d0c9e6f9b5d850ae1f8a92d5debbc32019e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4965
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 15:49:42 GMT

GET
H2

200

activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=un... Show response
9143205.fls.doubleclick.net/ Frame B8FB
Redirect Chain

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=...
https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2F...

2 KB
910 B

57ms
56ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

d72220b2942e8b4dde4df582ef10ba9ce4f30f1441579fbe73d1e73a7177716a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 574
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:12:27 GMT
expires: Sat, 14 Oct 2023 15:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:12:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined... Show response
9143205.fls.doubleclick.net/ Frame CA91
Redirect Chain

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefin...
https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com...

1 KB
809 B

107ms
107ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

33b64f6de98b173068d5d037f3f2e2f5869cc96fedacea92249568758151c18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 512
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:12:27 GMT
expires: Sat, 14 Oct 2023 15:12:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:12:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 54ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:12:26 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4E450A58B234D9F9600CC1F24147CF4 Ref B: FRA31EDGE0108 Ref C: 2023-10-14T15:12:27Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 3 KB
1 KB 79ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1697296347116&cv=11&fst=1697296347116&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&hn=www.googleadservices.com&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&auid=1679957185.1697296347&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8206aaad2698a0eaa839f6fd03c894e43454a3fb1465bfdc9c3ce8f466e9be10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 3 KB
2 KB 78ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1697296347119&cv=11&fst=1697296347119&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&label=cX-MCIju9YAYENmL-_Qo&hn=www.googleadservices.com&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&auid=1679957185.1697296347&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cb266fc9509198fe273f4d8577a1142dd06d4886f8ed2cd38ae79aaeec92024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 282 KB
94 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8DZM87&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aab23a646fd6fbc331c416eeb7a5a4fd951e510d772f1d589c9c2aa45587fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
79 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K7SCJ3&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44d9566cf755a28feaed14d3fa6ed6eab3f26ae1b7b1cce4040609c619ef8b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81139
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941062297

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cda67e5fcf14fb114700f6849bca668bf651f9c554b203b632b331eac57c4e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/634815/onsite/ 1 KB
971 B 54ms
11ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0abc99a59b1d81a237a404fc41b979ff418f2f71754e7168619a680002a7836c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: pfH6CUCv.yYlHuLsjHG2ISPAlvtKZ4hK
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: V4NRNFWQG8Q60W8B
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 518
x-amz-id-2: ri3RMBSsGKMbNHXlQWUdQENfQZRjTUc/OWuNdqY5LF1KtFipBWEHzp3YW2E0nKqDX+lrzhT7rxk=
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Wed, 11 Oct 2023 20:56:55 GMT
server: AmazonS3
x-timer: S1697296347.171406,VS0,VE2
etag: "f72637f890a9d0f752f3a0deb2f7650c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 4ldwp954ta Show response
www.clarity.ms/tag/ 843 B
1 KB 129ms
101ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4ldwp954ta
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2b4fa926260956ffb091b25a8d6a6ce8e8e4926930444299b8f922926c874707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: -1
date: Sat, 14 Oct 2023 15:12:27 GMT
x-azure-ref: 20231014T151227Z-qck65em4xx6et52k0tneb8224g00000003xg000000000k0c
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 843
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 178ms
113ms Script
application/javascript 23.36.162.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0f049fe8207e866ec1120c35f8fafcb5c8302472c0badc7600e4a65a8ee1693a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 3f467d50.33d64c3b
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-10.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 97,23.36.160.10
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=14, inner; dur=4
content-length: 1364
pragma: no-cache
server: nginx
x-tt-logid: 202310141512273BCF55F81C3455A0B0F0
x-cache-remote: TCP_MISS from a184-24-96-155.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,184.24.96.155
x-tt-trace-host: 010faac29b59abee9e69370388057ad9930bcbd693f85e931e61275115baf8177a09debd0607c8afaf5f62073d449842a261897fba2d648040368ba5e9f798e0a40d7686e53dda42576be2f70db1a4993c1d46a676ff9a238a299196a7155a77dab37912198ad765cf94e91103a9b36e3e
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 15:12:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: VI+2WmmgVxsdVsSkWBzWpKkNnFqOItrly9kr9RcCeyZ8/cjoASpNhc8BOBpeUbaSOFKdoWtzGJRz9XfjP5e/Ow==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 105 KB
28 KB 66ms
25ms Script
text/javascript 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca40b7beb16d5bd7e5820f63d52abe9bbbc5a8fed74fe7a036fff77aba76c281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: NyYlL0w3SemyzgsZMVt2SEoSQ0uFdI5p
content-encoding: br
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
date: Sat, 14 Oct 2023 15:12:17 GMT
x-amz-cf-pop: AMS54-C1
age: 11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 25 Sep 2023 13:40:20 GMT
server: AmazonS3
etag: W/"5962b85f16a8f98d049942c258e35c7f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: x20AqX2ac-GQM2FjOVPNSyq3Fxu1N7rOD65Xxx_7n-gyn5rYQni5dA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
85 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f35d339ccc43c7e14228e35d059f57f99a06f593abc26d5506fd82316b8fba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/ 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/?random=1697296347179&cv=11&fst=1697296347179&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&hn=www.googleadservices.com&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&auid=1679957185.1697296347&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-941062297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

075e49cc2270bf5730703d5408536a0993f6cd49e8241e5fb2e868e3c522c149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HM1230DXLC&gtm=45je3ab0&_p=487218042&_gaz=1&cid=859156921.1697296347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=xp%20-%20web%20-%20nl%20-%20lp%20-%20cartao-credito-xp&sid=1697296347&sct=1&seg=0&dl=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&en=page_view&_fv=2&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 62ms
21ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HM1230DXLC&cid=859156921.1697296347&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 57ms
33ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HM1230DXLC&cid=859156921.1697296347&gtm=45je3ab0&aip=1&z=1549171940

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1242954859141196 Show response
connect.facebook.net/signals/config/ 101 KB
27 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1242954859141196?v=2.9.134&r=stable&domain=lp.xpi.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c447b1b96c81e99a267d4fdb4b3b2d5538565903c57fb99c192f0d6f8ea5c12

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 15:12:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ele+Nk9onOignGNYwRcq7GaWoPt1eMPaNiPC9BwQWddSPaKCtgnkgiRqk3bpPUS29ovVk6FvAwlig/3wZ2/g/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=487218042&t=pageview&_s=1&dl=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&dp=%2Fcartao-credito-xp&ul=en-us&de=UTF-8&dt=xp%20-%20web%20-%20nl%20-%20lp%20-%20cartao-credito-xp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUABRAAAACAGK~&jid=879803447&gjid=1708904383&cid=859156921.1697296347&tid=UA-5145909-16&_gid=5709284.1697296347&_r=1&_slc=1&gtm=45He3ab0n81NZZVKVD&cd35=n%C3%A3o&cd36=nc&cd81=GTM-NZZVKVD%20-%20643&cd83=%3A&cd6=859156921.1697296347&z=1857927243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 145000350.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/145000350.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 14 Oct 2023 15:12:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A21D878FF1704DE5BF81768D0E693208 Ref B: FRA31EDGE0108 Ref C: 2023-10-14T15:12:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=145000350&Ver=2&mid=8e8281ce-a694-4ad5-aa58-a8784fff4e4a&sid=161923606aa411ee841b6f3a26dd17b5&vid=161934c06aa411eebcd7839727fe14fe&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&p=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&r=&lt=1124&evt=pageLoad&sv=1&rn=406333

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 15:12:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C850BE48F7684AE085A336CB285EF0E5 Ref B: FRA31EDGE0108 Ref C: 2023-10-14T15:12:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10982704601/ 42 B
108 B 50ms
25ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10982704601/?random=1697296347116&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&fmt=3&is_vtc=1&random=278715014&rmt_tld=0&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10982704601/ 42 B
154 B 24ms
22ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10982704601/?random=1697296347116&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&fmt=3&is_vtc=1&random=278715014&rmt_tld=1&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10982704601/ 42 B
108 B 46ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10982704601/?random=1697296347119&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&fmt=3&is_vtc=1&random=258976555&rmt_tld=0&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10982704601/ 42 B
108 B 24ms
23ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10982704601/?random=1697296347119&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&fmt=3&is_vtc=1&random=258976555&rmt_tld=1&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 1 KB
1 KB 42ms
15ms Fetch
application/json 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a166d6a7059214c1c661d09d408b62ca42d05147b55886f7e77d9d78a3933cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: ._9FvqlP2siaMflanrSrgDcbdjrlzsvx
content-encoding: br
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
date: Sat, 14 Oct 2023 13:38:21 GMT
x-amz-cf-pop: AMS54-C1
age: 5722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 10 Oct 2023 16:35:09 GMT
server: AmazonS3
etag: W/"fcf020355f78ec0960c58eda430a8cb1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: whO-2LHDbj14k_icEPlKwUmiAVPfVJ6nvCnFulbbTGesnnhXlWJdyw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/941062297/ 42 B
455 B 39ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941062297/?random=1697296347179&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=375143149&rmt_tld=0&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/941062297/ 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941062297/?random=1697296347179&cv=11&fst=1697295600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&frm=0&tiba=Cart%C3%A3o%20de%20Cr%C3%A9dito%20XP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=375143149&rmt_tld=1&ipr=y

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 17ms
17ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4ldwp954ta
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
last-modified: Thu, 12 Oct 2023 01:51:26 GMT
etag: W/"0x8DBCAC5BF4C06D9"
vary: Accept-Encoding
x-azure-ref: 20231014T151227Z-qck65em4xx6et52k0tneb8224g00000003xg000000000k0n
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 012b24a2-801e-0005-2ae6-fcfc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5145909-16&cid=859156921.1697296347&jid=879803447&gjid=1708904383&_gid=5709284.1697296347&_u=aCDACUAARAAAACAGK~&z=121247405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame B8FB 50 KB
19 KB 100ms
59ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18645
x-xss-protection: 0
server: cafe
etag: 5863262954022034179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=*;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=unde...
adservice.google.com/ddm/fls/z/ Frame B8FB 42 B
401 B 72ms
48ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO60687p9YEDFYnBsgodvk4Npw;src=9143205;type=xp_pages;cat=xp-pa0;ord=5028534903187;auiddc=*;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 13ms
13ms Script
application/javascript 23.36.162.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 33d64de0
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123821AC0ACC586CFDCE419791
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-10.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0112077e65edf791d851806c314716c22b5e40574381737c0f0067d435d61c3a7b949c04fe281acacf1607265ff18b3df67687afe3a656c327c0e5f5aee514bf98134078acc540455bff83a3a775d011b78f6a95f9cc3913ad80970bc2ffa0892a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
content-length: 100983

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1242954859141196&ev=PageView&dl=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&rl=&if=false&ts=1697296347360&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=28&fbp=fb.2.1697296347359.732858155&ler=empty&it=1697296347240&coo=false&tm=1&rqm=GET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 15:12:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1242954859141196&ev=ViewContent&dl=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp&rl=&if=false&ts=1697296347361&cd[value]=0&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=28&fbp=fb.2.1697296347359.732858155&ler=empty&it=1697296347240&coo=false&tm=1&rqm=GET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 15:12:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
34ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5145909-16&cid=859156921.1697296347&jid=879803447&_u=aCDACUAARAAAACAGK~&z=1466359146

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
35ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5145909-16&cid=859156921.1697296347&jid=879803447&_u=aCDACUAARAAAACAGK~&z=1466359146

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cartao-credito-xp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame CA91 50 KB
18 KB 69ms
68ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=1679957185.1697296347;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18645
x-xss-protection: 0
server: cafe
etag: 5863262954022034179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=*;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=...
adservice.google.com/ddm/fls/z/ Frame CA91 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIO0687p9YEDFT5bkQUdEl8OzA;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20231014;auiddc=*;u1=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp;u3=undefined;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fcartao-credito-xp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 14ms
14ms Script
application/javascript 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:01:14 GMT
x-amz-version-id: 3WH7fo_L3a6tJ5CveU3KsNM8ULxsLQXZ
content-encoding: br
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5155873
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Aug 2023 20:49:50 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: CcXRlJq4Xv_9frZ9F2-IIp3MqW4D3t6s1hBb3uSv2oSDTciuxNOXLw==

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 29ms
29ms Script
application/javascript 23.36.162.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 33d64fc1
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110708F44352D381E04A7F769B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-160-10.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01090ceccc81ba5665f4d2e09caba4b900886e50d4e8e57a8aa386a2153e10fe53698d224c6980d7105e40a5f5adb79c90b176b4e6af3f7632e5c146041e41070a6d0fb68f0b283e9ba865e8c63d66b54219f6d0e9b2f77fb473953e7ac7ca14db
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=10
content-length: 36493

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
907 B 175ms
107ms Ping
text/plain 2.16.238.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-17.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 155c143e.1ae873e7
date: Sat, 14 Oct 2023 15:12:27 GMT
x-bytefaas-request-id: 202310141512271900515132B1E9E667B4
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-239-17.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51620215) (-)
x-parent-response-time: 96,2.16.239.17
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141512271900515132B1E9E667B4
x-cache-remote: TCP_MISS from a23-207-199-98.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.30
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01b4c327e33dcd25650dd2602a18b3c9d0c2dea89ac6908449391f3672e0ee8a4f22a9030c86aed1f6c8b1335cf30845e916488412d26afb9c6a59ec77149eafc385c3394ea87c52e5fa70c831f6a8dff7c8ee15d456e3a9f7ce8c914991866634ed86fd68f99ebe13c09c77abfe47c3f0
x-origin-response-time: 9,23.207.199.98
access-control-allow-headers: *
expires: Sat, 14 Oct 2023 15:12:27 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
790 B 157ms
157ms Ping
text/plain 23.36.162.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 49582b3f.33d65018
date: Sat, 14 Oct 2023 15:12:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-10.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 129,23.36.160.10
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=41, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141512271CAAB6D8E3E20EA32D77
x-cache-remote: TCP_MISS from a104-96-220-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,104.96.220.15
x-tt-trace-host: 010faac29b59abee9e69370388057ad993d88df99c2babae987d0ee0852853f59606699fb32ae8a5478158994a8d60e8fef64c3f2d0230e57872ad6889933df52e4f7ee87dc6211c619194ac2526b6b81362659c189c65bc6eea758fa2f0febde0dc88906933e6e449e74b328c2c1244e6
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/765733756/ Frame B8FB 3 KB
2 KB 21ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765733756/?random=1697296347532&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

256e5e6d0a2074cae149a049cc64823cdb7960d4de638cd2089d6cbd467e5372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 15ms
14ms Script
application/javascript 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 01:37:17 GMT
x-amz-version-id: Q83vlLXgyWB6DuTGnFxHLMCEzu8jknn5
content-encoding: br
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 999311
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 03 Oct 2023 01:26:38 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: WAeNr5xx2VvPj4AGNhduQgw8yukBUUhxE2Xu6ytKWoz2t_p2bxzJQA==

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame B8FB 50 KB
18 KB 62ms
61ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18645
x-xss-protection: 0
server: cafe
etag: 5863262954022034179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/765503342/ Frame CA91 3 KB
2 KB 21ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765503342/?random=1697296347642&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3320f4bbf5d4b7c157520b32025688de2cc21f1513a7c19bc28a342bd9e4219d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1599
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
293 B 280ms
92ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://lp.xpi.com.br
Date: Sat, 14 Oct 2023 15:12:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3

200

/
www.google.de/pagead/1p-conversion/765733756/ Frame B8FB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C4...
https://www.google.com/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&...
https://www.google.de/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u...

42 B
64 B

26ms
26ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI9_X-zun1gQMVzAlVCB0eaQM1&is_vtc=1&ocp_id=268qZbecIcyT1PIPntKNqAM&cid=CAQSKQDICaaNfmb0oHx8kd89mdlzVz_xbmXq8JMeRAyOXSNEI9e-c89InKp9&random=589617523&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765733756/?random=1793415609&cv=9&fst=1697296347532&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI9_X-zun1gQMVzAlVCB0eaQM1&is_vtc=1&ocp_id=268qZbecIcyT1PIPntKNqAM&cid=CAQSKQDICaaNfmb0oHx8kd89mdlzVz_xbmXq8JMeRAyOXSNEI9e-c89InKp9&random=589617523&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 529ms
171ms Fetch
application/json 54.69.251.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-251-6.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://lp.xpi.com.br
date: Sat, 14 Oct 2023 15:12:28 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3

200

/
www.google.de/pagead/1p-conversion/765503342/ Frame CA91
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C46...
https://www.google.com/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u...
https://www.google.de/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_...

42 B
64 B

25ms
24ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqKuFz-n1gQMVgssRCB0Lvw8x&is_vtc=1&ocp_id=268qZejRJ4KXx_APi_6-iAM&cid=CAQSKQDICaaNNkCihQPOkTHQ6Cbv38xLIdi1SyKyk6uBgCIxeqK_8uHbE4-A&random=3221546995&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765503342/?random=941594608&cv=9&fst=1697296347642&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIO0687p9YEDFT5bkQUdEl8OzA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20231014%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqKuFz-n1gQMVgssRCB0Lvw8x&is_vtc=1&ocp_id=268qZejRJ4KXx_APi_6-iAM&cid=CAQSKQDICaaNNkCihQPOkTHQ6Cbv38xLIdi1SyKyk6uBgCIxeqK_8uHbE4-A&random=3221546995&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
789 B 188ms
188ms Ping
text/plain 23.36.162.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2158610a.33d652e1
date: Sat, 14 Oct 2023 15:12:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-160-10.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 167,23.36.160.10
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=74, inner; dur=54
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014151227F115680DB047E9E480A9
x-cache-remote: TCP_MISS from a104-96-220-23.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 74,104.96.220.23
x-tt-trace-host: 010faac29b59abee9e69370388057ad993d88df99c2babae987d0ee0852853f596d23acf47a4df603724bf3243ebab7334fa7b846c0ae4208d8e7d309f36976207922932b9cb51c0014a58ba33902dece7d1b006fe85faf90c507944b0573decd26c4dc427fafea43bbf8e1184b13cae51
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 15:12:27 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/765503342/ Frame B8FB 3 KB
2 KB 20ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765503342/?random=1697296347736&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0133ba2297d0409aacfd48dcd64ea4bea421712ebd698ffb7b66c0e2354a49c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/765503342/ Frame B8FB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C46...
https://www.google.com/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u...
https://www.google.de/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_...

42 B
64 B

25ms
25ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyP-Kz-n1gQMVsfMRCB3FWwkh&is_vtc=1&ocp_id=268qZYimLbHnx_APxbeliAI&cid=CAQSKQDICaaNXR4Q9KjhT8JwT1w65EWGDPvbdLJYM4lgSewt_fLKg3tlqoM3&random=561202486&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765503342/?random=746043912&cv=9&fst=1697296347532&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO60687p9YEDFYnBsgodvk4Npw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5028534903187%3Bauiddc%3D1679957185.1697296347%3Bu1%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3Bgtm%3D45He3ab0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Flp.xpi.com.br%252Fcartao-credito-xp%3F&ref=https%3A%2F%2Flp.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyP-Kz-n1gQMVsfMRCB3FWwkh&is_vtc=1&ocp_id=268qZYimLbHnx_APxbeliAI&cid=CAQSKQDICaaNXR4Q9KjhT8JwT1w65EWGDPvbdLJYM4lgSewt_fLKg3tlqoM3&random=561202486&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 cxSRYvIBkB Show response
lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/ 18 B
668 B 196ms
195ms XHR
application/json 2a02:26f0:11a::5f65:1751
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/cxSRYvIBkB
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/DOFXvUS29JUP05RMRNqvCd2y/t7Yc2ScVQhz1/EHwtRzUrGAU/EQ/cxSRYvIBkB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1751 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://lp.xpi.com.br/cartao-credito-xp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 15:12:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
x_req_id: 38bbd636-fd48-4485-990b-1a20f7df9984
access-control-allow-headers: Content-Type
content-length: 18

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
293 B 385ms
284ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://lp.xpi.com.br
Date: Sat, 14 Oct 2023 15:12:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 generic1697057813679.js Show response
nebula-cdn.kampyle.com/us/wu/634815/onsite/ 1 MB
111 KB 9ms
8ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

01d49fb6c551b2bec8265d466e22f56c1064e6b6ba06867e610e52b95dbbc674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 5HLAATOmeIVJvWhYNce5ZMZlmWAWX.3k
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: P1F0CET9D4ZB14SD
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 113192
x-amz-id-2: xq/REH5oiU1gwP94PfrLIiffZPoXiPociZmDkqohhqY+iMcyni4jWBrz6LyuMBZQIuIimJI4XN4=
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Wed, 11 Oct 2023 20:56:55 GMT
server: AmazonS3
x-timer: S1697296348.881212,VS0,VE2
etag: "8c9128b507fe88e6eeffd75b0fda118e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&RedC=c.clarity.ms&MXFR=2B59A111742E6B8B2D99B2BB702E65E8
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&MUID=0CEA7C16608B6EC231076FBC61276FFA

42 B
443 B

27ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&MUID=0CEA7C16608B6EC231076FBC61276FFA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:12:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40C79F748C8447D392DF63B30B70ECE3 Ref B: FRA31EDGE0108 Ref C: 2023-10-14T15:12:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B7265410BBE34451AF6BC63DD58C1355&MUID=0CEA7C16608B6EC231076FBC61276FFA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H2 200 two
ec.instapagemetrics.com/t/ Frame 0
0 369ms
116ms Preflight 34.71.95.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.95.71.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lp.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://lp.xpi.com.br
access-control-max-age: 5
content-length: 0
date: Sat, 14 Oct 2023 15:12:28 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin

POST
H2 200 two Show response
ec.instapagemetrics.com/t/ 2 B
337 B 353ms
116ms XHR
text/plain 34.71.95.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.95.71.34.bc.googleusercontent.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 15:12:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: sameorigin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lp.xpi.com.br
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
content-length: 2

GET
H2 200 formData1690964106167_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/38337/ 13 KB
3 KB 33ms
18ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/38337/formData1690964106167_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e870ba133dc2c9dd52288d23afec311fdb956f97ef66bf8735fd09b785c79f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 6TootYy8I4.z_mhKiJpV2fkEy4n5A8Ru
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:28 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Y1D1HB5JK83XTMS0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2924
x-amz-id-2: UT04nZ5XftpyF/MIJ0crUaYsH9OeZsggfXYBpLQ9klZi5D3qIGX23hcpunXiiqvLs10CRfu+mBY=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:15:07 GMT
server: AmazonS3
x-timer: S1697296348.993272,VS0,VE10
etag: "f0c0151fa30fb30001bb01a43f2c215c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690964144332_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/40221/ 13 KB
3 KB 25ms
11ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/40221/formData1690964144332_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58130f679c92b89fab392486bc0e87f0647977bcc5061feb8bd765e92403c0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: cauxEIeYLO2INVjvbf42ePh5ebgNevOm
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Y1D73R4JWD655FDP
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3158
x-amz-id-2: 9gKE6tGZHeKQWPM0Wm6+I6niqKgzilC0vLQo/1AoT6re+D5Ww6GwbaFWESlOw7p0Bozvu687wkA=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:15:45 GMT
server: AmazonS3
x-timer: S1697296348.993889,VS0,VE1
etag: "b5767e7869e8ad37e20830e41c6f95ee"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690964033934_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/40222/ 13 KB
3 KB 24ms
11ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/40222/formData1690964033934_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

106703db58ea4820ea21fdc222fe914784c40b2d4655dc16840874138095cd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: TiKmxdKwMQKTnxvO5E5JFwmD.ITtyGY9
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QCSHP93EZH7YYYRE
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3085
x-amz-id-2: zGvVuz65j2Sz9L9ueJCFxZcvR8Kam0vmYWhJezfjUAWcB2nSvOaSKBl2DZ7JlmZFluAJkCYyjKY=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:13:55 GMT
server: AmazonS3
x-timer: S1697296348.993865,VS0,VE1
etag: "b0811df6030d6311e6ff00e32264eaea"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690964406917_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/46973/ 12 KB
3 KB 25ms
13ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/46973/formData1690964406917_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3b1f20f10f803c14b02a452f4ab1aec808ad5c26d1025f44b4aa84fdef10e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 5ZfP5Ze.83pVmXt9jOSU6f.vi8qojU_K
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QCSQ60X8YZ0PPA5S
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3031
x-amz-id-2: rTyjDx3o0ht72jsLU3d7+4UYQpaqtYJTMhtsb1QBmxWedtZhZHCY7Bhv/4XK2MwcEJTo/Mv8UcA=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:20:08 GMT
server: AmazonS3
x-timer: S1697296348.993313,VS0,VE4
etag: "cc96cf84e07fbc588e589e1008b5d3fa"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690963833776_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47096/ 15 KB
4 KB 23ms
12ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47096/formData1690963833776_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

853d47c7bc290fd333f0c4e91551b1d124ce35682005e7a98be8dc671c518cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: jeC5aZcp1BA_vFnSw5oXJcE4z0CZJyKF
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QCSWXE1NK66WMD8X
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3286
x-amz-id-2: GjylwnJn4KFxWK0Br0+PnDCeYMTLp0/FjZkwE2Q5oD6bGUYImXKg1gywFSIP5WJLySpTzAOnkQc=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:10:35 GMT
server: AmazonS3
x-timer: S1697296348.994079,VS0,VE1
etag: "535ca1872498b86d3eced54cad728fc1"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690964373529_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47664/ 15 KB
4 KB 20ms
9ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47664/formData1690964373529_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ab37673ccc17e5db9391ac3ab4e561332422a72556eec9897dc60c96c988200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: H8GX7tz1ANUfv6X1LjuyYgbsePV6K_YN
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QCSZRR2D8DPS3EY9
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3281
x-amz-id-2: PaGJq3Weq5W4L/zECPtGyHYQ6mTHIiw8/gL6sXYbv6YWZIpB2Khw1WfU/vy0g5BtYGSnBl9cBYs=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:19:35 GMT
server: AmazonS3
x-timer: S1697296348.993815,VS0,VE1
etag: "141f44b9645a9c0c4bb10e668d2e6d04"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690963766099_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47666/ 15 KB
3 KB 20ms
10ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47666/formData1690963766099_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

60fc64659f2ce268bac1844104a7145b50445753f50904ab9d12926242b2a425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: pqPltLGxIq4fSgH7mxvmu8lqfjjrwoO7
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: QCSM7S199WVY1B52
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3269
x-amz-id-2: DKo//RP675Md7Cd+TgK3wSfvYEFV0Ya/PmBPU2beQCIiFyRL9CCxTCVS0B6d4fP2F3qCe5ygtdg=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:09:27 GMT
server: AmazonS3
x-timer: S1697296348.993785,VS0,VE1
etag: "75a8cde6a9cafe2ab00463a92493093c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1690963874583_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47667/ 15 KB
3 KB 21ms
12ms XHR
application/json 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47667/formData1690963874583_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1697057813679.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

482b0eda2fe622902f74232004c17f964a3989613690e4260f27f07d09c8808b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: Kn7hK5BE3Bb.5WdU_PLUziM0ycSwSi_F
content-encoding: gzip
via: 1.1 varnish
date: Sat, 14 Oct 2023 15:12:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 3KFSSC9WM58E8BD3
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3291
x-amz-id-2: eVqlpgHxq5z+iVfs6d5c3mRlwWdypi6NbmKbh6vZar09f9tJOYPPzDTWLjBwZgnk1VLycH4WUHM=
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Wed, 02 Aug 2023 08:11:16 GMT
server: AmazonS3
x-timer: S1697296348.994137,VS0,VE2
etag: "819a48b3f771c1361c27d2d9d148243b"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 141ms
103ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY5NzI5NjM0Nzk2OCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDIsInVzZXJfaWQiOiAiMThiMmViZWYzMzU0YzUtMDEzNzlkZTEwZWYyOWYtMWYzMDNhNzEtMWQ0YzAwLTE4YjJlYmVmMzM2Y2EwIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ3ZWJzaXRlSWQiOiA2MzQ4MTUsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjUwYmQtMWQ3Zi01ZDBlLTdkNGMtM2RiMS1jOTZjLTgzYzktOThjNyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjk3Mjk2MzQ3OTY1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE4ODEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDc5NjgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-c5z8
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
77 B 110ms
104ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwMjQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzM4MzM3L2Zvcm1EYXRhMTY5MDk2NDEwNjE2N19wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA0N319LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwMjQsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-9dqg
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 98ms
98ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNjIiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQwMjIxL2Zvcm1EYXRhMTY5MDk2NDE0NDMzMl9wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4M319LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-2cnm
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 100ms
99ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNjUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQwMjIyL2Zvcm1EYXRhMTY5MDk2NDAzMzkzNF9wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4NH19LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNjUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-x91x
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
75 B 99ms
98ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNjciLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQ2OTczL2Zvcm1EYXRhMTY5MDk2NDQwNjkxN19wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4Nn19LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNjcsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-spcs
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 98ms
97ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNjgiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQ3MDk2L2Zvcm1EYXRhMTY5MDk2MzgzMzc3Nl9wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4N319LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNjgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-v6cw
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 97ms
97ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNzAiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQ3NjY0L2Zvcm1EYXRhMTY5MDk2NDM3MzUyOV9wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4N319LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNzAsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-00lx
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 101ms
100ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNzIiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQ3NjY2L2Zvcm1EYXRhMTY5MDk2Mzc2NjA5OV9wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4OX19LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNzIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-n8qc
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 99ms
99ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOC4wLjU5OTMuNzAgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkNhcnTDo28gZGUgQ3LDqWRpdG8gWFAiLCJwYWdlX3VybCI6ICJodHRwczovL2xwLnhwaS5jb20uYnIvY2FydGFvLWNyZWRpdG8teHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2OTcyOTYzNDgwNzMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE4YjJlYmVmMzM1NGM1LTAxMzc5ZGUxMGVmMjlmLTFmMzAzYTcxLTFkNGMwMC0xOGIyZWJlZjMzNmNhMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL2NhcnRhby1jcmVkaXRvLXhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1MGJkLTFkN2YtNWQwZS03ZDRjLTNkYjEtYzk2Yy04M2M5LTk4YzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY5NzI5NjM0Nzk2NSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC4zMDI2MTkwMzc3MDQyOCIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL25lYnVsYS1jZG4ua2FtcHlsZS5jb20vdXMvd3UvNjM0ODE1L2Zvcm1zLzQ3NjY3L2Zvcm1EYXRhMTY5MDk2Mzg3NDU4M19wdC1ici5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4OX19LCJjb29raWVfc2l6ZSI6IDE5OTEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUyLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2OTcyOTYzNDgwNzMsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-3n3m
date: Sat, 14 Oct 2023 15:12:28 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
293 B 94ms
92ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://lp.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://lp.xpi.com.br
Date: Sat, 14 Oct 2023 15:12:29 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xpi.com.br/	1970-01-20 15:28:23	Name: ak_bmsc Value: ED34D1F373147A1754BC337B1FA73E4C~000000000000000000000000000000~YAAQTRdlXyhICvWKAQAAwe6+LhWdas1n8baQFS1o6bHXpwn/erIkZI3WH5c01g/o814Nw5Jqeqe/Cub7zu9tvavYqrcQ8D3snbc2D/4ElsNHnjxpBzGfNHmULF0E+PlQvxhiNS7YAtc4A1VAXjq9WmglNL9LN8jLCKoc1LDx+0lwJD91Rx9mOw8fEgY/80Db7Zlog9jN6UBGf2zC4T9GUvMKGtdTgSGI/B+e5uBIpPjlVGnhHoOEg52TKiUXMe855cRCzsHTdHP38N5k3INtfGncw0MgBFp24y4noPP8WrpAKsejt/usnv8QKcTMCMOKCtsMumdICQaXCKWN8h5PMYAirE2ZPuNMcoWAczEgKfc5hiza244zJcW6vW//FO1+a3jNyqtXJ+zg4gA=
.xpi.com.br/	1970-01-20 15:28:30	Name: bm_sz Value: 99ECDAFEE674EEA49FFE8FDAC143190F~YAAQTRdlXylICvWKAQAAwe6+LhVeWPzgXV0bdduUxsrx1iaSxmy8fgZCwugo1teG3F5SdKasX23ZWQICDQP2Dco7y66OV2R8N8Waz/2VpLFZib62IvUvxS8AuN8VCrQxEqNvPBH9orl0WXNX3OniQlYjGchB2DyWP5P86h89fgE3WGNQvIETXqeOZIaV56Jr4utcEayzP0UV7FX5lTM+/b6Nmi1d2VrHxyHFX/jTZB/NDxRTkWWyVig7HFoPfin+8rerQlM44bqP3+Q2iGmeb9jvDOot75bKGPrFXO5VVFSg+wI=~4601906~3748915
.xpi.com.br/	1970-01-20 17:37:52	Name: _gcl_au Value: 1.1.1679957185.1697296347
.xpi.com.br/	1970-01-21 01:04:16	Name: _ga_HM1230DXLC Value: GS1.1.1697296347.1.0.1697296347.60.0.0
www.clarity.ms/	1970-01-21 00:13:52	Name: CLID Value: d715c4ffe08c424c97f8a55b0d45bf7f.20231014.20241013
.xpi.com.br/	1970-01-21 01:04:16	Name: _ga Value: GA1.3.859156921.1697296347
.xpi.com.br/	1970-01-20 15:29:42	Name: _gid Value: GA1.3.5709284.1697296347
.xpi.com.br/	1970-01-20 15:28:16	Name: _gat_UA-5145909-16 Value: 1
.xpi.com.br/	1970-01-20 15:29:42	Name: _uetsid Value: 161923606aa411ee841b6f3a26dd17b5
.xpi.com.br/	1970-01-21 00:49:52	Name: _uetvid Value: 161934c06aa411eebcd7839727fe14fe
.tiktok.com/	1970-01-21 00:49:52	Name: _ttp Value: 2Wl9YbXU1N15wlARu8lbhhJZbz4
.bing.com/	1970-01-21 00:49:52	Name: MUID Value: 0CEA7C16608B6EC231076FBC61276FFA
.xpi.com.br/	1970-01-20 17:37:52	Name: _fbp Value: fb.2.1697296347359.732858155
.doubleclick.net/	1970-01-21 00:49:52	Name: IDE Value: AHWqTUlHPLb38FqdjN-LfaDynXCTzv6AHoPkw_XsltPrrWaK9S2JPhcvaCAg0lkdK9A
.xpi.com.br/	1970-01-21 00:13:52	Name: _clck Value: 1l35gho\|2\|ffu\|0\|1382
.xpi.com.br/	1970-01-21 00:49:52	Name: _tt_enable_cookie Value: 1
.xpi.com.br/	1970-01-21 00:49:52	Name: _ttp Value: QoMnw7AcjiF7_ZFkm8dX1J8lNmM
.xpi.com.br/	1970-01-21 00:13:52	Name: isReset Value: true
.xpi.com.br/	1970-01-21 00:13:52	Name: ajs_anonymous_id Value: 6f142228-afba-47eb-9e8f-63774b3f5fc9
.xpi.com.br/	1970-01-21 00:13:52	Name: segment_anon_id Value: 6f142228-afba-47eb-9e8f-63774b3f5fc9
lp.xpi.com.br/	1970-01-20 15:28:18	Name: instap-spses.3abb Value: *
lp.xpi.com.br/	1970-01-21 01:04:16	Name: instap-spid.3abb Value: b8fb5086-5939-4ed6-a4ee-31ccb45b3073.1697296348.1.1697296348.1697296348.0dab435a-aa76-4c45-96b8-70c75ed1af44
lp.xpi.com.br/	1970-01-21 00:13:52	Name: mdLogger Value: false
lp.xpi.com.br/	1970-01-21 00:13:52	Name: kampyle_userid Value: 50bd-1d7f-5d0e-7d4c-3db1-c96c-83c9-98c7
lp.xpi.com.br/	1970-01-21 00:13:52	Name: kampyleUserSession Value: 1697296347965
lp.xpi.com.br/	1970-01-21 00:13:52	Name: kampyleUserSessionsCount Value: 1
.xpi.com.br/	1970-01-21 00:13:52	Name: _abck Value: 35EA1838DBD620BE7ACC1E20D118E2E4~0~YAAQTRdlX5JICvWKAQAAOPO+LgpaOWy91vLmXuR3QtCRBJgLjKPpZufxO/1ReujGzjYE6O+0PcfnxCYYZXSGaXLdgx9W4H/fxPMqN3/kljmOr5w4ZmQB/bRRoOJrwGPADvsfCIe/G2vXeZ4h/FeZcHCItoPRS/jDBrHZumZKUBqa9ZU8u4WDxRy/6Bs0g5mU+MU/CvbBFOISGacKP6taLEP06KmoA2w+nQ6vIznMW0QmyYa+iOiL3EZR/PTWvLNHptDLeRA6TbHFy8dziTiaL99IDrStJXdYbKVJ7rN1mJtgC2qhTlH05/4j+a9Ul+SgC1hj8dS78S1cYeQ2YpUqObaIxCPNtfc3EK03/MEgUnufUhuctJ4xyDvxW3wnW/RMvl8/g13AJX1JsVa2jxLmpaC2+QFQ/0hz~-1~\|\|-1\|\|~-1
lp.xpi.com.br/	1970-01-21 00:13:52	Name: kampyleSessionPageCounter Value: 1
lp.xpi.com.br/	1970-01-21 00:13:52	Name: kampyleUserPercentile Value: 28.30261903770428
.xpi.com.br/	1970-01-20 15:29:42	Name: _clsk Value: 789n3d\|1697296348020\|1\|1\|w.clarity.ms/collect
.c.bing.com/	1970-01-20 15:38:21	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:49:52	Name: SRM_B Value: 0CEA7C16608B6EC231076FBC61276FFA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:49:52	Name: MUID Value: 0CEA7C16608B6EC231076FBC61276FFA
.c.clarity.ms/	1970-01-20 15:38:21	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:28:16	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9143205.fls.doubleclick.net
adservice.google.com
analytics.pangle-ads.com
analytics.tiktok.com
api.segment.io
bat.bing.com
c.bing.com
c.clarity.ms
cdn.instapagemetrics.com
cdn.jsdelivr.net
cdn.segment.com
connect.facebook.net
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
googleads.g.doubleclick.net
heatmap-events-collector.instapage.com
lp.xpi.com.br
nebula-cdn.kampyle.com
region1.analytics.google.com
stats.g.doubleclick.net
udc-neb.kampyle.com
v.fastcdn.co
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
13.227.222.191
142.250.186.102
142.250.186.98
151.101.193.175
2.16.238.17
2001:4860:4802:32::36
23.36.162.74
23.96.124.156
2606:4700:4400::ac40:9b7c
2606:4700::6810:5914
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9d
2a02:26f0:11a::5f65:1751
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.36.17.181
34.71.95.65
35.241.45.82
35.244.137.202
54.69.251.6
68.219.88.97
0133ba2297d0409aacfd48dcd64ea4bea421712ebd698ffb7b66c0e2354a49c5
01d49fb6c551b2bec8265d466e22f56c1064e6b6ba06867e610e52b95dbbc674
0243ee263ff5a7ff2d302b924c33446bbb96af894873e5bcb298a9d9bf21b881
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
075e49cc2270bf5730703d5408536a0993f6cd49e8241e5fb2e868e3c522c149
0abc99a59b1d81a237a404fc41b979ff418f2f71754e7168619a680002a7836c
0f049fe8207e866ec1120c35f8fafcb5c8302472c0badc7600e4a65a8ee1693a
106703db58ea4820ea21fdc222fe914784c40b2d4655dc16840874138095cd3f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1668365b8e4506ed8ba8437a6c451d7200f270bb862c625fbd44d59fda4e960c
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
256e5e6d0a2074cae149a049cc64823cdb7960d4de638cd2089d6cbd467e5372
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27aca3a62c383fe56a27138ddc1947445d37d45c363df5b28e8a7bfa1b79b35a
2b4fa926260956ffb091b25a8d6a6ce8e8e4926930444299b8f922926c874707
2f35d339ccc43c7e14228e35d059f57f99a06f593abc26d5506fd82316b8fba2
3320f4bbf5d4b7c157520b32025688de2cc21f1513a7c19bc28a342bd9e4219d
33b64f6de98b173068d5d037f3f2e2f5869cc96fedacea92249568758151c18a
34bf0a6e6af354e339aba8730c5d137286a0fb67ef4c336988ff1e0820f77b69
3aab23a646fd6fbc331c416eeb7a5a4fd951e510d772f1d589c9c2aa45587fd8
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
44d9566cf755a28feaed14d3fa6ed6eab3f26ae1b7b1cce4040609c619ef8b7e
45a81b25e39e421b082118205814b8ae0e32f6104007e3fe90c114d9bcdd6fdb
46e176ee02676068302f7f4189631a2f41ed6f92124312947088df1c0a4d5379
482b0eda2fe622902f74232004c17f964a3989613690e4260f27f07d09c8808b
4cb266fc9509198fe273f4d8577a1142dd06d4886f8ed2cd38ae79aaeec92024
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
58130f679c92b89fab392486bc0e87f0647977bcc5061feb8bd765e92403c0cb
5aab0b663cc922a7781824196f4b922d5d17bb890fb5277132cbc12bfa1cb885
5adf96e308da99ff859ce9f9def91ab592aaf77f0cd528a09727c40dbccaac5a
5b593e7ab0339a6fa51df85b039fbf0c671ad227a47c34e9f06f4b2b27fe4105
5d4ce55f9502507af18ca06e4d51d7cecd3ddef6cc9cbec3296abe5e537edcf4
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60fc64659f2ce268bac1844104a7145b50445753f50904ab9d12926242b2a425
612e70a2ae412d4ed4b9903bbc24fb7f403123886776869dff2f24b6fe0e124b
62e95be4d99144b4c49f591d9227e30b444387bacb945a02c9397d90be2c0536
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c447b1b96c81e99a267d4fdb4b3b2d5538565903c57fb99c192f0d6f8ea5c12
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8206aaad2698a0eaa839f6fd03c894e43454a3fb1465bfdc9c3ce8f466e9be10
833ffea4efbd767c70abe840bd8cb4fb326a0e47cf829154cd0042bb52eb6488
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853d47c7bc290fd333f0c4e91551b1d124ce35682005e7a98be8dc671c518cf1
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
975121ec6c41c4e61102665c537d0c9e6f9b5d850ae1f8a92d5debbc32019e7a
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab37673ccc17e5db9391ac3ab4e561332422a72556eec9897dc60c96c988200
a166d6a7059214c1c661d09d408b62ca42d05147b55886f7e77d9d78a3933cea
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3b1f20f10f803c14b02a452f4ab1aec808ad5c26d1025f44b4aa84fdef10e31
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9f82a3e7a4b7eeae50dac358780185db9173c9c29643e7692e88f7292a2f59e
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81
ca40b7beb16d5bd7e5820f63d52abe9bbbc5a8fed74fe7a036fff77aba76c281
cda67e5fcf14fb114700f6849bca668bf651f9c554b203b632b331eac57c4e77
d72220b2942e8b4dde4df582ef10ba9ce4f30f1441579fbe73d1e73a7177716a
dc2d63ec0e63132ecd4260b62cea2977e4da6f08e06e5221f7b461e5967b4090
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb2f3d6c05ccf97adc5961e1cc9a0b0e4f58402c14c66c141f333e81167668e
e01c2469427f03ea2386c7fc32ec51918a3e8813320465b59aa50be1a26d952d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e870ba133dc2c9dd52288d23afec311fdb956f97ef66bf8735fd09b785c79f4b
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa26bde65d6222b690433b62a0b94ca891532a69d22a1d574568cca53eafaab
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

lp.xpi.com.br Open in urlscan Pro 2a02:26f0:11a::5f65:1751 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

58 %IPv6

23 Domains

33 Subdomains

32 IPs

5 Countries

2185 kBTransfer

5781 kBSize

36 Cookies

2 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lp.xpi.com.br Open in urlscan Pro
2a02:26f0:11a::5f65:1751 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

58 %
IPv6

23
Domains

33
Subdomains

32
IPs

5
Countries

2185 kB
Transfer

5781 kB
Size

36
Cookies

113 HTTP transactions
1 data transactions