urlscan.io logo urlscan.io
SecurityTrails logo

xp-investimentosbr.com Open in urlscan Pro
191.252.4.62  Public Scan

Go To Rescan Add Verdict Report
URL: http://xp-investimentosbr.com/desktop/index.php
Submission: On July 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 5 countries across 31 domains to perform 261 HTTP transactions. The main IP is 191.252.4.62, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is xp-investimentosbr.com.
This is the only time xp-investimentosbr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 191.252.4.62 27715 (Locaweb S...)
1 146.75.120.157 54113 (FASTLY)
5 52.84.174.90 16509 (AMAZON-02)
2 18.165.201.17 16509 (AMAZON-02)
6 184.86.103.133 20940 (AKAMAI-ASN1)
5 2620:1ec:bdf::60 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 7 2620:1ec:c11:... 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
3 99.86.8.175 16509 (AMAZON-02)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
9 24 2a00:1450:400... 15169 (GOOGLE)
14 151.101.65.175 54113 (FASTLY)
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
44 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 18.173.154.44 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
9 20 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
15 142.250.185.194 15169 (GOOGLE)
5 10 142.250.74.198 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2600:9000:224... ()
5 5 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
7 2a03:2880:f17... 32934 (FACEBOOK)
3 20.114.190.119 8075 (MICROSOFT...)
1 52.43.2.154 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 184.30.16.191 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
13 35.241.45.82 15169 (GOOGLE)
3 52.67.144.49 16509 (AMAZON-02)
1 18.66.192.36 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
2 35.162.188.86 ()
261 44
19    191.252.4.62 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)
xp-investimentosbr.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    52.84.174.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-90.cdg50.r.cloudfront.net
cdn.elev.io
2    18.165.201.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-201-17.lhr50.r.cloudfront.net
cdn.appdynamics.com
6    184.86.103.133 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-133.deploy.static.akamaitechnologies.com
analytics.tiktok.com
5    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
3    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
7    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
24    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    151.101.65.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    2a02:26f0:480:21::217:d12e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.xpi.com.br
44    2a02:26f0:480:21::217:d137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.xpi.com.br
portal.xpi.com.br
customerattendance.xpi.com.br
static.xpi.com.br
api.xpi.com.br
2    18.173.154.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-44.muc50.r.cloudfront.net
xp.dnofd.com
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
20    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
15    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
10    142.250.74.198 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
9143205.fls.doubleclick.net
2    2a02:26f0:480:9b2::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
22    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
3    2600:9000:2248:f000:2:53b2:240:93a1 (United States)

ASN- ()
cdn.linkedin.oribi.io
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
7    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
1    52.43.2.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-2-154.us-west-2.compute.amazonaws.com
api.segment.io
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    184.30.16.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-191.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
13    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
3    52.67.144.49 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-67-144-49.sa-east-1.compute.amazonaws.com
s.dnofd.com
1    18.66.192.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-36.muc50.r.cloudfront.net
ofdb-u.dnofd.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    35.162.188.86 (None, )

ASN- ()
pdx-col.eum-appdynamics.com
Apex Domain
Subdomains		 Transfer
45 xpi.com.br
cdn.xpi.com.br — Cisco Umbrella Rank: 601697
portal.xpi.com.br
customerattendance.xpi.com.br
static.xpi.com.br
api.xpi.com.br — Cisco Umbrella Rank: 682877 Failed
2 MB
33 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
9143205.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
pubads.g.doubleclick.net — Cisco Umbrella Rank: 417
21 KB
30 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 2556
adservice.google.com — Cisco Umbrella Rank: 113
32 KB
27 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4469
udc-neb.kampyle.com — Cisco Umbrella Rank: 2153
248 KB
22 google.de
www.google.de — Cisco Umbrella Rank: 4752
2 KB
19 xp-investimentosbr.com
xp-investimentosbr.com
119 KB
15 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 169
123 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
420 KB
10 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1040
x.clarity.ms — Cisco Umbrella Rank: 8804
c.clarity.ms — Cisco Umbrella Rank: 1589
29 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
349 B
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
www.linkedin.com — Cisco Umbrella Rank: 544
px4.ads.linkedin.com — Cisco Umbrella Rank: 6544
5 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
c.bing.com — Cisco Umbrella Rank: 258
26 KB
6 dnofd.com
xp.dnofd.com — Cisco Umbrella Rank: 259129
s.dnofd.com — Cisco Umbrella Rank: 450931
ofdb-u.dnofd.com — Cisco Umbrella Rank: 764055
215 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 718
191 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 745
3 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
426 KB
5 elev.io
cdn.elev.io — Cisco Umbrella Rank: 28162
224 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
3 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
153 KB
3 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
11 KB
3 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1616
31 KB
2 eum-appdynamics.com
pdx-col.eum-appdynamics.com
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 833
20 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1293
c.go-mpulse.net — Cisco Umbrella Rank: 579
51 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3632
41 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1130
178 B
1 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 5801
121 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1191
68 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 768
15 KB
261 31
Domain Requested by
24 www.google.com 9 redirects xp-investimentosbr.com
23 cdn.xpi.com.br 1 redirects xp-investimentosbr.com
cdn.xpi.com.br
22 www.google.de xp-investimentosbr.com
9143205.fls.doubleclick.net
20 googleads.g.doubleclick.net 9 redirects xp-investimentosbr.com
19 xp-investimentosbr.com xp-investimentosbr.com
15 www.googleadservices.com xp-investimentosbr.com
9143205.fls.doubleclick.net
www.googleadservices.com
14 nebula-cdn.kampyle.com xp-investimentosbr.com
13 udc-neb.kampyle.com xp-investimentosbr.com
12 portal.xpi.com.br xp-investimentosbr.com
portal.xpi.com.br
10 9143205.fls.doubleclick.net 5 redirects www.googletagmanager.com
xp-investimentosbr.com
7 www.facebook.com xp-investimentosbr.com
7 www.gstatic.com xp-investimentosbr.com
www.google.com
www.gstatic.com
6 bat.bing.com xp-investimentosbr.com
bat.bing.com
6 analytics.tiktok.com xp-investimentosbr.com
analytics.tiktok.com
5 ct.pinterest.com xp-investimentosbr.com
5 adservice.google.com 9143205.fls.doubleclick.net
5 static.xpi.com.br xp-investimentosbr.com
5 www.googletagmanager.com xp-investimentosbr.com
5 www.clarity.ms xp-investimentosbr.com
5 cdn.elev.io xp-investimentosbr.com
4 px.ads.linkedin.com 4 redirects
4 customerattendance.xpi.com.br xp-investimentosbr.com
4 fonts.googleapis.com portal.xpi.com.br
static.xpi.com.br
4 www.google-analytics.com xp-investimentosbr.com
3 s.dnofd.com xp-investimentosbr.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 x.clarity.ms xp-investimentosbr.com
3 cdn.linkedin.oribi.io xp-investimentosbr.com
3 connect.facebook.net xp-investimentosbr.com
3 snap.licdn.com xp-investimentosbr.com
3 cdn.segment.com xp-investimentosbr.com
2 pdx-col.eum-appdynamics.com cdn.appdynamics.com
2 c.clarity.ms 1 redirects
2 px4.ads.linkedin.com xp-investimentosbr.com
2 stats.g.doubleclick.net www.googletagmanager.com
xp-investimentosbr.com
2 s.pinimg.com xp-investimentosbr.com
2 xp.dnofd.com xp-investimentosbr.com
2 cdn.appdynamics.com xp-investimentosbr.com
1 c.bing.com 1 redirects
1 ofdb-u.dnofd.com xp-investimentosbr.com
1 pubads.g.doubleclick.net xp-investimentosbr.com
1 api.xpi.com.br xp-investimentosbr.com
1 api.segment.io xp-investimentosbr.com
1 www.linkedin.com 1 redirects
1 c.go-mpulse.net xp-investimentosbr.com
1 region1.analytics.google.com www.googletagmanager.com
1 fast.wistia.com xp-investimentosbr.com
1 s.go-mpulse.net xp-investimentosbr.com
1 www.googleoptimize.com xp-investimentosbr.com
1 static.ads-twitter.com xp-investimentosbr.com
261 50

This site contains links to these domains. Also see Links.

Domain
www.xpi.com.br
cadastro.xpi.com.br
api.whatsapp.com
portal.xpi.com.br
Subject Issuer Validity Valid
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
cdn.elev.io
Amazon RSA 2048 M02		 2023-04-28 -
2024-05-26		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-20 -
2023-07-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
xpi.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-16 -
2023-09-18		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.dnofd.com
Amazon RSA 2048 M02		 2023-02-23 -
2023-11-02		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.segment.io
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-10		 a year crt.sh
*.eum-appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 10 frames:

Primary Page: http://xp-investimentosbr.com/desktop/index.php
Frame ID: 53B4365F9F9C3FBB24B0116F4727A6AA
Requests: 220 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Frame ID: 93539DE7690C0068782D8C86457BEBBF
Requests: 8 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Frame ID: 120352B208E6E972DA125CB30CD41904
Requests: 5 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Frame ID: 7DF8D4B7D4F51C4FA60FFE9E865DCA4D
Requests: 7 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Frame ID: CDA8D2E7CAD6A3C61C42406C5C4E6BC0
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=pt-PT&v=u35fw2Dx4G0WsO6SztVYg4cV&size=invisible&cb=qzxkjx74d62k
Frame ID: 03622F5569385BEDCD090F64015D81A9
Requests: 3 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Frame ID: 4AEFE40FCB6046F243DA4B4D9F700A01
Requests: 5 HTTP requests in this frame

Frame: https://ofdb-u.dnofd.com/web/ofdb/x.html
Frame ID: 6B9EA96ECC07630179493AA44034A8C2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb206ODA.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=7akrcot35d8l
Frame ID: D6B6C1947D89A5CB0AA484D7C2D32129
Requests: 5 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 23CB77319F127D13C7B06A90258B95C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XP Investimentos - Login Seguro

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

86 %
HTTPS

58 %
IPv6

31
Domains

50
Subdomains

44
IPs

5
Countries

4328 kB
Transfer

15520 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 25
  • http://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00 HTTP 301
  • https://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00
Request Chain 76
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php HTTP 302
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Request Chain 77
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php HTTP 302
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Request Chain 111
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=S7KtZK3_ILSg9u8P7uqzsAU&sscte=1&crd=&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjGRwStV1auFiKW-fbuqjPyNcff3EsKLzxQ&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWJFNFIyYkItc3NnSGVMV2lkVHhncEIwTGp2ZkdhRC1xU1UwNlJtOFVEcFQ0ZjlGUFIyVzhJTVEiEwjt0MSutoeAAxU0kP0HHW71DFY HTTP 302
  • https://www.google.com/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWJFNFIyYkItc3NnSGVMV2lkVHhncEIwTGp2ZkdhRC1xU1UwNlJtOFVEcFQ0ZjlGUFIyVzhJTVEiEwjt0MSutoeAAxU0kP0HHW71DFY&is_vtc=1&ocp_id=S7KtZK3_ILSg9u8P7uqzsAU&cid=CAQSKQBpAlJWNBd2Q-65kcRZJi6kXw5-05aY9aZ2VfM2Pl1EztJWLHrmu-mH&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjBfw-AKBhTkO6YK3S_GT4MtstDDuasLgSg&random=75703304 HTTP 302
  • https://www.google.de/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWJFNFIyYkItc3NnSGVMV2lkVHhncEIwTGp2ZkdhRC1xU1UwNlJtOFVEcFQ0ZjlGUFIyVzhJTVEiEwjt0MSutoeAAxU0kP0HHW71DFY&is_vtc=1&ocp_id=S7KtZK3_ILSg9u8P7uqzsAU&cid=CAQSKQBpAlJWNBd2Q-65kcRZJi6kXw5-05aY9aZ2VfM2Pl1EztJWLHrmu-mH&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjBfw-AKBhTkO6YK3S_GT4MtstDDuasLgSg&random=75703304&ipr=y
Request Chain 112
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=S7KtZNnDIaCO7_UP5J-QwAI&sscte=1&crd=&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjH2UAaZX-KmS0RlMH383rf6oaEYCyHeOHw&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWdnWFYwa3lGVElKT2UzNndrdHVrZW5lWm5PVnh4NDMzWUlBRUhEc1BpXzBZWEg4OGctM09wanciEwiZlcWutoeAAxUgx7sIHeQPBCg HTTP 302
  • https://www.google.com/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWdnWFYwa3lGVElKT2UzNndrdHVrZW5lWm5PVnh4NDMzWUlBRUhEc1BpXzBZWEg4OGctM09wanciEwiZlcWutoeAAxUgx7sIHeQPBCg&is_vtc=1&ocp_id=S7KtZNnDIaCO7_UP5J-QwAI&cid=CAQSKQBpAlJW_5yr0i4uRbGfA1iJVxt4K-eWDiDYoLxSNYM7Sad4xFhrUvnB&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjC8iafu8XLyynQU-PJ5tK4jokych0FQlxA&random=2299794654 HTTP 302
  • https://www.google.de/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWdnWFYwa3lGVElKT2UzNndrdHVrZW5lWm5PVnh4NDMzWUlBRUhEc1BpXzBZWEg4OGctM09wanciEwiZlcWutoeAAxUgx7sIHeQPBCg&is_vtc=1&ocp_id=S7KtZNnDIaCO7_UP5J-QwAI&cid=CAQSKQBpAlJW_5yr0i4uRbGfA1iJVxt4K-eWDiDYoLxSNYM7Sad4xFhrUvnB&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjC8iafu8XLyynQU-PJ5tK4jokych0FQlxA&random=2299794654&ipr=y
Request Chain 128
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D509235676%252C4044697%26time%3D1689104972395%26url%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true&e_ipv6=AQKzH27buqMtMgAAAYlGgH9He75b08RILEXRD54ZaFmPu2QmX677fVIMcdPqWXpS
Request Chain 140
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TLKtZIW2F4mD7_UP35S16AI&sscte=1&crd=&pscrd=IhMIhYz4rraHgAMVicG7CB1fSg0t HTTP 302
  • https://www.google.com/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhYz4rraHgAMVicG7CB1fSg0t&is_vtc=1&ocp_id=TLKtZIW2F4mD7_UP35S16AI&cid=CAQSKQBpAlJWx0nxS25bTn546PYJk23bJWwmOfWRsqS72EcJezZzmVDyAIbY&random=1141521177&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhYz4rraHgAMVicG7CB1fSg0t&is_vtc=1&ocp_id=TLKtZIW2F4mD7_UP35S16AI&cid=CAQSKQBpAlJWx0nxS25bTn546PYJk23bJWwmOfWRsqS72EcJezZzmVDyAIbY&random=1141521177&resp=GooglemKTybQhCsO&ipr=y
Request Chain 151
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TLKtZIOSJOqV7_UP-uG76Ak&sscte=1&crd=&pscrd=IhMIg-iEr7aHgAMV6sq7CB368A6d HTTP 302
  • https://www.google.com/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIg-iEr7aHgAMV6sq7CB368A6d&is_vtc=1&ocp_id=TLKtZIOSJOqV7_UP-uG76Ak&cid=CAQSKQBpAlJWgJqm9Xt-p8EgiPqgBZo4M8zzekP0j4-RIhIsPCbobITG3txn&random=3556588270&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIg-iEr7aHgAMV6sq7CB368A6d&is_vtc=1&ocp_id=TLKtZIOSJOqV7_UP-uG76Ak&cid=CAQSKQBpAlJWgJqm9Xt-p8EgiPqgBZo4M8zzekP0j4-RIhIsPCbobITG3txn&random=3556588270&resp=GooglemKTybQhCsO&ipr=y
Request Chain 158
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TLKtZO3wKLOu9u8P2vGD2AE&sscte=1&crd=&pscrd=IhMI7caJr7aHgAMVM5f9Bx3a-AAb HTTP 302
  • https://www.google.com/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI7caJr7aHgAMVM5f9Bx3a-AAb&is_vtc=1&ocp_id=TLKtZO3wKLOu9u8P2vGD2AE&cid=CAQSKQBpAlJWs4tnxQHKk40QW4LTn-L6_u-vf4sUkm2fgigtWhBzv8grd250&random=872932988&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI7caJr7aHgAMVM5f9Bx3a-AAb&is_vtc=1&ocp_id=TLKtZO3wKLOu9u8P2vGD2AE&cid=CAQSKQBpAlJWs4tnxQHKk40QW4LTn-L6_u-vf4sUkm2fgigtWhBzv8grd250&random=872932988&resp=GooglemKTybQhCsO&ipr=y
Request Chain 159
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 307
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Request Chain 160
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 307
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Request Chain 178
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&e_ipv6=AQJ7VdJkX-oz5AAAAYlGgIBoAdEBEJalOBoM3m1ltXdQUDiRlATVLPHrQbMoQBy_
Request Chain 183
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TbKtZL3bL5uf7_UPiquymAg&sscte=1&crd=&pscrd=IhMI_bXNr7aHgAMVm8-7CB2KlQyD HTTP 302
  • https://www.google.com/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_bXNr7aHgAMVm8-7CB2KlQyD&is_vtc=1&ocp_id=TbKtZL3bL5uf7_UPiquymAg&cid=CAQSKQBpAlJWB5HHnq17MIBudYyaGiuP15DLysF9EDptdy-4KC56oaF55G5X&random=3300674454&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_bXNr7aHgAMVm8-7CB2KlQyD&is_vtc=1&ocp_id=TbKtZL3bL5uf7_UPiquymAg&cid=CAQSKQBpAlJWB5HHnq17MIBudYyaGiuP15DLysF9EDptdy-4KC56oaF55G5X&random=3300674454&resp=GooglemKTybQhCsO&ipr=y
Request Chain 184
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TbKtZMzyL5Wj7_UPgoi2qA8&sscte=1&crd=&pscrd=IhMIjM3Nr7aHgAMVldG7CB0ChA31 HTTP 302
  • https://www.google.com/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjM3Nr7aHgAMVldG7CB0ChA31&is_vtc=1&ocp_id=TbKtZMzyL5Wj7_UPgoi2qA8&cid=CAQSKQBpAlJWljt_k_RpYy3y35SIaaalAaArmhjmK_oZ1kQISxcuFftdiGTq&random=3154502875&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjM3Nr7aHgAMVldG7CB0ChA31&is_vtc=1&ocp_id=TbKtZMzyL5Wj7_UPgoi2qA8&cid=CAQSKQBpAlJWljt_k_RpYy3y35SIaaalAaArmhjmK_oZ1kQISxcuFftdiGTq&random=3154502875&resp=GooglemKTybQhCsO&ipr=y
Request Chain 186
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TbKtZIavM6mT7_UPgvO6kAg&sscte=1&crd=&pscrd=IhMIxonRr7aHgAMVqcm7CB2CuQ6C HTTP 302
  • https://www.google.com/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIxonRr7aHgAMVqcm7CB2CuQ6C&is_vtc=1&ocp_id=TbKtZIavM6mT7_UPgvO6kAg&cid=CAQSKQBpAlJWhXN59-PeV1oG8P9BA2-0JFLPfc1JV6MrsDeucMfHiSgnjEfu&random=3527806617&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIxonRr7aHgAMVqcm7CB2CuQ6C&is_vtc=1&ocp_id=TbKtZIavM6mT7_UPgvO6kAg&cid=CAQSKQBpAlJWhXN59-PeV1oG8P9BA2-0JFLPfc1JV6MrsDeucMfHiSgnjEfu&random=3527806617&resp=GooglemKTybQhCsO&ipr=y
Request Chain 198
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 307
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Request Chain 229
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=T7KtZKahCOah9u8P05mo8AE&sscte=1&crd=&pscrd=IhMI5oSgsLaHgAMV5pD9Bx3TDAoe HTTP 302
  • https://www.google.com/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5oSgsLaHgAMV5pD9Bx3TDAoe&is_vtc=1&ocp_id=T7KtZKahCOah9u8P05mo8AE&cid=CAQSKQBpAlJW9PRai8e8mWipjb1yL27bmiRfD9U7McHsByxxs79RoZ4WsSNa&random=647525429&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5oSgsLaHgAMV5pD9Bx3TDAoe&is_vtc=1&ocp_id=T7KtZKahCOah9u8P05mo8AE&cid=CAQSKQBpAlJW9PRai8e8mWipjb1yL27bmiRfD9U7McHsByxxs79RoZ4WsSNa&random=647525429&resp=GooglemKTybQhCsO&ipr=y
Request Chain 232
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&RedC=c.clarity.ms&MXFR=1A2C272DD422647F31223466D0226A63 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&MUID=0150EA6DD3786FCB2B64F926D2F36EBD
Request Chain 233
  • http://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js HTTP 307
  • https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js

261 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
xp-investimentosbr.com/desktop/ 		300 KB
107 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET ARR/3.0 ASP.NET
Resource Hash
cc69c55b0e02220a8949e8c74ce813a73da2615355c65460c27c438246100f01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
109340
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Jul 2023 19:49:34 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET ARR/3.0 ASP.NET
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:28 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220062-FRA
elevio-main.js
cdn.elev.io/sdk/main/v4/1667454963835/ 		349 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.elev.io/sdk/main/v4/1667454963835/elevio-main.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-90.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca100f67c3c832bfa7cb76afcc6ecbbe307ccba2eaed8cf35628637a36febc1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 19:49:29 GMT
last-modified
Thu, 03 Nov 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
etag
W/"eec1aa8662ce1354612cbef7ebab5adf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public, immutable
x-amz-cf-id
BPUPN8jkBBvL_U5i-aEa27C_w2wAXIMxSMqf9S4gb6AiTi1zg3xuyA==
elevio-bootloader.js
cdn.elev.io/sdk/bootloader/v4/ 		794 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5d2e99ff7648f
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-90.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d2677df8d426eb1e570ec10145645fc6a07667d1705234094e46900d50fbdbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:32:25 GMT
x-amz-version-id
lkQCN04HjgzrCT9_fbf33mg.YP0ZGQYY
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 01:33:35 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
age
33424
etag
"bb29cc3dfe68d0f13cbd15d885129c71"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
794
x-amz-cf-id
s6y95tChX53ATJoQMuSnsBSPnqSWPzadq_CrvhF7vSipZ180NVDXmA==
adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
cdn.appdynamics.com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.201.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-17.lhr50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 21:09:35 GMT
content-encoding
gzip
via
1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P3
age
427196
x-cache
Hit from cloudfront
last-modified
Tue, 06 Sep 2022 21:05:12 GMT
server
nginx/1.16.1
etag
W/"6317b608-d132"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
syNLKxfMVs6PlJI1CNTJWF5r7DC84iqY48GocY_fgJH8P5LcL-6q_A==
main.MWE2YWY2YTgzMA.js
analytics.tiktok.com/i18n/pixel/static/ 		238 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id
b38aeb0
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230308202958192BBCFACA57C9D24374
vary
Accept-Encoding
x-cache
TCP_HIT from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c78173b0a51252b3f0f30a7bd7153ec0428438d54f75fce10a48f3906935459223057cb2086321ae992ac47610c048de8499a08bfa85ff32618d61a5118832005973dc1055493616538296b129bc1a6f76cb0938b0783b9e5ff0809df123c735
server-timing
cdn-cache; desc=HIT, edge; dur=2, inner; dur=15
content-length
69560
clarity.js
www.clarity.ms/eus-c/s/0.7.1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-length
0
x-azure-ref
20230711T194931Z-2b7rz8yvyh21v7qaqnavca7zp000000001pg000000016ugz
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
optimize-dyn.js
www.google-analytics.com/gtm/ 		57 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize-dyn.js?id=GTM-WTDNLDV&cid=95042055.1673635781&cb=0.10724738955345203
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5ba65e9c2f737d7d29d526a6bceef214b0698bcf788613f1ada10e728faba1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
x-xss-protection
0
expires
Tue, 11 Jul 2023 19:49:31 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 11 Jul 2023 19:49:30 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 50DCA33B23F4450F8B70E89AD2F65ADE Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:31Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 18:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4452
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jul 2023 20:35:19 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4acceb27d5386747691dd12c5370dbd49802c855347c17b9b0d8ca3f98cc9a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84455
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 19:49:31 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82e52f0e7997d459528dbe1cd7b904510f5e0ac6b3a712d7d8689bbc54bc8f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
2luIn5quxmS0f82nXQsKscgOmnT9_bjS
content-encoding
br
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 19:49:31 GMT
x-amz-cf-pop
FRA6-C1
age
43
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 13 Jun 2023 01:48:11 GMT
server
AmazonS3
etag
W/"2e52f32dab90d3c79c336c813f5e899d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
c1akrixHs_IHNKQ5ab2Q_qROxL-oTL3YEzzk561C17t1fe4qSJWGyA==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:15:12 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=62773
accept-ranges
bytes
content-length
490
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d28a3fb90d36dd110e6b486e9614403436d862203e473a642cb1f38339f1baf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id
25613a2e.b38afda
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
x-parent-response-time
165,184.86.102.133
server-timing
cdn-cache; desc=MISS, edge; dur=107, origin; dur=58, inner; dur=5
content-length
1231
pragma
no-cache
server
nginx
x-tt-logid
20230711194931D5D982615E5048B7CDB6
x-cache-remote
TCP_MISS from a23-44-202-201.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
58,23.44.202.201
x-tt-trace-host
01b62c302be944ad67bd2f5a9a44433182aeaea39e706c4ac36c58a36c33f88b45e9400965209c706b3f8cb3cd3ce64f496176b6d52fb6a77bae5869eb2ce0f69da25f99276880bfdfc9c3b1b1e68cc74b7717f75cbd24de3a8bba388a4ec9b4d947e84d7b15809dbf1d4f949f9ffce500
expires
Tue, 11 Jul 2023 19:49:31 GMT
4ldwp954ta
www.clarity.ms/tag/ 		841 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/4ldwp954ta
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90c1a03744155c490b8a88305dd703443f6346851a47b39812291ebc23516fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Tue, 11 Jul 2023 19:49:31 GMT
x-azure-ref
20230711T194931Z-2b7rz8yvyh21v7qaqnavca7zp000000001pg000000016uh1
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
841
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
504012280243809
connect.facebook.net/signals/config/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/504012280243809?v=2.9.92&r=stable
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55ed1b9ea009a079d6e2ff4cf0dc71872bd180700a02b1488257d81813a51bc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 19:49:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
wcFs0KxYCojDd40AMDN1cSzsKuGRe5JR7IWG3Qg65AGMzLb94RP2JERy96Xb4NnXP55+RGofAYX10dXnoAwW1g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 19:49:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
xEYsqkS2B9ocDnGL9kcI+Ql7MT7jFaeQswSdBj9jq99AVqRl/UDLZDq602IjwNcTPPAMwWmvSjL/n5Ya9hpX5g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8DZM87&l=dataLayer
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1776da4a07416faf818eb28a40470b42854f30beeb9b52b4f9d31b21706ad93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93270
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 19:25:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 19:49:31 GMT
optimize.js
www.googleoptimize.com/ 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-WTDNLDV
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6d5bd15fabc5ec7a64a905d955d354490f4488c2e52a43c42fb50b15e1d9715
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 19:49:31 GMT
gtm.js
www.googletagmanager.com/ 		441 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ffc4c26c92192a5252e62f0f8f326017695f430196e2f127773dc752d6fd769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125611
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 18:47:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 19:49:31 GMT
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__pt_pt.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1624
x-xss-protection
0
adrum.js
xp-investimentosbr.com/Scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/Scripts/adrum.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4914
Content-Type
text/html; charset=utf-8
enterprise.js
www.google.com/recaptcha/ 		974 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2d7b96268466e84a756f998f13f76fb0f2c814fd58d4d8a49ea02445aee8766e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616
x-xss-protection
1; mode=block
expires
Tue, 11 Jul 2023 19:49:28 GMT
js
www.googletagmanager.com/gtag/ 		181 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-941062297
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
018044cff5f5fe2d7371a4c478ee5a6397c5126674fe6fb6eb5e0307aefceb92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67935
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 18:47:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 19:49:28 GMT
embed.js
nebula-cdn.kampyle.com/wu/634815/onsite/ 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c16a7dfbe074d75ee2e74fc08f95bf824efa9442a2342cfe7865ca81f02fa6de
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
GVT6WrS8R.50_jZ6Xc8voVfqGsdepuzt
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:28 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
KTH699NA1CKGCWDR
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
518
x-amz-id-2
eXNCYjbNv+gx/L/ymts7X5AXURb1VJ99dJ8VpS/R0sd3dM78Zc1jkUiy3LdI27+uMpwH2/Fi7MQ=
x-served-by
cache-fra-eddf8230037-FRA
last-modified
Tue, 11 Jul 2023 18:57:59 GMT
server
AmazonS3
x-timer
S1689104969.829110,VS0,VE0
etag
"644b82a1ebe8eb50ed0080688eae6987"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
2
appInsightsConfiguration.js
xp-investimentosbr.com/desktop/xpi/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/appInsightsConfiguration.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4976
Content-Type
text/html; charset=utf-8
index.js
cdn.xpi.com.br/loadertools/
Redirect Chain
  • http://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00
  • https://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00
830 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c8ad9b7748abdef046ea99ddfeb62a7bab85558fe719e91a38982f9c34b180fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:29 GMT
content-encoding
gzip
content-md5
2rf8i+wLSY3nD9nES5QL4g==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=32, origin; dur=203, ak_p; desc="469195_389993847_260670671_23474_8232_12_0_-";dur=1
content-length
249155
x-ms-lease-status
unlocked
last-modified
Thu, 17 Mar 2022 21:51:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA08603B66F8E1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
91669bbb-f01e-0016-0361-b334d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19

Redirect headers

Location
https://cdn.xpi.com.br/loadertools/index.js?_V=2023-01-13-03-00
Date
Tue, 11 Jul 2023 19:49:28 GMT
Cache-Control
max-age=31536000
Server
AkamaiGHost
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469195_389993838_683975896_13_68554_7_-_-";dur=1
Content-Length
0
spinner.js
xp-investimentosbr.com/desktop/xpi/scripts/login/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/login/spinner.js?_V=2023-01-13-03-00
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4974
Content-Type
text/html; charset=utf-8
login.min.js
xp-investimentosbr.com/desktop/xpi/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/login.min.js?_V=2023-01-13-03-00
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4966
Content-Type
text/html; charset=utf-8
new-login-cs.js
xp-investimentosbr.com/desktop/xpi/scripts/login/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/login/new-login-cs.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4964
Content-Type
text/html; charset=utf-8
ads.js
xp-investimentosbr.com/desktop/xpi/scripts/login/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/login/ads.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4946
Content-Type
text/html; charset=utf-8
html.esm.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2b35d4d039b436a9494b3bed074905653ffc14b04961ee1cf0ce109853bec02d

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:28 GMT
content-encoding
gzip
content-md5
z15eR2Ywx1P03HJJKXZPZQ==
server-timing
cdn-cache; desc=HIT, edge; dur=34, origin; dur=0, ak_p; desc="469195_389993847_260670532_3423_8866_7_0_-";dur=1
content-length
5239
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057A1BBE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a5518c05-201e-0093-73a8-a41908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
QAQA2Y
xp-investimentosbr.com/kJ4t0K/WG/NL/Erou/Oif7MPfVwn/ELuSwrJmX15a/S20SQQE/ZEgpR/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/kJ4t0K/WG/NL/Erou/Oif7MPfVwn/ELuSwrJmX15a/S20SQQE/ZEgpR/QAQA2Y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:36 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
5006
Content-Type
text/html; charset=utf-8
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=145000350&Ver=2&mid=3bc056ae-1be5-4dd6-a71b-b423c4cb5247&sid=09dcc240937311eda31621e6602fbee0&vid=09dccde0937311eda3019b7335ec6c36&vids=0&msclkid=N&uach=pv%3D10.0.0&pi=918639831&lg=pt-PT&sw=1366&sh=768&sc=24&tl=XP%20Investimentos%20-%20Login%20Seguro&p=https%3A%2F%2Fportal.xpi.com.br%2F&r=&evt=pageLoad&sv=1&rn=387313
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:49:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 556722DFC1994EFF99786CCB444A9C94 Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:31Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic1673467816870.js
nebula-cdn.kampyle.com/us/wu/634815/onsite/ 		933 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1673467816870.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf12f95b980dfa2a5d095c5e0f3dd537e6f095a0adad1a5b5463f89e73dbe50e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
CdU94QFr6EXBUzj.V68VayBXX7ofsrqN
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:31 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
V6SCBZFMJVED96BJ
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
102364
x-amz-id-2
FWU9Nfyzv3Ny9Dd556S8gt0aYORsAHlpvazC6Z8jOPwXx9Fwdn7KxV1/T2ynxWE0ERTf2nEUJxY=
x-served-by
cache-fra-eddf8230037-FRA
last-modified
Wed, 11 Jan 2023 20:10:18 GMT
server
AmazonS3
x-timer
S1689104971.236186,VS0,VE3
etag
"c5216e3202ab4952eae035e65abf1a30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
elevio-main.js
cdn.elev.io/sdk/main/v4/1686792812996/ 		392 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.elev.io/sdk/main/v4/1686792812996/elevio-main.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-90.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6cf583c44c4a2d67623535d450edd9e568382f8d4bb206e9af8d2ce4b2da021

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:32:27 GMT
x-amz-version-id
GQVm6kTIDjztMfpRaDJR7p19ynkMaWZ_
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 01:33:34 GMT
server
AmazonS3
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
etag
W/"5bc3801e79cbad5fc3c60531806d3d91"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public, immutable
age
33425
x-amz-cf-id
lPj5OxhMW841kQ5xnh1thRZsx1PDhDcY5TaDqkH4gr_tvlyVdjhRVw==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 		431 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177423
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 12:49:47 GMT
OFDB.js
xp.dnofd.com/ofdb/ 		1016 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xp.dnofd.com/ofdb/OFDB.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-44.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dae72bda8b46cc7e176d1c2d56d524224a4166a7108109a4f10f3b12fe48b51a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
date
Tue, 11 Jul 2023 19:49:29 GMT
x-amz-cf-pop
MUC50-P3
age
566
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
196343
last-modified
Tue, 20 Jun 2023 17:16:01 GMT
server
AmazonS3
etag
"39b8cd6e58760489ce7603b7420a1545"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
EdTKNEJ1t7XwYMs4HIkMtTwBfPz-Izq2Purj0qJ_mjFX6dUXf4SRMA==
jquery.min.js
xp.dnofd.com/ofdb/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xp.dnofd.com/ofdb/jquery.min.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-44.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f26e9d7582e18ae223e3be61aeb2571038994eb323aa752291894abd76b9471

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
via
1.1 cb7ecd2473bf95a71af8d1ff8d1034fa.cloudfront.net (CloudFront)
x-amz-version-id
null
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
8435
last-modified
Tue, 20 Jun 2023 17:16:06 GMT
server
AmazonS3
etag
"8a5d5bd30f37b86597d650a31a8e1531"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
so0q3ynw17GQtEHbesv58O8fsKzreCFn__ZNDwWIKw5pDXC7LZ7w_w==
reset.css
portal.xpi.com.br/xpi/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/reset.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3ffb15573545729d2f1a2c847b172e2e0e43858fa58cffdc0db53f8c6db81655
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=775, origin; dur=7, ak_p; desc="469195_389993847_260671285_78287_356078_7_0_-";dur=1
content-length
607
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
generics2012mc.css
portal.xpi.com.br/xpi/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/generics2012mc.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
54bd419d9505c7fbd64c84136eff41737a2911d588efef0ccc2267f0b3a73997
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=766, origin; dur=6, ak_p; desc="469195_389993847_260671288_77235_356135_7_0_-";dur=1
content-length
5596
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
bootstrap.css
xp-investimentosbr.com/desktop/content/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/content/bootstrap.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:35 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4940
Content-Type
text/html; charset=utf-8
jquery-ui-1.9.2.custom.min.css
xp-investimentosbr.com/desktop/content/jquery-ui-xp-theme/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/content/jquery-ui-xp-theme/jquery-ui-1.9.2.custom.min.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:36 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
5012
Content-Type
text/html; charset=utf-8
xpbootstrap.css
xp-investimentosbr.com/desktop/content/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/content/xpbootstrap.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:36 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4944
Content-Type
text/html; charset=utf-8
minhaconta30.css
portal.xpi.com.br/xpi/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/minhaconta30.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2a798b43d205de53e3588023f488ef39b0f29b2edfd6e128115754b8c9994df3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=762, origin; dur=4, ak_p; desc="469195_389993847_260671284_76644_356288_7_0_-";dur=1
content-length
3729
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
baseNew.css
portal.xpi.com.br/xpi/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/baseNew.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b915790ab666dafed37820653f8d2a4c340fbdf71d5f311fc2f73ea91901dc24
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=767, origin; dur=3, ak_p; desc="469195_389993847_260671286_77051_356037_7_0_-";dur=1
content-length
5883
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
yield-home.css
portal.xpi.com.br/xpi/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/yield-home.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4192e92fc312be5443112921d93d4109e004865cc9b043d0aa4e88b340fc36d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=762, origin; dur=7, ak_p; desc="469195_389993847_260671292_76978_355969_7_0_-";dur=1
content-length
575
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
responsive.css
portal.xpi.com.br/xpi/css/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/responsive.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
004a84114f6e1bd4c5042f9cf5842c7014c2b05a33a67d31093713c837064678
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=767, origin; dur=3, ak_p; desc="469195_389993847_260671287_77035_356141_6_0_-";dur=1
content-length
7288
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
new-login-cs.css
portal.xpi.com.br/xpi/css/login/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/login/new-login-cs.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d2a692aef79cfbc33516c6c61862cc45d0a935f71ab4f925359a180ce44dc60b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=760, origin; dur=4, ak_p; desc="469195_389993847_260671293_76469_357060_7_0_-";dur=1
content-length
2872
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
login-cs.css
portal.xpi.com.br/xpi/css/login/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/login/login-cs.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8ced9a77d624308e1f39d3384a0b32c9f8dd312d343c1f8154f829735a3debb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=767, origin; dur=3, ak_p; desc="469195_389993847_260671289_77028_355996_7_0_-";dur=1
content-length
3373
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
accordion.css
portal.xpi.com.br/xpi/css/login/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/login/accordion.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3c872b84edaa31274ff9d473c79e5ea016b70d974dec8160aa22209994143beb
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=769, origin; dur=4, ak_p; desc="469195_389993847_260671290_77350_355993_7_0_-";dur=1
content-length
1579
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
xp-spinner.min.css
portal.xpi.com.br/xpi/css/atendimento/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.xpi.com.br/xpi/css/atendimento/xp-spinner.min.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5260d94ea3da7034227de29817a1c0a524f897ef32325cece70720bed3e03d72
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=760, origin; dur=3, ak_p; desc="469195_389993847_260671291_76332_356035_7_0_-";dur=1
content-length
519
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700
Requested by
Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/new-login-cs.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1390b37d41bf25297e61453d05926ca26423dc12d51dde6cc3ab323059cb3e08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.xpi.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 18:58:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 19:49:30 GMT
css
fonts.googleapis.com/ 		12 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.xpi.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 18:33:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 19:49:30 GMT
css
fonts.googleapis.com/ 		2 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:100
Requested by
Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
140f422d2b9411b10a77818e21b279021c5b02c59019dbf03d538270166397ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.xpi.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 19:49:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 19:49:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 19:49:30 GMT
8DDC3-DGW9A-K2LAS-M6TL2-STC4Q
s.go-mpulse.net/boomerang/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/8DDC3-DGW9A-K2LAS-M6TL2-STC4Q
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
last-modified
Tue, 27 Jun 2023 07:46:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
51580
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/?random=1673643207470&cv=11&fst=1673643207470&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1d86acaf1ff2a8f2f02467b204b5a6670430663894cc3fb815641c0ec7c6d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1310
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1673643207479&cv=11&fst=1673643207479&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d00ab2039c403ba0ff1131f7c3d2957a6393e62130099f18b9edfc0d6979a3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1673643207481&cv=11&fst=1673643207481&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=cX-MCIju9YAYENmL-_Qo&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e060eb1b6bd8fd92cca7c7eda6458ef5bbfbccc877cddf9e80e9443a78b8aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/?random=1673643207761&cv=11&fst=1673643207761&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1366&u_h=768&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35825a86af65183f99c020623368870e165fa1c4eaa900e6b7fc065a8956b8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
145000350.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/145000350.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 11 Jul 2023 19:49:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A180F00A66048B89F82DDF1716DACEF Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:31Z
x-cache
CONFIG_NOCACHE
identify_c4832.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id
b38aeae
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230226155036F0D9A2B481C2E024D99F
vary
Accept-Encoding
x-cache
TCP_HIT from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01644f6a9a73b83bf5f6aa7b7a12b8a5b6466f1203eaad70bb2b46ad51d6ac284d9b7b4b955796f582cb0c144d6c4ce1d08f1e395180919f724d16ffe35211d66fb9c64c75171f0063cceb257e3f2c5f9e358fb301bdec84b555b1cb5420441df2
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=12
content-length
30656
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/?random=1673643208517&cv=11&fst=1673643208517&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c0ec2924b2b11e41b1ce688693749e7752be1d2cce837fd81098b5c94488803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
import.css
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/ 		624 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3eaf0fb993760aa69b242e7a25d9ae117b723a6d3083cf98b9abcdb558bc0276

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
content-md5
ggxu5xhB2CCAlQdezOnicg==
server-timing
cdn-cache; desc=HIT, edge; dur=46, origin; dur=0, ak_p; desc="469195_389993847_260673432_4605_8222_7_0_-";dur=1
content-length
173
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 20:51:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB78197EDD68FC
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7c2a382b-d01e-0011-0902-aa58b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
main.js
customerattendance.xpi.com.br/widgetelevio/assets/js/ 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customerattendance.xpi.com.br/widgetelevio/assets/js/main.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
43b258bc8073d36494d06c622415db04061dc1885f437e434d036b1ba3d3d320

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 21:32:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
s7nNkD92d3MtlFmwgFm3bw==
etag
0x8DB3AD450372D04
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
daeeacf2-701e-0024-3c30-b40ddf000000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=MISS, edge; dur=257, origin; dur=20, ak_p; desc="469195_389993847_260673704_27698_7680_6_0_-";dur=1
vendors.js
customerattendance.xpi.com.br/widgetelevio/assets/js/ 		1 MB
398 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customerattendance.xpi.com.br/widgetelevio/assets/js/vendors.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
17a3eaba9d243bbf7adfc7607a8a8b4bff06ed08f054990be5efea6f267062db

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 21:32:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
UJMc9Btle1ZOX1vFQuqXnw==
etag
0x8DB3AD4503B7223
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
05d61636-301e-0028-2630-b4e32e000000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=MISS, edge; dur=233, origin; dur=20, ak_p; desc="469195_389993847_260673713_25298_7028_8_0_-";dur=1
commons.js
customerattendance.xpi.com.br/widgetelevio/assets/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customerattendance.xpi.com.br/widgetelevio/assets/js/commons.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4c6b1995eb4968255e21f88b09bab157a4afa6047c2c099d995b33b83bc6029d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 21:32:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
lcXQWlcy7VYgL8GPTcH8tg==
etag
0x8DB3AD4501D6739
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
711545fe-201e-0015-6330-b45608000000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=MISS, edge; dur=216, origin; dur=31, ak_p; desc="469195_389993847_260673724_24708_7573_10_0_-";dur=1
content-length
6120
main.css
customerattendance.xpi.com.br/widgetelevio/assets/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customerattendance.xpi.com.br/widgetelevio/assets/css/main.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6a46d24641c9c7547bf5354b5bd55a3ab70ea00065586a9e05ce43ae54a0b431

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2023 21:32:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
j01Y2QWFAoCYir/A4D3Ccg==
etag
0x8DB3AD4501BB9BD
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
711545eb-201e-0015-5130-b45608000000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=MISS, edge; dur=199, origin; dur=7, ak_p; desc="469195_389993847_260673511_20661_14608_7_0_-";dur=1
content-length
1172
commons.css
static.xpi.com.br/cs/attendance-tools/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xpi.com.br/cs/attendance-tools/assets/css/commons.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c4489fbcd3c81d284fb96084d17903234a5ba23048d07c9632602969e7d7f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Fri, 24 Feb 2023 13:58:50 GMT
server
Microsoft-IIS/10.0
etag
"09161f5848d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
1806
faq.css
static.xpi.com.br/cs/attendance-tools/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xpi.com.br/cs/attendance-tools/assets/css/faq.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cdddce71fdc2455dfef89c6ca6bd4a2d38b0508268fb5315a8b4c3035282e471

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Fri, 24 Feb 2023 13:58:50 GMT
server
Microsoft-IIS/10.0
etag
"09161f5848d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600,public
accept-ranges
bytes
content-length
1675
vendors.js
static.xpi.com.br/cs/attendance-tools/assets/js/ 		1 MB
405 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xpi.com.br/cs/attendance-tools/assets/js/vendors.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d74063184fe81263b626046e701bc3989e10b8e7ab3edf3831657c9289347ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 21:53:42 GMT
server
Microsoft-IIS/10.0
etag
"0f7b449884cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14
accept-ranges
bytes
content-length
413828
commons.js
static.xpi.com.br/cs/attendance-tools/assets/js/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xpi.com.br/cs/attendance-tools/assets/js/commons.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab87cd626a4aef2d3955e831a2dc64337054623021ee889e0082d32c9d66961d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 21:53:42 GMT
server
Microsoft-IIS/10.0
etag
"0f7b449884cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=185
accept-ranges
bytes
content-length
10034
faq.js
static.xpi.com.br/cs/attendance-tools/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xpi.com.br/cs/attendance-tools/assets/js/faq.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
91ce38d680cba5d0a5940ed32f09a815b63df85a48f4b29d5a4da76538ed75a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 21:53:42 GMT
server
Microsoft-IIS/10.0
etag
"0f7b449884cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3
accept-ranges
bytes
content-length
2872
E-v1.js
fast.wistia.com/assets/external/ 		699 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d1d83d3b31a1bdcb62a940d70013d1ad23608a3c856e46e7b38ca1c59656e5e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
366
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
122941
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-eddf8230045-FRA
x-browser-version
114
last-modified
Tue, 11 Jul 2023 19:42:32 GMT
server
AmazonS3
x-timer
S1689104972.532813,VS0,VE0
etag
"6bd6296a12de4977318c8859d0b8fbfe"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
72d1e440d4b9c264805ef3963f4e591e5885405d
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
39, 28
/
www.googleadservices.com/pagead/conversion/636894557/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/636894557/?random=1673643238150&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&bttype=purchase&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
86b2f7ab7a2f5b4c37cda08f6f15fcc5f526aff6a2f7eb4d9e4d1601b3198f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1709
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/399764261/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/399764261/?random=1673643238156&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&bttype=purchase&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ac3511b92316824c5f58f3befd5b93df712fafe404bd84250c2453732b39a89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1703
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scripts
xp-investimentosbr.com/bundles/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/bundles/scripts?v=nh79-wCWuC_SiipJcPbx-j30VC7ODqnTFMNpVp02qIs1
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:38 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4959
Content-Type
text/html; charset=utf-8
activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex...
9143205.fls.doubleclick.net/ Frame 9353
Redirect Chain
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Find...
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-i...
2 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
e32d29d0231dc446781d9c7ac46397b38cc966ee68e6c6a61b4af30483a45c71
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
538
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:31 GMT
expires
Tue, 11 Jul 2023 19:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2...
9143205.fls.doubleclick.net/ Frame 1203
Redirect Chain
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop...
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%...
1 KB
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
862250065afb1cf9288eef238739938a786482b4657e2f705cb6136678c37de3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:31 GMT
expires
Tue, 11 Jul 2023 19:49:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 11 Jul 2023 19:49:31 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 735BD4E4A5254E1BAA1C673CE0B9B84F Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:31Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/?random=1689104971562&cv=11&fst=1689104971562&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5266d5157c13576135475a4e12581f816b6184650caca9dc097b76633d8b7e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9b2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
101365ad0e2eb2eb542c6137bbd44dc947123d1791d9cbcf29e062ffe6001ef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"b40a83df6a03e235c87b1039ceb02375"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1457
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1689104971571&cv=11&fst=1689104971571&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5759f31fc7fea7a28d60b457857c24c614645bb95ebc37522934aa3ce6ee48c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1689104971572&cv=11&fst=1689104971572&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&label=cX-MCIju9YAYENmL-_Qo&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f13882fab24b949d9c075853887475fa13183b74dcea0bea3a5aa502bf0084c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1434
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K7SCJ3&l=dataLayer
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f88db0dd020ce6d0ea1b7a0edde19fe3741baf410ed1bb6cdae03fc4c98ea4f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64030
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 18:47:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 19:49:31 GMT
4ldwp954ta
www.clarity.ms/tag/ 		841 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/4ldwp954ta
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90c1a03744155c490b8a88305dd703443f6346851a47b39812291ebc23516fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Tue, 11 Jul 2023 19:49:31 GMT
x-azure-ref
20230711T194931Z-2b7rz8yvyh21v7qaqnavca7zp000000001pg000000016uk8
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
841
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
last-modified
Mon, 10 Jul 2023 18:56:17 GMT
etag
W/"0x8DB817757AB9A71"
vary
Accept-Encoding
x-azure-ref
20230711T194931Z-2b7rz8yvyh21v7qaqnavca7zp000000001pg000000016uk9
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
f2aee627-b01e-0031-3cdc-b3cfc8000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
656
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Jun 2023 22:21:38 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=40504
accept-ranges
bytes
content-length
4777
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HM1230DXLC&gtm=45je37a0&_p=1221781851&_gaz=1&cid=1801877036.1689104972&ul=en-us&sr=1600x1200&_s=1&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&sid=1689104971&sct=1&seg=0&dt=XP%20Investimentos%20-%20Login%20Seguro&en=page_view&_fv=2&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xp-investimentosbr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HM1230DXLC&cid=1801877036.1689104972&gtm=45je37a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xp-investimentosbr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HM1230DXLC&cid=1801877036.1689104972&gtm=45je37a0&aip=1&z=641557259
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		7 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap
Requested by
Host: static.xpi.com.br
URL: https://static.xpi.com.br/cs/attendance-tools/assets/css/commons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e787d9426af63537034df2649677ef0aa960290c609dc17db14f784d14040d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xpi.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 19:49:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jul 2023 19:49:31 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/?random=1689104971723&cv=11&fst=1689104971723&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17388e914da69f1ee8c6d650043903662adb6f680d8119ad32e217b38761f94f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 		774 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/settings
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
391c0ac2c492fec7973388144f628fcbdd8b6e76b4efebad59251f7795dffd0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
_HR41ts4WAlS4NWpZFQOab1_..9H4pLh
date
Tue, 11 Jul 2023 18:23:46 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5146
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
774
last-modified
Wed, 21 Sep 2022 02:44:04 GMT
server
AmazonS3
etag
"562b59f24568650f9438d5ed5225db2a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
8xMjW52qHA26MBJogkdqrmX61aye8celCJOcrHAm-f9wSVG469pUuA==
settings
cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 		774 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/settings
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
391c0ac2c492fec7973388144f628fcbdd8b6e76b4efebad59251f7795dffd0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
_HR41ts4WAlS4NWpZFQOab1_..9H4pLh
date
Tue, 11 Jul 2023 18:23:46 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5146
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
774
last-modified
Wed, 21 Sep 2022 02:44:04 GMT
server
AmazonS3
etag
"562b59f24568650f9438d5ed5225db2a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
bWdlCSMeEmNr6uy12IiO8Bb9T7TY1ZZFmlACECTRqBGj6VTKnhvVcw==
1242954859141196
connect.facebook.net/signals/config/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1242954859141196?v=2.9.111&r=stable
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d9593a8e527d7188946144abc8bc0eb33947b6bac122f06505b6d8a055bb2c7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 19:49:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZZQyTjzAaSwcYw9HtNT8EqZuTcf2r/8DP9Ahl8s6ImvJecSYXG76764D46Y7saw/UVQsVpzaObmqriR6nDfpzQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 9353 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:31 GMT
dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=*;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined...
adservice.google.com/ddm/fls/z/ Frame 9353 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=*;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 1203 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:31 GMT
dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=*;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=...
adservice.google.com/ddm/fls/z/ Frame 1203 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=*;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1221781851&t=pageview&_s=1&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&dp=%2Fdesktop%2Findex.php&ul=en-us&de=UTF-8&dt=XP%20Investimentos%20-%20Login%20Seguro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUABTAAAACAEK~&jid=1928843294&gjid=816924277&cid=1801877036.1689104972&tid=UA-5145909-16&_gid=1571794178.1689104972&_r=1&_slc=1&gtm=45He37a0n81NZZVKVD&cd35=n%C3%A3o&cd36=nc&cd81=GTM-NZZVKVD%20-%20625&cd83=Security%20Services%3Alogin&cd6=1801877036.1689104972&z=1577735732
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xp-investimentosbr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTExNWE3NjU4MA.js
analytics.tiktok.com/i18n/pixel/static/ 		325 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTExNWE3NjU4MA.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0fd0be12e8082eb2a38e1a97ab05cf96f31784bb209611f859416ebe52c9a863

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id
b38bf79
date
Tue, 11 Jul 2023 19:49:31 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202307061332514A1E9E8E469F522BE344
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01381de331f031f03a03c5f540b5db0830a38544bed855a83648f2fbcd7eda4899c9630f9c5fa2352f531ed40fcb1b8fb8f3bec5ebbb79626395c3a57caf5623cf00859e8cf398c223f24911de57e6230fadc0c24fc28a417a9503ac7fa9e582f3
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
88611
/
www.google.com/pagead/1p-user-list/10982704601/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10982704601/?random=1673643207479&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1159930031&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10982704601/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10982704601/?random=1673643207479&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1159930031&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/635217008/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/635217008/?random=1673643207470&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1612773788&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/635217008/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/635217008/?random=1673643207470&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1612773788&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10982704601/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10982704601/?random=1673643207481&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=cX-MCIju9YAYENmL-_Qo&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=4114308864&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10982704601/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10982704601/?random=1673643207481&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=cX-MCIju9YAYENmL-_Qo&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=4114308864&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/941062297/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/941062297/?random=1673643207761&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2633700451&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/941062297/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/941062297/?random=1673643207761&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2633700451&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/797073946/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/797073946/?random=1673643208517&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2855003663&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/797073946/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/797073946/?random=1673643208517&cv=11&fst=1673640000000&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2855003663&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/636894557/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8...
  • https://www.google.com/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadserv...
  • https://www.google.de/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservi...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWJFNFIyYkItc3NnSGVMV2lkVHhncEIwTGp2ZkdhRC1xU1UwNlJtOFVEcFQ0ZjlGUFIyVzhJTVEiEwjt0MSutoeAAxU0kP0HHW71DFY&is_vtc=1&ocp_id=S7KtZK3_ILSg9u8P7uqzsAU&cid=CAQSKQBpAlJWNBd2Q-65kcRZJi6kXw5-05aY9aZ2VfM2Pl1EztJWLHrmu-mH&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjBfw-AKBhTkO6YK3S_GT4MtstDDuasLgSg&random=75703304&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/636894557/?random=1425483757&cv=11&fst=1673643238150&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=HouYCLue8N4BEN362K8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWJFNFIyYkItc3NnSGVMV2lkVHhncEIwTGp2ZkdhRC1xU1UwNlJtOFVEcFQ0ZjlGUFIyVzhJTVEiEwjt0MSutoeAAxU0kP0HHW71DFY&is_vtc=1&ocp_id=S7KtZK3_ILSg9u8P7uqzsAU&cid=CAQSKQBpAlJWNBd2Q-65kcRZJi6kXw5-05aY9aZ2VfM2Pl1EztJWLHrmu-mH&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjBfw-AKBhTkO6YK3S_GT4MtstDDuasLgSg&random=75703304&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/399764261/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B...
  • https://www.google.com/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservi...
  • https://www.google.de/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservic...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWdnWFYwa3lGVElKT2UzNndrdHVrZW5lWm5PVnh4NDMzWUlBRUhEc1BpXzBZWEg4OGctM09wanciEwiZlcWutoeAAxUgx7sIHeQPBCg&is_vtc=1&ocp_id=S7KtZNnDIaCO7_UP5J-QwAI&cid=CAQSKQBpAlJW_5yr0i4uRbGfA1iJVxt4K-eWDiDYoLxSNYM7Sad4xFhrUvnB&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjC8iafu8XLyynQU-PJ5tK4jokych0FQlxA&random=2299794654&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/399764261/?random=945886747&cv=11&fst=1673643238156&bg=ffffff&guid=ON&async=1&gtm=2wg1a1&u_w=1366&u_h=768&label=4ceFCMickv0BEKXWz74B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fportal.xpi.com.br%2F&tiba=XP%20Investimentos%20-%20Login%20Seguro&value=0&auid=1234031376.1673635780&uaa=x86&uab=64&uafvl=Not%253FA_Brand%3B8.0.0.0%7CChromium%3B108.0.5359.73%7CGoogle%2520Chrome%3B108.0.5359.73&uap=Windows&uapv=10.0.0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFB1enBRWVExWUgxclBtQXlPVDlBUkltQUZqcE9qcnhWN1RaeTNJSkEwZHNoZEFJcWZNMXNLb29GR3hOak1TU2ZWeWFCTkN2MUZFGlpDaEVJOFB1enBRWVFvcTduNUxTUTZ0dm9BUkl1QU9Vd2xiYWdnWFYwa3lGVElKT2UzNndrdHVrZW5lWm5PVnh4NDMzWUlBRUhEc1BpXzBZWEg4OGctM09wanciEwiZlcWutoeAAxUgx7sIHeQPBCg&is_vtc=1&ocp_id=S7KtZNnDIaCO7_UP5J-QwAI&cid=CAQSKQBpAlJW_5yr0i4uRbGfA1iJVxt4K-eWDiDYoLxSNYM7Sad4xFhrUvnB&eitems=ChAI8PuzpQYQ2ZOGrpWo3KBxEh0A7UWXjC8iafu8XLyynQU-PJ5tK4jokych0FQlxA&random=2299794654&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fechar_banner_mobile.svg
xp-investimentosbr.com/xpi/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xp-investimentosbr.com/xpi/images/fechar_banner_mobile.svg
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
92e114da8a28183a2030e1938445ee4ed45f67979c67ee0bd6e8b75ccccdcedb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4952
Content-Type
text/html; charset=utf-8
logo_xp_banner_mobile.svg
xp-investimentosbr.com/xpi/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xp-investimentosbr.com/xpi/images/logo_xp_banner_mobile.svg
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
4b488f2de1aee5abf08fedc2ff5547852ba8b2748ff30408f2e831cb92f7a71e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4954
Content-Type
text/html; charset=utf-8
logo.png
xp-investimentosbr.com/desktop/img/ 		711 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xp-investimentosbr.com/desktop/img/logo.png
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
a49ef57dcfdb2f096c56700f3185dcc75542b9b884780425be1212f19e0f8dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Last-Modified
Tue, 11 Jul 2023 02:19:38 GMT
Server
Microsoft-IIS/10.0
ETag
"e30e8249eb3d91:0"
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
711
ScriptResource.axd
xp-investimentosbr.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/ScriptResource.axd?d=KsN2F9I13MKIO0dOHrV78086SWW7VZCZcWhM1X3UeCrS78gU3PivqntrUU39ryXrkT0cnWkc7gYx4G5bQO7ImyrOQGjVXvkQyv50a5q-V8g4h_Pg0&t=397b6a7
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
1929
Content-Type
text/html; charset=utf-8
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=8DDC3-DGW9A-K2LAS-M6TL2-STC4Q&d=xp-investimentosbr.com&t=5630350&v=1.632.0&sl=0&si=ndy891vcuy-rxndqj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=597198
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
809240d2f615cb172773c567496ac4ae67d66bb17eab378f358ead1639b8871b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 11 Jul 2023 19:49:32 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
img_bulletamarela2013v2.png
portal.xpi.com.br/xpi/images/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.xpi.com.br/xpi/images/login/img_bulletamarela2013v2.png
Requested by
Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/baseNew.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b58e63522ed30c37d93941fd881ae0329f54371eede6871e91781031de5fc84b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.xpi.com.br/xpi/css/baseNew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:32 GMT
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=192, origin; dur=106, ak_p; desc="469195_389993847_260674904_29783_10162_7_0_-";dur=1
content-length
1166
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
content-type
image/png
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
/
www.googleadservices.com/pagead/conversion/765733756/ Frame 9353 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765733756/?random=1689104972372&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e73c46aaa8da9eaff6eeb041887f1f4c278086f79a2faebfec17fa2f9af5ef1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1586
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/635217008/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/635217008/?random=1689104971562&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=3753973170&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/635217008/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/635217008/?random=1689104971562&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=3753973170&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.3b72c6cf.js
s.pinimg.com/ct/lib/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.3b72c6cf.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9b2::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
853bca381644d813e309ed7d034c5da6737aec2741dc28f52e5344cd5baf012d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"35f24de4bd7e8791535207ae982af550"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18006
/
www.google.com/pagead/1p-user-list/10982704601/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10982704601/?random=1689104971571&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=123382711&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10982704601/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10982704601/?random=1689104971571&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=123382711&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10982704601/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10982704601/?random=1689104971572&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&cid=CAQSKQBpAlJWkH9ZyCX0i-5oVvL2c0jVTtx43dH8Zrcoc6EX238bG2vs_piw&random=2182052224&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10982704601/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10982704601/?random=1689104971572&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&cid=CAQSKQBpAlJWkH9ZyCX0i-5oVvL2c0jVTtx43dH8Zrcoc6EX238bG2vs_piw&random=2182052224&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/token
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:f000:2:53b2:240:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
gzip
via
1.1 c920ea2f130edd74e94c18ea9d06d98a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
B8zOKhL1Qy2xj0rwIsiLW2OP7y4idgHaN_vym57Et4kccljeb2KXww==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D509235676%252C4044697%26time%3D1689104972395%26url%3Dhttp%253A%252F%252Fxp-invest...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true&e_ipv6=AQKzH27b...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true&e_ipv6=AQKzH27buqMtMgAAAYlGgH9He75b08RILEXRD54ZaFmPu2QmX677fVIMcdPqWXpS
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DB2DF23186714727AFB0C59BF2E44524 Ref B: DUS30EDGE0707 Ref C: 2023-07-11T19:49:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAO2X2n0RQqEql2rvfaA==

Redirect headers

date
Tue, 11 Jul 2023 19:49:33 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 44425A8C6AC5480798C66BB2DE96D55F Ref B: FRAEDGE1122 Ref C: 2023-07-11T19:49:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104972395&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cookiesTest=true&liSync=true&e_ipv6=AQKzH27buqMtMgAAAYlGgH9He75b08RILEXRD54ZaFmPu2QmX677fVIMcdPqWXpS
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAO2XxEjty2sj4PHclng==
token
cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/ 		36 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/token
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:f000:2:53b2:240:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
gzip
via
1.1 c920ea2f130edd74e94c18ea9d06d98a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
8LkSA2gy-XFO5XZ0i63kZzxmqoC4dRTAskgpHpMM6Ik7Cl1GsSFiYg==
token
cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4044697,509235676/domain/xp-investimentosbr.com/token
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:f000:2:53b2:240:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
gzip
via
1.1 c920ea2f130edd74e94c18ea9d06d98a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
GpSZgZreSykl4XnLEETv66XFosyMEB9CdNMaBn-_KjjbPAIQ4OR7NA==
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5145909-16&cid=1801877036.1689104972&jid=1928843294&gjid=816924277&_gid=1571794178.1689104972&_u=aCDACUAATAAAACAEK~&z=1121364481
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:49:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xp-investimentosbr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1242954859141196&ev=PageView&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104972493&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=28&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&tm=1&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1242954859141196&ev=ViewContent&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104972500&cd[value]=0&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=28&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&tm=1&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
conversion.js
www.googleadservices.com/pagead/ Frame 9353 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:32 GMT
/
www.google.com/pagead/1p-user-list/941062297/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/941062297/?random=1689104971723&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1361956700&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/941062297/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/941062297/?random=1689104971723&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1361956700&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/765503342/ Frame 1203 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765503342/?random=1689104972581&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
495ee10d94f20f30e799221290021685802cd4afd91668f96e7fbb1ab212af55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1567
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://xp-investimentosbr.com
Date
Tue, 11 Jul 2023 19:49:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
p
api.segment.io/v1/ 		21 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.2.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-2-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://xp-investimentosbr.com
date
Tue, 11 Jul 2023 19:49:33 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
/
www.google.de/pagead/1p-conversion/765733756/ Frame 9353
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C4...
  • https://www.google.com/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&...
  • https://www.google.de/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhYz4rraHgAMVicG7CB1fSg0t&is_vtc=1&ocp_id=TLKtZIW2F4mD7_UP35S16AI&cid=CAQSKQBpAlJWx0nxS25bTn546PYJk23bJWwmOfWRsqS72EcJezZzmVDyAIbY&random=1141521177&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765733756/?random=1191019750&cv=9&fst=1689104972372&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIhYz4rraHgAMVicG7CB1fSg0t&is_vtc=1&ocp_id=TLKtZIW2F4mD7_UP35S16AI&cid=CAQSKQBpAlJWx0nxS25bTn546PYJk23bJWwmOfWRsqS72EcJezZzmVDyAIbY&random=1141521177&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5145909-16&cid=1801877036.1689104972&jid=1928843294&_u=aCDACUAATAAAACAEK~&z=133262315
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5145909-16&cid=1801877036.1689104972&jid=1928843294&_u=aCDACUAATAAAACAEK~&z=133262315
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/765503342/ Frame 9353 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765503342/?random=1689104972660&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5871c37bf2b44471207d8398cc773aa6260c9f0204bab6d0a59e23d012b591e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1589
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTExNWE3NjU4MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
13d0f731.b38cfc9
date
Tue, 11 Jul 2023 19:49:33 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
x-parent-response-time
721,184.86.102.133
server-timing
cdn-cache; desc=MISS, edge; dur=329, origin; dur=398, inner; dur=325
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023071119493209E84AF7D6657325050C
x-cache-remote
TCP_MISS from a23-32-16-78.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
398,23.32.16.78
x-tt-trace-host
01b62c302be944ad67bd2f5a9a44433182368592b5edd14535635414fc039e8f8068f644fe493cf8c2b666c392f1aa0533109bb79c79b6540a453439aa93fcb1f5eb8d09ce9597eb31f3fc41bafd2ea4ac3906bc50ebe9e1483c0b36862fe069c665545f9722f20ab0035a5bb97242a88d
expires
Tue, 11 Jul 2023 19:49:33 GMT
novo_background_home1888x745.jpg
portal.xpi.com.br/xpi/images/login/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.xpi.com.br/xpi/images/login/novo_background_home1888x745.jpg
Requested by
Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e13aa256ba6a5ac89a8aebd90e847e553d7cb04afd59ddd5688ea5741740a870
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
Strict-Transport-Security maxage
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.xpi.com.br/xpi/css/login/login-cs.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
maxage
content-security-policy
frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 19:49:32 GMT
x-powered-by
ASP.NET
server-timing
cdn-cache; desc=MISS, edge; dur=192, origin; dur=9, ak_p; desc="469195_389993847_260675479_20124_9657_7_0_-";dur=1
content-length
55031
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified
Tue, 27 Jun 2023 01:02:00 GMT
server
Microsoft-IIS/8.5
etag
"0b42bfa92a8d91:0"
expect-ct
maxage
content-type
image/jpeg
access-control-allow-origin
*.xpi.com.br
access-control-expose-headers
Request-Context
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
XP-RegularLighthouse.otf
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/XP-RegularLighthouse.otf
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a77ca9f6933ffcc4e79fc270ef64669f0ee5643f59d821add684a66c9d8bc633

Request headers

Referer
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:32 GMT
last-modified
Wed, 28 Jun 2023 20:51:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
KShsKW7cTHTen4xx1U0X1A==
etag
0x8DB78197EDFD997
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
ced490ef-201e-0067-4a02-aad2fe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="469195_389993847_260675480_2723_8021_7_0_-";dur=1
content-length
77496
flecha.png
xp-investimentosbr.com/desktop/img/ 		277 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xp-investimentosbr.com/desktop/img/flecha.png
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
974992cb3b723cd673814b8c73aaa9b6dc22aff6604f4a8b643d2e321ca7427c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Last-Modified
Tue, 11 Jul 2023 02:19:38 GMT
Server
Microsoft-IIS/10.0
ETag
"dec1d1249eb3d91:0"
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
277
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 16:31:22 GMT
x-content-type-options
nosniff
age
443891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jul 2024 16:31:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options
nosniff
age
225004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jul 2024 05:19:29 GMT
XP-MediumLighthouse.otf
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/XP-MediumLighthouse.otf
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dae5bcfb262c5b42c1caaa02e12c1d6c78a11a40c02ff147a8510eb4149d6920

Request headers

Referer
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:32 GMT
last-modified
Wed, 28 Jun 2023 20:51:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
bu0DZxEehBSlaDJD3QYDAA==
etag
0x8DB78197EDF1664
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7c2a7c1c-d01e-0011-3902-aa58b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
server-timing
cdn-cache; desc=HIT, edge; dur=17, origin; dur=0, ak_p; desc="469195_389993847_260675539_1703_10497_8_0_-";dur=1
content-length
77924
/
www.google.de/pagead/1p-conversion/765503342/ Frame 1203
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46...
  • https://www.google.com/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u...
  • https://www.google.de/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIg-iEr7aHgAMV6sq7CB368A6d&is_vtc=1&ocp_id=TLKtZIOSJOqV7_UP-uG76Ak&cid=CAQSKQBpAlJWgJqm9Xt-p8EgiPqgBZo4M8zzekP0j4-RIhIsPCbobITG3txn&random=3556588270&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CNPUy662h4ADFYtewgodLx4HJQ;src=9143205;type=xp_pages;cat=xp-se0;ord=undefined--20230711;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765503342/?random=158370911&cv=9&fst=1689104972581&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNPUy662h4ADFYtewgodLx4HJQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3Dundefined--20230711%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIg-iEr7aHgAMV6sq7CB368A6d&is_vtc=1&ocp_id=TLKtZIOSJOqV7_UP-uG76Ak&cid=CAQSKQBpAlJWgJqm9Xt-p8EgiPqgBZo4M8zzekP0j4-RIhIsPCbobITG3txn&random=3556588270&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		562 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613332717308&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1689104972831&dep=2%2CPAGE_LOAD
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.c7641102.1689104973.3c670899
x-envoy-upstream-service-time
1
content-length
385
x-pinterest-rid
3030429595638907
pin-unauth
dWlkPU1EZzROVEkwT0RFdE5HTTJaQzAwTkRjekxUbG1OV0V0TjJNeVpqUTVNemxpTURZeQ
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://xp-investimentosbr.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		562 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613332717308&cb=1689104972835&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.c7641102.1689104973.3c67089a
x-envoy-upstream-service-time
1
content-length
385
x-pinterest-rid
1410533358075435
pin-unauth
dWlkPVkySTFOV0k1WkdNdE9EQXhNQzAwWTJWakxUZ3daREV0Tnprd01EQTJPRGszTVdFMA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://xp-investimentosbr.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613332717308&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223b72c6cf%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1689104972836
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.c7641102.1689104973.3c67089b
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1217827066705293
expires
Sat, 01 Jan 2000 00:00:00 GMT
flecha-azul.png
xp-investimentosbr.com/desktop/img/ 		260 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xp-investimentosbr.com/desktop/img/flecha-azul.png
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
c46f1007e48cdf62e728326dc954ddf0cfec0387f093228d28ae36250458f6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Last-Modified
Tue, 11 Jul 2023 02:19:38 GMT
Server
Microsoft-IIS/10.0
ETag
"5ec4d1249eb3d91:0"
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
260
elevio-noto-sans-400.woff
cdn.elev.io/sdk/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.elev.io/sdk/fonts/elevio-noto-sans-400.woff
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-90.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Jul 2023 19:49:34 GMT
via
1.1 0fbe9200309f14e6a7ec7ccd4461e0ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
13976
last-modified
Tue, 07 Jul 2020 06:02:44 GMT
server
AmazonS3
etag
"66388ef84ff4c5d874ed3875ea4c110b"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
YE0Di1J1NB_oo4ma6AGoUT6zhMCGLbjIfCieba5DAp8Hs7cWZIxcAw==
elevio-noto-sans-700.woff
cdn.elev.io/sdk/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.elev.io/sdk/fonts/elevio-noto-sans-700.woff
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-90.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d4ad7bdeea12089935e069557d320d851f83aaa2fb5a95b02669dc71cfc69eb

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Jul 2023 19:49:34 GMT
via
1.1 0fbe9200309f14e6a7ec7ccd4461e0ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
13744
last-modified
Tue, 07 Jul 2020 06:02:44 GMT
server
AmazonS3
etag
"d0f1cc11f68556411a88c400c8e199ed"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
XYW_y8Fsj8bH-C-xpYY0rEDhFF7cNDzk1cmrHt9fErf_1In1d-Dg1Q==
/
www.google.de/pagead/1p-conversion/765503342/ Frame 9353
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C4...
  • https://www.google.com/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&...
  • https://www.google.de/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI7caJr7aHgAMVM5f9Bx3a-AAb&is_vtc=1&ocp_id=TLKtZO3wKLOu9u8P2vGD2AE&cid=CAQSKQBpAlJWs4tnxQHKk40QW4LTn-L6_u-vf4sUkm2fgigtWhBzv8grd250&random=872932988&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CO3Ny662h4ADFRpAHgIdBeMLAg;src=9143205;type=xp_pages;cat=xp-pa0;ord=1219885530160;gtm=45He37a0;auiddc=1655224205.1689104971;u1=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php;u3=undefined;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765503342/?random=1727067289&cv=9&fst=1689104972372&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCO3Ny662h4ADFRpAHgIdBeMLAg%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D1219885530160%3Bgtm%3D45He37a0%3Bauiddc%3D1655224205.1689104971%3Bu1%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3Bu3%3Dundefined%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttp%253A%252F%252Fxp-investimentosbr.com%252Fdesktop%252Findex.php%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI7caJr7aHgAMVM5f9Bx3a-AAb&is_vtc=1&ocp_id=TLKtZO3wKLOu9u8P2vGD2AE&cid=CAQSKQBpAlJWs4tnxQHKk40QW4LTn-L6_u-vf4sUkm2fgigtWhBzv8grd250&random=872932988&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.16736357...
9143205.fls.doubleclick.net/ Frame 7DF8
Redirect Chain
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635...
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.167363...
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fporta...
2 KB
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
b7e3b9ceef7c82a53f111f3723469f9ea1e4d80572760c44ba75cda585f8b305
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:33 GMT
expires
Tue, 11 Jul 2023 19:49:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=9...
9143205.fls.doubleclick.net/ Frame CDA8
Redirect Chain
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=...
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3...
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=htt...
1 KB
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
bc4966dfeae31353586904404bd500dcb756ad217c6f0ed405cd88b784b654db
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
478
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:33 GMT
expires
Tue, 11 Jul 2023 19:49:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clearSession.js
xp-investimentosbr.com/desktop/xpi/scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://xp-investimentosbr.com/desktop/xpi/scripts/clearSession.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
191.252.4.62 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/desktop/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 19:49:39 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET, ARR/3.0, ASP.NET
Content-Length
4952
Content-Type
text/html; charset=utf-8
rulesXP
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/ 		0
0
rulesXP
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ocp-apim-subscription-key
Access-Control-Request-Method
GET
Origin
http://xp-investimentosbr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-length
0
date
Tue, 11 Jul 2023 19:49:33 GMT
warning
True-Client-Port:36794
/
ct.pinterest.com/v3/ 		35 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613332717308&cb=1689104973361&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1EZzROVEkwT0RFdE5HTTJaQzAwTkRjekxUbG1OV0V0TjJNeVpqUTVNemxpTURZeQ%22%2C%22aem_st%22%3A%22e8b46ed357ac1e566df67500874b113db82956c7d2270ed20ca9da8e7885fbca%22%2C%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223b72c6cf%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.c7641102.1689104973.3c6708fb
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
content-length
35
x-pinterest-rid
1685460110325032
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1242954859141196&ev=PageView&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104973369&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=28&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=504012280243809&ev=PageView&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104973375&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
conversion.js
www.googleadservices.com/pagead/ Frame CDA8 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:33 GMT
dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https...
adservice.google.com/ddm/fls/z/ Frame CDA8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 7DF8 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:33 GMT
dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;...
adservice.google.com/ddm/fls/z/ Frame 7DF8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4ldwp954ta
www.clarity.ms/tag/ 		842 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/4ldwp954ta
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e61aae49d6e13114e756afc4de8da6c44844636ddf1a81bb773e123162fef644

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Tue, 11 Jul 2023 19:49:33 GMT
x-azure-ref
20230711T194933Z-2b7rz8yvyh21v7qaqnavca7zp000000001pg000000016uu4
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
842
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1221781851&t=event&ni=1&_s=1&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&dp=%2Fdesktop%2Findex.php&ul=en-us&de=UTF-8&dt=XP%20Investimentos%20-%20Login%20Seguro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=error&ea=clarity&el=TypeError%3A%20google_tag_manager.GTM-NZZVKVD.macro%20is%20not%20a%20function&_u=aCDACUABTAAAACAEK~&jid=&gjid=&cid=1801877036.1689104972&tid=UA-5145909-16&_gid=1571794178.1689104972&gtm=45He37a0n81NZZVKVD&cd35=n%C3%A3o&cd36=nc&cd81=GTM-NZZVKVD%20-%20625&cd83=Security%20Services%3Alogin&cd108=v2&cd109=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&cd6=1801877036.1689104972&z=1832143507
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 09:21:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37712
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.133 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-133.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
99b4156323dc82d355c6a62f6f668ccd05705c938fff878f362db3ba143cc66d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id
b38e6af
date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-86-102-133.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
content-length
1230
pragma
no-cache
server
nginx
x-tt-logid
2023071119493393CEDB5F93F56DBA459D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
94,184.86.102.133
x-tt-trace-host
01b62c302be944ad67bd2f5a9a444331824419023be8db942d13df8bac788ccbd55a989357d6f904e911ad44b7068637f8913127ac8aa4c68ca205a62020a0c7c7523f94df84fdfe1651e62b8af589209729545248bd805c7929b65150ae2d9e0d
expires
Tue, 11 Jul 2023 19:49:33 GMT
/
www.googleadservices.com/pagead/conversion/765733756/ Frame 7DF8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765733756/?random=1689104973776&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4687be7860dfe8fded1fddcc3df1b9101badfc767f0e78f4f37d3b6ca22a863c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1605
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/765503342/ Frame CDA8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765503342/?random=1689104973778&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a3bbb5d5eefa492bbf9f7da8b69e805d238a6513ec56764fc7bed4e42641e341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1576
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/765503342/ Frame 7DF8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/765503342/?random=1689104973819&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
79b920c92fa02edc8f25bcfe0c28297cede789fb0e3e6275f612e2ad6d077c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1603
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
656
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Jun 2023 22:21:38 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=40501
accept-ranges
bytes
content-length
4777
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&e_ipv6=AQJ7VdJkX-oz5AAA...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&e_ipv6=AQJ7VdJkX-oz5AAAAYlGgIBoAdEBEJalOBoM3m1ltXdQUDiRlATVLPHrQbMoQBy_
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:33 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AF266E6CEED2413D86F12FCD8CC26F50 Ref B: DUS30EDGE0707 Ref C: 2023-07-11T19:49:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAO2X4fVLYWkNUJa7Mow==

Redirect headers

date
Tue, 11 Jul 2023 19:49:33 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 773868A1C0E74254B50209424AC7B8EE Ref B: FRAEDGE1122 Ref C: 2023-07-11T19:49:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=509235676%2C4044697&time=1689104973841&conversionId=6537097&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&e_ipv6=AQJ7VdJkX-oz5AAAAYlGgIBoAdEBEJalOBoM3m1ltXdQUDiRlATVLPHrQbMoQBy_
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAO2X1WZu4QMjlUMbU4Q==
DFPAudiencePixel;ord=%20[pubads.g.doubleclick.net]4395032782405492;dc_seg=6962937254
pubads.g.doubleclick.net/activity;dc_iu=/8003922/ 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/8003922/DFPAudiencePixel;ord=%20[pubads.g.doubleclick.net]4395032782405492;dc_seg=6962937254?
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://xp-investimentosbr.com
Date
Tue, 11 Jul 2023 19:49:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/?random=1689104973929&cv=11&fst=1689104973929&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa67202d6fd3aa6689dad4b83b66e8cc5f3dae3dcb2152b3dac961a8899c3093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=504012280243809&ev=Microdata&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104973979&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtXP%20Investimentos%20-%20Login%20Seguro%5Cn%22%2C%22meta%3Adescription%22%3A%22Fa%C3%A7a%20seu%20login%20seguro%20e%20acesse%20a%20%C3%A1rea%20logada%20da%20XP%20Investimentos%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22XP%20Investimentos%20-%20Login%20Seguro%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fportal.xpi.com.br%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.xpi.com.br%2FXPI%2Fimages%2Fxp_logo.jpg%22%2C%22og%3Asite_name%22%3A%22XP%20Investimentos%20-%20Login%20Seguro%22%2C%22og%3Adescription%22%3A%22Fa%C3%A7a%20o%20seu%20login%20seguro%20e%20acesse%20a%20%C3%A1rea%20logada%20da%20XP%20Investimentos%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.google.de/pagead/1p-conversion/765733756/ Frame 7DF8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C4...
  • https://www.google.com/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&...
  • https://www.google.de/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_bXNr7aHgAMVm8-7CB2KlQyD&is_vtc=1&ocp_id=TbKtZL3bL5uf7_UPiquymAg&cid=CAQSKQBpAlJWB5HHnq17MIBudYyaGiuP15DLysF9EDptdy-4KC56oaF55G5X&random=3300674454&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765733756/?random=1919876090&cv=9&fst=1689104973776&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI_bXNr7aHgAMVm8-7CB2KlQyD&is_vtc=1&ocp_id=TbKtZL3bL5uf7_UPiquymAg&cid=CAQSKQBpAlJWB5HHnq17MIBudYyaGiuP15DLysF9EDptdy-4KC56oaF55G5X&random=3300674454&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/765503342/ Frame CDA8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C4...
  • https://www.google.com/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&...
  • https://www.google.de/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjM3Nr7aHgAMVldG7CB0ChA31&is_vtc=1&ocp_id=TbKtZMzyL5Wj7_UPgoi2qA8&cid=CAQSKQBpAlJWljt_k_RpYy3y35SIaaalAaArmhjmK_oZ1kQISxcuFftdiGTq&random=3154502875&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CInYr6-2h4ADFctDwgodw88O1w;src=9143205;type=xp_pages;cat=xp-se0;ord=95042055.1673635781--20230113;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765503342/?random=1512566493&cv=9&fst=1689104973778&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCInYr6-2h4ADFctDwgodw88O1w%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D95042055.1673635781--20230113%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIjM3Nr7aHgAMVldG7CB0ChA31&is_vtc=1&ocp_id=TbKtZMzyL5Wj7_UPgoi2qA8&cid=CAQSKQBpAlJWljt_k_RpYy3y35SIaaalAaArmhjmK_oZ1kQISxcuFftdiGTq&random=3154502875&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/actionp/ 		0
122 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=145000350&Ver=2&mid=40b32bd9-8884-4a8f-975f-c470535ebe8a&evt=dedup
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:49:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3E6BAC5A608A4AC084EC80F3F3029AF7 Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/765503342/ Frame 7DF8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46...
  • https://www.google.com/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u...
  • https://www.google.de/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIxonRr7aHgAMVqcm7CB2CuQ6C&is_vtc=1&ocp_id=TbKtZIavM6mT7_UPgvO6kAg&cid=CAQSKQBpAlJWhXN59-PeV1oG8P9BA2-0JFLPfc1JV6MrsDeucMfHiSgnjEfu&random=3527806617&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CN7cr6-2h4ADFR1FHgIdCfwBMA;src=9143205;type=xp_pages;cat=xp-pa0;ord=5449488476865;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=95042055.1673635781;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/765503342/?random=850958922&cv=9&fst=1689104973776&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCN7cr6-2h4ADFR1FHgIdCfwBMA%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D5449488476865%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D95042055.1673635781%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIxonRr7aHgAMVqcm7CB2CuQ6C&is_vtc=1&ocp_id=TbKtZIavM6mT7_UPgvO6kAg&cid=CAQSKQBpAlJWhXN59-PeV1oG8P9BA2-0JFLPfc1JV6MrsDeucMfHiSgnjEfu&random=3527806617&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index-3fcaf980.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		127 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc21778ba7ea0483b8d2f1b97cba7328de1fad24ec1832e90a5691cb862e2e3b

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
lTKjuMELpFsCLuJr6T2CAg==
server-timing
cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="469195_389993847_260677298_1333_8089_7_0_-";dur=1
content-length
30170
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057D017D
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2150c63f-901e-0086-49dd-680ebb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
app-globals-502d7db3.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/app-globals-502d7db3.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
27e0d13f10cae008ba2de8670a6c24c27d8d1e773222302c714702965c9d3c8d

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
09gv/KJv4IESGZPcSaD0WQ==
server-timing
cdn-cache; desc=HIT, edge; dur=40, origin; dur=0, ak_p; desc="469195_389993847_260677299_3993_8060_15_0_-";dur=1
content-length
1878
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC0572C9E5
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c7707a08-b01e-0017-16a4-886b09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
index.esm-5e8aee4f.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index.esm-5e8aee4f.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f553f6b2a866f141b651e929e5a62d6ebc785dcace0e3f124e2df6e7b86524c8

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
8boHy5pSgXm/mSEMmIdCSw==
server-timing
cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="469195_389993847_260677306_1383_7877_7_0_-";dur=1
content-length
607
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057F4B1A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0a81d62c-e01e-0047-7053-b2a959000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
_commonjsHelpers-fd4b916d.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/_commonjsHelpers-fd4b916d.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
122b310043d61550b9f727cb30ec6463ea0ffdf3cbd53fe9896a3b402804ca7c

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
tj1ZwnHiiR752AopjdVP0w==
server-timing
cdn-cache; desc=HIT, edge; dur=36, origin; dur=0, ak_p; desc="469195_389993847_260677307_3626_7591_15_0_-";dur=1
content-length
626
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC059E6708
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f7d9153c-b01e-0017-4c89-ae6b09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
index-b873f3f6.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-b873f3f6.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
52adbad8f15ff713261524bba7c7b6c8055caa80ff0f2cbd0a0042f669e3462e

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
lQu/5dxDoYgPJ9uk/OMUVA==
server-timing
cdn-cache; desc=HIT, edge; dur=35, origin; dur=0, ak_p; desc="469195_389993847_260677308_3487_7838_15_0_-";dur=1
content-length
3676
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057F2410
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4d6398e1-201e-0058-30da-b31a5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
index-ee618681.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-ee618681.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3dfe9125cc2a8cada49e6831253425a352e3acc6909f72f84c70bba029f408b0

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
mD6h8+iG7/F9JEvSL9i8CA==
server-timing
cdn-cache; desc=HIT, edge; dur=72, origin; dur=0, ak_p; desc="469195_389993847_260677309_7221_7684_16_0_-";dur=1
content-length
9685
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057A69D4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
67e27da3-601e-003b-0655-a987a6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
environment-24fb2ad2.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/environment-24fb2ad2.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9ee83d76d1dca56e2d0a938933f41d18440b07c8ef7f56267c548fcfda4cf51a

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
OjiW7l376XOsI/jq7JLXJQ==
server-timing
cdn-cache; desc=HIT, edge; dur=39, origin; dur=0, ak_p; desc="469195_389993847_260677310_3917_7835_15_0_-";dur=1
content-length
595
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057CDA73
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
baa74606-701e-00a1-60a8-76197f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
index.js
cdn.xpi.com.br/soma/soma/ds/3.6.0/tokens/themes/xp-empresas/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/ds/3.6.0/tokens/themes/xp-empresas/index.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9f34aacdf03b0b576b8bee6c27a54318534d87af345817f3fe18c99ebed797f6

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
4NCoAhqtvlqzGHBXGoM7oQ==
server-timing
cdn-cache; desc=HIT, edge; dur=19, origin; dur=0, ak_p; desc="469195_389993847_260677393_1888_8665_14_0_-";dur=1
content-length
7225
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:18:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC8D04CC15
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7d92aa29-301e-0026-3f98-798a1a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
/
www.google.com/pagead/1p-user-list/941062297/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/941062297/?random=1689104973929&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3779395425&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/941062297/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/941062297/?random=1689104973929&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3779395425&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 0362 		50 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=pt-PT&v=u35fw2Dx4G0WsO6SztVYg4cV&size=invisible&cb=qzxkjx74d62k
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd093508127b396fc1d7191606388040eeb094b64c4eadb2d94760835af39ee1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EcwrrKe1PL2nRapcsupWhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28035
content-security-policy
script-src 'report-sample' 'nonce-EcwrrKe1PL2nRapcsupWhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=http...
9143205.fls.doubleclick.net/ Frame 4AEF
Redirect Chain
  • http://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=htt...
  • https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=ht...
  • https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;...
1 KB
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
d7411cf9e9b65b6b9ac52189a9b4a00af78afe2db10bcf73fc5ca7b6acbbab96
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
517
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:34 GMT
expires
Tue, 11 Jul 2023 19:49:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1242954859141196&ev=30segVisit&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104974517&sw=1600&sh=1200&v=2.9.111&r=stable&ec=3&o=28&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=504012280243809&ev=30segVisit&dl=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&rl=&if=false&ts=1689104974518&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1689104972492.1284979958&it=1689104971811&coo=false&exp=a0&rqm=GET
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 19:49:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
formData1658262066878_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/38337/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/38337/formData1658262066878_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34a2998dd32a9786a54d66bedef632b08df0943deca7fccf325e233f4830d51c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
1.YWNIJgbvScaIytle7qZSp5dyNWdMww
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:34 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
N5TJ4ZVJSV65KN5F
x-cache
HIT
content-length
2908
x-amz-id-2
sCjjAoefhevmpSgH/Xy5LLnyEsts8b8sEtvjRVS7uIA+/PhXCe1hNcvLLHONlwcDT0LPR84GXB0=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Tue, 19 Jul 2022 20:21:08 GMT
server
AmazonS3
x-timer
S1689104975.686402,VS0,VE6
etag
"34b69a878e6920da86cf005fc8e09f68"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
x-cache-hits
1
formData1658262586175_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/40221/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/40221/formData1658262586175_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46e2b360cda1325aea8a73a2e3a81de5ac0df3f99eff6eb1b1c7287c99e3b6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
SvjDCEY7UyQEOMEN.YoSaJFrSPE6.rL_
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:34 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
N5TWJPBYDV4TTV4S
x-cache
HIT
content-length
3071
x-amz-id-2
idnAETnLnJaIuXEGjRq7Yo+r7rQ9yxsJndAnB5qXdDx5td/jn8lsjGSALUpyma++FicOhHEVCKQ=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Tue, 19 Jul 2022 20:29:47 GMT
server
AmazonS3
x-timer
S1689104975.686379,VS0,VE6
etag
"f9ee1ce5609d88042056f89676cb25aa"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
x-cache-hits
1
formData1658262518004_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/40222/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/40222/formData1658262518004_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1e053ab5104b844528d423f512091e80520587aba630a93f8c2a7d72fdf6900
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
MUnxErq4xzRnBZ3FYlrsY2tUUUy1.Cor
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:34 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
N5TQ4HTHRT8Y4JHE
x-cache
HIT
content-length
3066
x-amz-id-2
DHa8ofzm4EJ/ip1YLHdTLdjy3rQ5G5mYftye1L52s6EMq6BPgPOoEAsiDAQ7tlF3/y3Nq5/zH0M=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Tue, 19 Jul 2022 20:28:39 GMT
server
AmazonS3
x-timer
S1689104975.686552,VS0,VE2
etag
"0887a65ef99ece91eb8b262f863247f1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
x-cache-hits
1
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4OTEwNDk3NDYzNyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg5NDY4MDgzMTIxNzYtMGY0YjU4NzViY2JmZGYtNmEzMzUwNTQtMWQ0YzAwLTE4OTQ2ODA4MzEzMTBiNSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ3ZWJzaXRlSWQiOiA2MzQ4MTUsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImMzMjUtNGZjNS0yOGI5LTFhNTQtNTgwNi0yMGZjLTlkZTAtYzRiMCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjg5MTA0OTc0NjMxIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDk0Niwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDguMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDguMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY4OTEwNDk3NDYzNywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsImZlZWRiYWNrX2NvcnJlbGF0aW9uX3V1aWQiOiBudWxsfQpdfQ==
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-7b6n
date
Tue, 11 Jul 2023 19:49:34 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
styles__ltr.css
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame 0362 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=pt-PT&v=u35fw2Dx4G0WsO6SztVYg4cV&size=invisible&cb=qzxkjx74d62k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
recaptcha__pt_pt.js
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/ Frame 0362 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__pt_pt.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=pt-PT&v=u35fw2Dx4G0WsO6SztVYg4cV&size=invisible&cb=qzxkjx74d62k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
conversion.js
www.googleadservices.com/pagead/ Frame 4AEF 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
server
cafe
etag
5565525223662320794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:49:34 GMT
dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F...
adservice.google.com/ddm/fls/z/ Frame 4AEF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-5f36
date
Tue, 11 Jul 2023 19:49:34 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://xp-investimentosbr.com
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
soma-alert.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-alert.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7275437de0752a12e8e308fb781792b81a4322261b3bde3873a1c77ce292c5e1

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
rElVCWcQ9SWn1tmY38N33A==
server-timing
cdn-cache; desc=HIT, edge; dur=33, origin; dur=0, ak_p; desc="469195_389993847_260677962_3314_8762_14_0_-";dur=1
content-length
1985
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057F4B1A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c50c6c4c-201e-0077-22aa-741796000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
soma-radio.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-radio.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f19d63af6476af921c5e7dcd4f31d005ad3ea7028314088c5b10c43a6d7b279

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
GEitFwUyTv31+91k0ubtVQ==
server-timing
cdn-cache; desc=HIT, edge; dur=33, origin; dur=0, ak_p; desc="469195_389993847_260677975_3317_7939_13_0_-";dur=1
content-length
2292
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC058E8B01
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0551176f-d01e-00a8-4082-995cac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
soma-radio-group.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-radio-group.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e85cf06ac9ea469abc6dd7f696e9cbf93da324837703e97966c1b8ff3b7bb543

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
kqtBXrJO9xun7A+B2DFOsg==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=25, origin; dur=213, ak_p; desc="469195_389993847_260677976_23855_7510_11_0_-";dur=1
content-length
947
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC058F7538
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
35af8e12-501e-0020-61cd-79b9a5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
soma-tab.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-tab.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
628e97d5c061cab283317499fbbc7c93dd474c9eaa18b333f5b59bc0022c99be

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
nkceBrn69NPBEWDO+bclJg==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=17, origin; dur=201, ak_p; desc="469195_389993847_260677977_22418_8212_13_0_-";dur=1
content-length
1311
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC0591E5DA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
af434419-601e-002b-1e74-7142ce000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
soma-tabs.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-tabs.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e034d2e03adfb671d4042d091a16afa0559054b263dfe7574a3f96fa74b5050d

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
A/iVWZCePOOiqmxSK7hurQ==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=28, origin; dur=201, ak_p; desc="469195_389993847_260677978_22920_7881_13_0_-";dur=1
content-length
1350
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC0591BED1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9d019c81-b01e-0091-7e19-61a7b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=145000350&Ver=2&mid=40b32bd9-8884-4a8f-975f-c470535ebe8a&sid=0f9fd570202411ee935e75a2c96be180&vid=0f9fed00202411ee9594c343e7d84c4b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=XP%20Investimentos%20-%20Login%20Seguro&p=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&r=&evt=pageLoad&sv=1&rn=450724
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 19:49:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F846FA985F06466C8B7EADF949106939 Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/?random=1689104974823&cv=11&fst=1689104974823&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=1655224205.1689104971&rfmt=3&fmt=4
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0f8d6f5befc647d3d623b57fda9286b0e3d73c82c2145d6b51e179776a8da57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1319
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
import.css
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/ 		624 B
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3eaf0fb993760aa69b242e7a25d9ae117b723a6d3083cf98b9abcdb558bc0276

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:34 GMT
content-encoding
gzip
content-md5
ggxu5xhB2CCAlQdezOnicg==
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469195_389993847_260678065_23_8895_6_0_-";dur=1
content-length
173
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 20:51:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB78197EDD68FC
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7c2a382b-d01e-0011-0902-aa58b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
x
s.dnofd.com/ 		34 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.dnofd.com/x
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.144.49 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-144-49.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
30291382fbd7e83c4eeb395abf620b3dfae3935937ab99382ddaf08406115f9a

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 19:49:35 GMT
cache-control
private, max-age=31536000
server
nginx
etag
a9e2410f-b5e3-4f9a-a851-38683ee17f92
content-length
34
content-type
application/json; charset=utf-8
x.html
ofdb-u.dnofd.com/web/ofdb/ Frame 6B9E 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ofdb-u.dnofd.com/web/ofdb/x.html
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-36.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
180b05893224e9340a5dfd148631f00f58e1ea6cd62b2cbe37b534140ce6d675

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49388
cache-control
max-age=86400
content-encoding
gzip
content-length
13744
content-type
text/html; charset=utf-8
date
Tue, 11 Jul 2023 06:06:28 GMT
etag
"0fc39ae55adc9a4ac4572bcdde7b6718"
last-modified
Tue, 17 Jan 2023 12:57:12 GMT
server
AmazonS3
vary
Origin
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-id
UQiomzJDO--NKmydgODJvRhM5UsnOVwOEt9dB7HZm8Lr_HGZS6jPzA==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
anchor
www.google.com/recaptcha/enterprise/ Frame D6B6 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb206ODA.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=7akrcot35d8l
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
548e6d82364bc963022572f79b1f9a25b8cc6b50d20f9c5aa927e8f9a0349afd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KoBNs0mhE32n6ZrCKC31pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
1081
content-security-policy
script-src 'report-sample' 'nonce-KoBNs0mhE32n6ZrCKC31pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 19:49:35 GMT
expires
Tue, 11 Jul 2023 19:49:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-g7b7
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://xp-investimentosbr.com
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-pctw
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
http://xp-investimentosbr.com
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
59
x-application-context
application:9090
styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame D6B6 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb206ODA.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=7akrcot35d8l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 11:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 11:31:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame D6B6 		431 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb206ODA.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=7akrcot35d8l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177423
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 12:49:47 GMT
/
www.googleadservices.com/pagead/conversion/606618101/ Frame 4AEF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/606618101/?random=1689104975127&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
005a6153f630646c7c047fbe45e4043af2a4548355e2d59203cfef13f4cd236c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1603
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.esm-baacf272.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index.esm-baacf272.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
371e08ec65502ae7bac8aab86e2d264e609ee2befdc3ac86b24ca0f018a56ebd

Request headers

Referer
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-alert.entry.js
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
Y89t8Cf30CWtU30F/7xyHw==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=20, origin; dur=200, ak_p; desc="469195_389993847_260678497_22027_8474_12_0_-";dur=1
content-length
660
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC057AB7E9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6ad87d40-301e-00a0-3295-6746a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
/
www.google.com/pagead/1p-user-list/797073946/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/797073946/?random=1689104974823&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2324129195&rmt_tld=0&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/797073946/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/797073946/?random=1689104974823&cv=11&fst=1689102000000&bg=ffffff&guid=ON&async=1&gtm=45He37a0&u_w=1600&u_h=1200&url=http%3A%2F%2Fxp-investimentosbr.com%2Fdesktop%2Findex.php&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2324129195&rmt_tld=1&ipr=y
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/606618101/ Frame 4AEF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
  • https://www.google.com/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C5122...
  • https://www.google.de/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C51224...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5oSgsLaHgAMV5pD9Bx3TDAoe&is_vtc=1&ocp_id=T7KtZKahCOah9u8P05mo8AE&cid=CAQSKQBpAlJW9PRai8e8mWipjb1yL27bmiRfD9U7McHsByxxs79RoZ4WsSNa&random=647525429&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CPaq-K-2h4ADFfVdwgodZVsK2Q;src=9143205;type=xp_pages;cat=xp-vi0;ord=function(a)%7Ba.set(%22dimension6%22%2Ca.get(%22clientId%22))%7D;gtm=2wg1a1;auiddc=1234031376.1673635780;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u4=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9143205.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/606618101/?random=1104361265&cv=9&fst=1689104975127&num=1&npa=1&label=2ZGWCNDx8-MCEPWDoaEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPaq-K-2h4ADFfVdwgodZVsK2Q%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-vi0%3Bord%3Dfunction(a)%257Ba.set(%2522dimension6%2522%252Ca.get(%2522clientId%2522))%257D%3Bgtm%3D2wg1a1%3Bauiddc%3D1234031376.1673635780%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu4%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=http%3A%2F%2Fxp-investimentosbr.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5oSgsLaHgAMV5pD9Bx3TDAoe&is_vtc=1&ocp_id=T7KtZKahCOah9u8P05mo8AE&cid=CAQSKQBpAlJW9PRai8e8mWipjb1yL27bmiRfD9U7McHsByxxs79RoZ4WsSNa&random=647525429&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D6B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 00:33:37 GMT
x-content-type-options
nosniff
age
587758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 12 Jul 2023 00:33:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D6B6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb206ODA.&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=7akrcot35d8l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 00:54:58 GMT
x-content-type-options
nosniff
age
327277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 00:54:58 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&RedC=c.clarity.ms&MXFR=1A2C272DD422647F31223466D0226A63
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&MUID=0150EA6DD3786FCB2B64F926D2F36EBD
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&MUID=0150EA6DD3786FCB2B64F926D2F36EBD
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FA0435A5D2D14BB99B69298FB827BEE9 Ref B: FRA31EDGE0218 Ref C: 2023-07-11T19:49:35Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5050FB8415FE48C6A3627033A895E8C9&MUID=0150EA6DD3786FCB2B64F926D2F36EBD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
generic1689101877074.js
nebula-cdn.kampyle.com/us/wu/634815/onsite/
Redirect Chain
  • http://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js
  • https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js
1 MB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js
Protocol
H2
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d12689d61192d2b29fb7825ab72f9dc389c7efd4edfb811099f7f9dd48148355
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
6OAE44iqIeh4ORjlwqimJQx5hT0mWKz_
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
PCKY9F4FT1508XQX
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
111024
x-amz-id-2
w90NSBPY3Pli/0h4Xm8LQckG0T/tbpQmUzOiQaV6SZs7VuSPdDC/nkBKJ2qmstbdl5AbcMI9WYg=
x-served-by
cache-fra-eddf8230037-FRA
last-modified
Tue, 11 Jul 2023 18:57:58 GMT
server
AmazonS3
x-timer
S1689104975.468878,VS0,VE2
etag
"31a3ee323e08e014c6489db6bb97b164"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1

Redirect headers

Location
https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1689101877074.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ct.html
ct.pinterest.com/ Frame 23CB 		565 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.16.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
http://xp-investimentosbr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.c7641102.1689104975.3c67107b
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 11 Jul 2023 19:49:35 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
7158567423218996
adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
cdn.appdynamics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Server
18.165.201.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-201-17.lhr50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 06 Jul 2023 21:09:35 GMT
Content-Encoding
gzip
Via
1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
LHR50-P3
Age
427200
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 06 Sep 2022 21:05:12 GMT
Server
nginx/1.16.1
ETag
W/"6317b608-d132"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
s-A5RWYaZyUNkC7uiHbUsHlixR8Xgf23Nspujxj6YshVtDSeQU5Q5Q==
soma-icon.entry.js
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-icon.entry.js
Requested by
Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ac572e11fdf826b70c9f1a129d21c5bf1da8d72257893910257876628ab54128

Request headers

Referer
http://xp-investimentosbr.com/
Origin
http://xp-investimentosbr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
zuPasdIXhGRZg83dO7f38Q==
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="469195_389993847_260678878_1579_8909_11_0_-";dur=1
content-length
1584
x-ms-lease-status
unlocked
last-modified
Sat, 15 Jan 2022 00:14:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9D7BC058C416C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
da1a0bb9-301e-009f-78ec-558e00000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000
x-ms-version
2009-09-19
formData1681889403516_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/38337/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/38337/formData1681889403516_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34a2998dd32a9786a54d66bedef632b08df0943deca7fccf325e233f4830d51c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
8XYr.ILUozJMwgJAn77DEX4GKGA.7HJt
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58TJ58SZS6EEYWX
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2908
x-amz-id-2
XYHLrE2JJneP0o8tudyumEdgVqa+buHOZIOKu5705PTRNa+cg1Xnc47p6CPeH+uDA6icumwcVoc=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 19 Apr 2023 07:30:05 GMT
server
AmazonS3
x-timer
S1689104976.627624,VS0,VE5
etag
"34b69a878e6920da86cf005fc8e09f68"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1681889612220_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/40221/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/40221/formData1681889612220_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cd0d08585bcea85d539958a67c7d051f1b6072703f808de09114289f07ac55f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ACzUyJHUZsEzriTrYMavwUpwfE4Z6.vZ
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58K0VM5GAJPQEXT
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3139
x-amz-id-2
Qz3AzntmyjUlNkIXbj/MR0FxsbtJES0s7EVU3YwkBwmIccnahiFrVcCXK2mJbNMeP5vEk97PtWI=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 19 Apr 2023 07:33:33 GMT
server
AmazonS3
x-timer
S1689104976.632803,VS0,VE2
etag
"66ebce11bd6b2496186b7fb30cc1524c"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1681890273019_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/40222/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/40222/formData1681890273019_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1e053ab5104b844528d423f512091e80520587aba630a93f8c2a7d72fdf6900
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
.2G5wyh.b0lAwSJTCvG_xi23liyIU_NP
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
D67FBNNJMETSSXY6
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3066
x-amz-id-2
zVSbIcFyiQhN+GqDxV5gCzaRqiMfZm08bNEyyvR006RMi+1NbY71UahuxT6ULh31j48fLWnxWi8=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 19 Apr 2023 07:44:34 GMT
server
AmazonS3
x-timer
S1689104976.633967,VS0,VE1
etag
"0887a65ef99ece91eb8b262f863247f1"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1681889137599_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/46973/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/46973/formData1681889137599_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c5c9f95665ffc541c477a57ad14dfcc815586df570dc3a0f1b231dda4e5f86c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
w7bijVoSbzE._k7BnPZkSvHT4V8f3bv_
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58RQV1VTZF8JR3N
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3017
x-amz-id-2
0Zmv+WK5LVFc/A/fIj8h8lcZK/nl8RzgYi8r8KJZA+TM8T9frh+ldI1nKerKofRmYBgefbC/fAE=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 19 Apr 2023 07:25:39 GMT
server
AmazonS3
x-timer
S1689104976.635555,VS0,VE2
etag
"818b796031c31a858e22f2a2fff78f13"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1681889638768_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/47096/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/47096/formData1681889638768_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
517b99ef8ecdc4aa734b2d659ef7e43b0d52acebf9bebc07847dd486c5c50ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
AJTy_qEOk_PImfgsKrGi.pvI0FyPfAh0
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
D67E2VP2P9WDR5A8
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3271
x-amz-id-2
k6VR6nBqrqilmkXyXxw9wHvPNAYMg7SNHuKjDSrcvdz8NS9Nct4TBNBo7dM1/Sok0TQQYQXhdw0=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 19 Apr 2023 07:34:00 GMT
server
AmazonS3
x-timer
S1689104976.636221,VS0,VE2
etag
"a3f0fba5861955302e2de54fd072d660"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1683220745987_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/47664/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/47664/formData1683220745987_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e46a7a4b5d380b306f25066d438dbfc711756addf3c9fbc2cc2f9fd9853a2ea
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
4XIP4J5F63K4V49BJXNrdwIwQw1XE4nq
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58ZRQ45CC40KHKB
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3269
x-amz-id-2
kbiF4oPsQ6pFsI1UTduJatKK4kvYyjbOBGRFvU90yCpvAurH9V2Zw7BISnheDrHkzc+yxdKBgCg=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 04 May 2023 17:19:07 GMT
server
AmazonS3
x-timer
S1689104976.637795,VS0,VE2
etag
"a010f0e5db22b76ebdefde6f31e53faf"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1683223488401_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/47666/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/47666/formData1683223488401_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9fa6f499321831a2f31339a31f5a8f4316f9b1566b7f138dc06e977ee89706f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ABG.pPnA3DUFQSSHz4hHifI6UjDrHbRA
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58ZSYB0KAF2FRCM
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3260
x-amz-id-2
HHtws874/a9Hqp4cii/+8JfXio1PD7yhgwLOKrtA5aRiRwraBMmOmDiJMhyW71MYshvob7S6xvo=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 04 May 2023 18:04:49 GMT
server
AmazonS3
x-timer
S1689104976.638023,VS0,VE2
etag
"446b6b1882ce182895a39afcc99c7301"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
formData1683223568255_pt-br.json
nebula-cdn.kampyle.com/us/wu/634815/forms/47667/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/634815/forms/47667/formData1683223568255_pt-br.json
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ca2534ccf285163aed881789e7dff15ab7e50f5b6f184559c18206ec82e9a39
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
WvtWL0v1tmEC8P0YwIn_D.tcWZOCMb7H
content-encoding
gzip
via
1.1 varnish
date
Tue, 11 Jul 2023 19:49:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
P58J7R6BX7KB4DA0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3270
x-amz-id-2
nzEnGMK0Ye/nxPxtMhjOGylXxRyZy3bjMcRyQs2zNkk2niO2iG/LS9QmWOaheF39qZg6k3ZY3+I=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 04 May 2023 18:06:09 GMT
server
AmazonS3
x-timer
S1689104976.638577,VS0,VE2
etag
"ce8499ed68637e848aa3c7e11e533bdd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4OTEwNDk3NTU5MSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg5NDY4MDgzMTIxNzYtMGY0YjU4NzViY2JmZGYtNmEzMzUwNTQtMWQ0YzAwLTE4OTQ2ODA4MzEzMTBiNSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ3ZWJzaXRlSWQiOiA2MzQ4MTUsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImMzMjUtNGZjNS0yOGI5LTFhNTQtNTgwNi0yMGZjLTlkZTAtYzRiMCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjg5MTA0OTc1NTg4Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDEwNDIsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUxLjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUxLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2ODkxMDQ5NzU1OTEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-k387
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU3MjYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy8zODMzNy9mb3JtRGF0YTE2ODE4ODk0MDM1MTZfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xMDN9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1NzI2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-3gwm
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
alert-triangle-fill.svg
cdn.xpi.com.br/soma/soma-icons/xp-empresas/md/ 		827 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.xpi.com.br/soma/soma-icons/xp-empresas/md/alert-triangle-fill.svg
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4a584e6ef2efdf7efebba385890499e9faf1f6916c00eebb4e9304f8ba9517c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Jul 2023 19:49:35 GMT
content-encoding
gzip
content-md5
WTe7PWvnLaxy775Rsas9/Q==
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=50, origin; dur=202, ak_p; desc="469195_389993847_260679229_25192_8596_17_0_-";dur=1
content-length
450
x-ms-lease-status
unlocked
last-modified
Wed, 28 Jun 2023 20:50:51 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB78195BF87686
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7c2a7f5a-d01e-0011-1202-aa58b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=31536000, max-age=31536000
x-ms-version
2009-09-19
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU3NjUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80MDIyMS9mb3JtRGF0YTE2ODE4ODk2MTIyMjBfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xMzl9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1NzY1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-12mq
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU3ODUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80MDIyMi9mb3JtRGF0YTE2ODE4OTAyNzMwMTlfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNDN9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1Nzg1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-nl9d
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU3ODkiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80Njk3My9mb3JtRGF0YTE2ODE4ODkxMzc1OTlfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNTV9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1Nzg5LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-3h5x
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU4MDAiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzA5Ni9mb3JtRGF0YTE2ODE4ODk2Mzg3NjhfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNTd9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1ODAwLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-3cxd
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU4MDYiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2NC9mb3JtRGF0YTE2ODMyMjA3NDU5ODdfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNjZ9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1ODA2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-d2tm
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU4MTAiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2Ni9mb3JtRGF0YTE2ODMyMjM0ODg0MDFfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNzF9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1ODEwLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-9lgx
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gTG9naW4gU2VndXJvIiwicGFnZV91cmwiOiAiaHR0cDovL3hwLWludmVzdGltZW50b3Nici5jb20vZGVza3RvcC9pbmRleC5waHAiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9hZnRlcl9odHRwX2dldF9yZXF1ZXN0IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2ODkxMDQ5NzU4MTUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4OTQ2ODA4MzEyMTc2LTBmNGI1ODc1YmNiZmRmLTZhMzM1MDU0LTFkNGMwMC0xODk0NjgwODMxMzEwYjUiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHA6Ly94cC1pbnZlc3RpbWVudG9zYnIuY29tL2Rlc2t0b3AvaW5kZXgucGhwIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJjMzI1LTRmYzUtMjhiOS0xYTU0LTU4MDYtMjBmYy05ZGUwLWM0YjAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4OTEwNDk3NTU4OCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIyOC45NzE2MTc5NzQzMzA3ODciLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2Ny9mb3JtRGF0YTE2ODMyMjM1NjgyNTVfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4xNzR9fSwiY29va2llX3NpemUiOiAxMDkwLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MS4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MS4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg5MTA0OTc1ODE1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-c002
date
Tue, 11 Jul 2023 19:49:35 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
collect
x.clarity.ms/ 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://xp-investimentosbr.com
Date
Tue, 11 Jul 2023 19:49:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
bootstrap.min.js
s.dnofd.com/js/ 		2 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.dnofd.com/js/bootstrap.min.js?a=zG6K9sOvSHT4TcSI3dvCNIxPIPljEPvOyvH6A5D4MaIH50GSF5PaxZey7GUDjKZvtO%2FZxZFNY3ok%0D%0AqvmQcwXk7b0P6pu%2BIReZb7hvhScFyZjXRzL8DRdO%2F8h3tpo7cPmd7ATlVBrPSnGlfI9fgxthMlw%2F%0D%0AvuOqp6NujdAQuQyNWLMonHMs%2BVCku9jK7WYv3mUAS8f%2Bt29bImR3A2%2FoC9Damt%2FIaBWVJPM6hwTy%0D%0AgZsSt2cu3Xm3SSqV5mwQckaGlT%2BUQr8rud7Y%2FbJ%2FBStpRD2yXi%2FdxZrDTidxm4az%2F%2FDzhTOyCggc%0D%0AVkAFqONVFzghqSvy%2FVGsKOcI0qiUZVOD%2Fx6WXZb%2FOBUjDkKaqnjnkZkZ08jHa7rNAP4mVEK6CeBJ%0D%0AaBYhrgiwQH2K4nCPmgPm8pvuICROMgleLyjZbFyup%2BmHK6y7i4zx6YLMEOvD4os8jsmUfQ9leeDj%0D%0A8vby7F64p%2FnwNFBYh1W1JabKfix5GJRA5M%2FhHW2VtRVs4Zez8skuUsDXwyXAbH67g7PTSxS6hcMj%0D%0AYQ0JQt26p4OMu3xGfJIY%2F9%2BlW8lZvrfHph%2FFJ%2B3DF3HCkw6xX5ZO38NBBV8Iwu6vVt5J4j%2BtD%2Fu9%0D%0ACzI4j5ZZZZdy%2Br5DPIZHcTZJj7CQQCTy3f2dsM44PnD2NYvX5zCWqSWysAbcLBrBX%2FnKmj2HsQiE%0D%0AwnsEwPrbHNtUJHvzi%2FUDv%2B32MhomSqd%2F7WmpqVDv7UXFH4kW%2BKuQd1mm%2FINzp303gwPeje3od7Wo%0D%0A60hwKR0a4uP38B%2FaXBEmMfCOVEM%2FYS8Kqs6%2F%2FaNGY0YrEZiqRbFOY%2BknlzL1sO7aSCVR%2B6dFeSVx%0D%0AJms1BbCJg%2FczIUJ5sxl9w8Kqt6%2BNtvftZWGOlk%2FhukHHO4TVWhnARemRYcf8YC1NAE11lrPD3A2H%0D%0AFU7K1he%2FGbq1zbGJOxO8BMQA33W%2FzstpVhVSsn%2FMCZ%2FDL5CFUCmQ9mc93WqU8jzBk81km2hgigr7%0D%0ACGz4LFp%2BniPtMg%2By5Ry0ffOebRlWxfDvonw0odv5%2FX3psc%2F2nXUwZwNqAJ9rhFJLsNRLG58CL5Xm%0D%0ABiPBWe8bEbcfwLbROhcomEAJWkBlNOCxKjLUXWmAOMadbQxvuqjUK%2BKzCcBrHlaXRO0zsxHiQSfE%0D%0AS03ffHtCSQapkuDyRyDFaNSN%2BpuWU7ZK5R47uefUE8wEOd5bBnXovEdZ1aqH6dNQb6ZWtIUuw3IY%0D%0AsX0ndfF0MrxIhUb01P7KU3u94nGs2r3j%2FP6rrvv6WMmYoP9SOUx5ujFpAGTGDzcJM1vF3jUazymV%0D%0AMaBwA1XEWhdYiuDxwjAHA9XE8eIhxuRwMXvaEttsx6vC%2B5Qw8u%2Bcz5s6FTMLG6%2BIAL4ICmkK1Yyh%0D%0ARO%2FcIrxRsoUWn7RDvesX6Wg0pvF%2FuPbfpgwOoukjC5%2FZnzdpTVG1PHB9Ynt%2FSiHuBkRsGUw%2Bp2xp%0D%0AcSD%2FmaO%2FPggUWUz3EPF0bEd9DiLfXGi%2Fr6SkvJCeUmohULtDfQJ2KbMsd57A4hGN622AsWvO8cJW%0D%0A54NftAoX5SfoQBXO6I%2BQafPlHS9YMALIVxTVtMKFz1e%2BfVqsUXeLPdcU%2BwxZUcQHERXo00Ls5rwn%0D%0AXCGeiW5B55VjBLyb7i2n7AtCLWy2%2FnR4l%2FyEdHw1I2bS3%2FZoFm8m7ArXas%2BV%2BAW8mo6Wj5GDa5ex%0D%0ANgotAktLyTVF6aKaBdsrb5NnTbrHyepYcUps1nef%2B1xSj8pD9AyO5mH49GZ0s39xkMlR66Kxw99S%0D%0A8Ilb%2FzsLFZvSS9AgfXcKSj66%2FsBQOIvX5%2BXJdDXy5kJ0Z8ErFD0OdgU4ecOxbTgCvFtrpYKzBllr%0D%0Av1lMChwj6kBzQP1PGEGqQCUbP0HNQn9cMP3203b5njquoLEskmPtAG3UX%2BJ8pPybvHbkxoeUN0L6%0D%0ASb1vN%2F%2FpeU0QItFJFIgKOZ5p2LGZVP7FMyvXgD6gbI21p3E2SGHw3UcdBrnzi%2Bh9xNOBEo1c8SOX%0D%0AFkVYDYcoBSLxOYgKSsylvSIh%2BHMq1nTdKLGXLYIdq%2F9crVZYQa%2FvfNu1bMuyKPk2EJVsuWwOO%2FTm%0D%0A3K2OwWPAb5N8CODwlYvLh%2BOk%2FiMYqU1t
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.144.49 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-144-49.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 19:49:40 GMT
server
nginx
content-length
2
content-type
application/json; charset=utf-8
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-JRH/ 		0
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-JRH/adrum
Requested by
Host: cdn.appdynamics.com
URL: http://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.188.86 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:40 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
bootstrap.min.js
s.dnofd.com/js/ 		2 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.dnofd.com/js/bootstrap.min.js?a=zG6K9sOvSHT4TcSI3dvCNIxPIPljEPvOyvH6A5D4MaIH50GSF5PaxZey7GUDjKZvtO%2FZxZFNY3ok%0D%0AqvmQcwXk7b0P6pu%2BIReZb7hvhScFyZjXRzL8DRdO%2F8h3tpo7cPmd7ATlVBrPSnGlfI9fgxthMlw%2F%0D%0AvuOqp6NujdAQuQyNWLMonHMs%2BVCku9jK7WYv3mUAS8f%2Bt29bImR3A2%2FoC9Damt%2FIaBWVJPM6hwTy%0D%0AgZsSt2cu3Xm3SSqV5mwQckaGlT%2BUQr8rud7Y%2FbJ%2FBStpRD2yXi%2FdxZrDTidxm4az%2F%2FDzhTOyCggc%0D%0AVkAFqONVFzghqSvy%2FVGsKOcI0qiUZVOD%2Fx6WXZb%2FOBUjDkKaqnjnkZkZ08jHa7rNAP4mVEK6CeBJ%0D%0AaBYhrgiwQH2K4nCPmgPm8pvuICROMgleLyjZbFyup%2BmHK6y7i4zx6YLMEOvD4os8jsmUfQ9leeDj%0D%0A8vby7F64p%2FnwNFBYh1W1JabKfix5GJRA5M%2FhHW2VtRVs4Zez8skuUsDXwyXAbH67g7PTSxS6hcMj%0D%0AYQ0JQt26p4OMu3xGfJIY%2F9%2BlW8lZvrfHph%2FFJ%2B3DF3HCkw6xX5ZO38NBBV8Iwu6vVt5J4j%2BtD%2Fu9%0D%0ACzI4j5ZZZZdy%2Br5DPIZHcTZJj7CQQCTy3f2dsM44PnD2NYvX5zCWqSWysAbcLBrBX%2FnKmj2HsQiE%0D%0AwnsEwPrbHNtUJHvzi%2FUDv%2B32MhomSqd%2F7WmpqVDv7UXFH4kW%2BKuQd1mm%2FINzp303gwPeje3od7Wo%0D%0A60hwKR0a4uP38B%2FaXBEmMfCOVEM%2FYS8Kqs6%2F%2FaNGY0YrEZiqRbFOY%2BknlzL1sO7aSCVR%2B6dFeSVx%0D%0AJms1BbCJg%2FczIUJ5sxl9w8Kqt6%2BNtvftZWGOlk%2FhukHHO4TVWhnARemRYcf8YC1NAE11lrPD3A2H%0D%0AFU7K1he%2FGbq1zbGJOxO8BMQA33W%2FzstpVhVSsn%2FMCZ%2FDL5CFUCmQ9mc93WqU8jzBk81km2hgigr7%0D%0ACGz4LFp%2BniPtMg%2By5Ry0ffOebRlWxfDvonw0odv5%2FX3psc%2F2nXUwZwNqAJ9rhFJLsNRLG58CL5Xm%0D%0ABiPBWe8bEbcfwLbROhcomEAJWkBlNOCxKjLUXWmAOMadbQxvuqjUK%2BKzCcBrHlaXRO0zsxHiQSfE%0D%0AS03ffHtCSQapkuDyRyDFaNSN%2BpuWU7ZK5R47uefUE8wEOd5bBnXovEdZ1aqH6dNQb6ZWtIUuw3IY%0D%0AsX0ndfF0MrxIhUb01P7KU3u94nGs2r3j%2FP6rrvv6WMmYoP9SOUx5ujFpAGTGDzcJM1vF3jUazymV%0D%0AMaBwA1XEWhdYiuDxwjAHA9XE8eIhxuRwMXvaEttsx6vC%2B5Qw8u%2Bcz5s6FTMLG6%2BIAL4ICmkK1Yyh%0D%0ARO%2FcIrxRsoUWn7RDvesX6Wg0pvF%2FuPbfpgwOoukjC5%2FZnzdpTVG1PHB9Ynt%2FSiHuBkRsGUw%2Bp2xp%0D%0AcSD%2FmaO%2FPggUWUz3EPF0bEd9DiLfXGi%2Fr6SkvJCeUmohULtDfQJ2KbMsd57A4hGN622AsWvO8cJW%0D%0A54NftAoX5SfoQBXO6I%2BQafPlHS9YMALIVxTVtMKFz1e%2BfVqsUXeLPdcU%2BwxZUcQHERXo00Ls5rwn%0D%0AXCGeiW5B55VjBLyb7i2n7AtCLWy2%2FnR4l%2FyEdHw1I2bS3%2FZoFm8m7ArXas%2BV%2BAW8mo6Wj5GDa5ex%0D%0ANgotAktLyTVF6aKaBdsrb5NnTbrHyepYcUps1nef%2B1xSj8pD9AyO5mH49GZ0s39xkMlR66Kxw99S%0D%0A8Ilb%2FzsLFZvSS9AgfXcKSj66%2FsBQOIvX5%2BXJdDXy5kJ0Z8ErFD0OdgU4ecOxbTgCvFtrpYKzBllr%0D%0Av1lMChwj6kBzQP1PGEGqQCUbP0HNQn9cMP3203b5njquoLEskmPtAG3UX%2BJ8pPybvHbkxoeUN0L6%0D%0ASb1vN%2F%2FpeU0QItFJFIgKOZ5p2LGZVP7FMyvXgD6gbI21p3E2SGHw3UcdBrnzi%2Bh9xNOBEo1c8SOX%0D%0AFkVYDYcoBSLxOYgKSsylvSIh%2BHMq1nTdKLGXLYIdq%2F9crVZYQa%2FvfNu1bMuyKPk2EJVsuWwOO%2FTm%0D%0A3K2OwWPAb5N8CODwlYvLh%2BOk%2FiMYqU1t
Requested by
Host: xp-investimentosbr.com
URL: http://xp-investimentosbr.com/desktop/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.67.144.49 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-67-144-49.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://xp-investimentosbr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 11 Jul 2023 19:49:40 GMT
server
nginx
content-length
2
content-type
application/json; charset=utf-8
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-JRH/ 		0
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAN-JRH/adrum
Requested by
Host: cdn.appdynamics.com
URL: http://cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.188.86 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xp-investimentosbr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 19:49:45 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.xpi.com.br
URL
https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 boolean| credentialless object| onbeforetoggle object| onscrollend object| regeneratorRuntime object| twttr number| adrum-start-time object| adrum-config object| ADRUM object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _elev string| __bHtyr78juy45nm number| WjcyJPnE function| b133 object| core object| __core-js_shared__ object| GAS function| GasToolkit function| OFDB function| OFDBDataSender object| elementsId object| eventListenerMap object| geoLocation function| getLocation function| showPosition function| successCallback function| errorCallback string| faqStyles string| client string| loginType object| sessionId object| copyAndPasteDetectionFields object| ofdb function| callFingerPrint number| initInterval object| dataLayer string| GoogleAnalyticsObject function| xpi_ga function| getSelectedText function| ensurePasswordMaxLength function| triggerXPTokenValidationOnEnter string| BOOMR_API_key object| BOOMR function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq number| BOOMR_start object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady function| postscribe object| google_tag_manager_external function| gtag object| uetq function| twq object| GooglebQhCsO function| pintrk string| _linkedin_data_partner_id function| waXPi undefined| cookieName undefined| gclid undefined| customerId function| clarity string| TiktokAnalyticsObject object| ttq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| fbq function| _fbq object| analytics object| gaGlobal object| KAMPYLE_EMBED object| gaplugins object| gaData object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| google_optimize function| UET function| UET_init function| UET_push object| ueto_e8faa1ff79 object| recaptcha object| webpackJsonp1677247014415 function| setImmediate function| clearImmediate function| customerFaq object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds undefined| theForm function| __doPostBack object| webpackJsonp1681214744565 boolean| _already_called_lintrk function| getSegmentCookie function| getDomainLocationAndMaxAge undefined| isReset object| userUniqueId function| checkValidUniqueId undefined| segmentAnonId string| currentAnonymousId function| segmentAnalyticsIdentify number| BOOMR_configt function| TiktokJelly object| _jelly_sdks function| validateForm function| exibeModalInfoDesatualizado function| exibeModalEmailDesatualizado function| exibeModalTelefoneDesatualizado undefined| buttonsDisabled function| disableButton function| enableLoginWarningGTM function| enableLoginWarning function| callHomePageContext function| activeLink function| activeField function| activeFieldPJ function| customerElev object| tagConfig object| pdKeyObject object| customerServiceLoader function| j57VY6 function| C6LjX number| f0nEi9 function| x5j55 function| p0UU object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| DS-SOMA function| soma-theme-change function| I3PWYG function| z9CTT number| h0if89 function| u0PiN function| B7oo object| closure_lm_861668 number| BOOMR_onload

46 Cookies

Domain/Path Name / Value
ofdb-u.dnofd.com/web/ofdb Name: cck
Value: 7548648f-6b82-cd6b-89e4-2c529bfd3e39
ofdb-u.dnofd.com/web/ofdb Name: ccn
Value: 2aef9ca9-1bd2-a539-4f20-b367fda06621
.portal.xpi.com.br/ Name: akaalb_portalxpi
Value: 1689105270~op=portalxpi:origin-portal-xpi-2|~rv=20~m=origin-portal-xpi-2:0|~os=4232c9215b76bc535ce1ca00c6c76064~id=59486238c0b93913a8ed6802521c4535
.xp-investimentosbr.com/ Name: RT
Value: "z=1&dm=xp-investimentosbr.com&si=ndy891vcuy&ss=ljyphkz9&sl=0&tt=0"
www.clarity.ms/ Name: CLID
Value: 9f42cca7ff6d457786516e15a6cf2252.20230711.20240710
.tiktok.com/ Name: _ttp
Value: 2SRMWSEZ0nco2msszGp9gR2WbNG
.bing.com/ Name: MUID
Value: 0150EA6DD3786FCB2B64F926D2F36EBD
.xp-investimentosbr.com/ Name: _gcl_au
Value: 1.1.1655224205.1689104971
.doubleclick.net/ Name: IDE
Value: AHWqTUkeeBcCQuZnjkGa_IgcJ4T6jneTILzTtXwstl2TOq9Rj_qupjG0Zx9QCMeI
.xp-investimentosbr.com/ Name: _ga_HM1230DXLC
Value: GS1.1.1689104971.1.0.1689104971.60.0.0
.xp-investimentosbr.com/ Name: _ga
Value: GA1.2.1801877036.1689104972
.xp-investimentosbr.com/ Name: _gid
Value: GA1.2.1571794178.1689104972
.xp-investimentosbr.com/ Name: _gat_UA-5145909-16
Value: 1
.xp-investimentosbr.com/ Name: _clck
Value: ddqj0e|2|fd7|0|1287
.xp-investimentosbr.com/ Name: _fbp
Value: fb.1.1689104972492.1284979958
.linkedin.com/ Name: li_sugr
Value: 9b8bee8c-9814-428d-8653-47531ca28e66
.linkedin.com/ Name: bcookie
Value: "v=2&9e871136-dfd4-48ff-8da9-20b3fa8d1435"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3088:u=1:x=1:i=1689104972:t=1689191372:v=2:sig=AQGR5U4IqyePd3gKTtZ23vWmsguBEsH3"
portal.xpi.com.br/ Name: akavpau_visitor-xp
Value: 1689105272~id=8a255afa24b84665e0421e3ae29bbd1d
.xp-investimentosbr.com/ Name: _tt_enable_cookie
Value: 1
.xp-investimentosbr.com/ Name: _ttp
Value: EEexx2k8pkHFC-Px1Xk_BIATwsh
xp-investimentosbr.com/ Name: ln_or
Value: eyI0MDQ0Njk3LDUwOTIzNTY3NiI6ImQifQ%3D%3D
.linkedin.com/ Name: UserMatchHistory
Value: AQJFUySyJ_2ZRgAAAYlGgHw7wRLN11RJdUcLGupQmgiNgSYM9VOwRap8Iw-cPXpo7UpArPlY_xqv2A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQInekuizPdSmgAAAYlGgHw8HVBtndrKqCeheQaZ0IMEJ96lAOLcuznpsdlfKuH6gync0DAIhrbgC617o6obcg
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230711194933ab2a1c5d-2f2a-4d85-8524-ca2bf507b781AQF18viovusjRlEri1o4BRrL28ksDCHn"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODkxMDQ5NzM7MjswMjEJKIGY2inktrCzDYFkwXERtW/l0BCBJQ0l1C7X/q3pxg==
.xp-investimentosbr.com/ Name: _pin_unauth
Value: dWlkPU1EZzROVEkwT0RFdE5HTTJaQzAwTkRjekxUbG1OV0V0TjJNeVpqUTVNemxpTURZeQ
.xp-investimentosbr.com/ Name: _clsk
Value: 1r2pwrp|1689104973408|1|0|x.clarity.ms/collect
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZMeE1PS3dNZ2lYVW9jMEordkpid3ZLd01VODZGM1RmbXhpcHFEaU9INDRMeWtYOXlXQmFqY2JWZTNjU2d3NWFzTkpTQVZqcXJza01xNTN5K1dHeS9pU3ZlTFJMeTdEc3pJYUMvVTREQ2RkOD0maFppbGRNeDJCKzc2cVZxdUtjaEp2Wkp1aTRNPQ=="
.xp-investimentosbr.com/ Name: ajs_anonymous_id
Value: ec3c02e7-235a-4609-a3ba-4902d0a77102
xp-investimentosbr.com/ Name: mdLogger
Value: false
xp-investimentosbr.com/ Name: kampyle_userid
Value: c325-4fc5-28b9-1a54-5806-20fc-9de0-c4b0
.xp-investimentosbr.com/ Name: _uetsid
Value: 0f9fd570202411ee935e75a2c96be180
.xp-investimentosbr.com/ Name: _uetvid
Value: 0f9fed00202411ee9594c343e7d84c4b
.dnofd.com/ Name: cck
Value: 7548648f-6b82-cd6b-89e4-2c529bfd3e39
.dnofd.com/ Name: ccn
Value: 2aef9ca9-1bd2-a539-4f20-b367fda06621
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0150EA6DD3786FCB2B64F926D2F36EBD
xp-investimentosbr.com/ Name: kampyleUserSession
Value: 1689104975588
xp-investimentosbr.com/ Name: kampyleUserSessionsCount
Value: 2
xp-investimentosbr.com/ Name: kampyleSessionPageCounter
Value: 1
xp-investimentosbr.com/ Name: kampyleUserPercentile
Value: 28.971617974330787
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0150EA6DD3786FCB2B64F926D2F36EBD
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

22 Console Messages

Source Level URL
Text
network error URL: http://xp-investimentosbr.com/Scripts/adrum.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/appInsightsConfiguration.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/login/spinner.js?_V=2023-01-13-03-00
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/login.min.js?_V=2023-01-13-03-00
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/login/new-login-cs.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/login/ads.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/content/bootstrap.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/content/jquery-ui-xp-theme/jquery-ui-1.9.2.custom.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/kJ4t0K/WG/NL/Erou/Oif7MPfVwn/ELuSwrJmX15a/S20SQQE/ZEgpR/QAQA2Y
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/content/xpbootstrap.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://xp-investimentosbr.com/bundles/scripts?v=nh79-wCWuC_SiipJcPbx-j30VC7ODqnTFMNpVp02qIs1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__pt_pt.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: http://xp-investimentosbr.com/desktop/index.php
Message:
Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__pt_pt.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: http://xp-investimentosbr.com/ScriptResource.axd?d=KsN2F9I13MKIO0dOHrV78086SWW7VZCZcWhM1X3UeCrS78gU3PivqntrUU39ryXrkT0cnWkc7gYx4G5bQO7ImyrOQGjVXvkQyv50a5q-V8g4h_Pg0&t=397b6a7
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/xpi/images/logo_xp_banner_mobile.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/xpi/images/fechar_banner_mobile.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://xp-investimentosbr.com/desktop/xpi/scripts/clearSession.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://xp-investimentosbr.com/desktop/index.php(Line 1126)
Message:
Access to XMLHttpRequest at 'https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP' from origin 'http://xp-investimentosbr.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__pt_pt.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9143205.fls.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.segment.io
api.xpi.com.br
bat.bing.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.appdynamics.com
cdn.elev.io
cdn.linkedin.oribi.io
cdn.segment.com
cdn.xpi.com.br
connect.facebook.net
ct.pinterest.com
customerattendance.xpi.com.br
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
nebula-cdn.kampyle.com
ofdb-u.dnofd.com
pdx-col.eum-appdynamics.com
portal.xpi.com.br
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.dnofd.com
s.go-mpulse.net
s.pinimg.com
snap.licdn.com
static.ads-twitter.com
static.xpi.com.br
stats.g.doubleclick.net
udc-neb.kampyle.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.clarity.ms
xp-investimentosbr.com
xp.dnofd.com
api.xpi.com.br
13.107.42.14
142.250.185.194
142.250.74.198
146.75.120.157
151.101.65.175
18.165.201.17
18.173.154.44
18.66.192.36
184.30.16.191
184.86.103.133
191.252.4.62
20.114.190.119
2001:4860:4802:32::36
2600:9000:2248:f000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:400c:c0b::9a
2a02:26f0:480:184::11a6
2a02:26f0:480:21::217:d12e
2a02:26f0:480:21::217:d137
2a02:26f0:480:9a4::11a6
2a02:26f0:480:9b2::1931
2a02:26f0:480:f::213:7edd
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::644
35.162.188.86
35.241.45.82
52.43.2.154
52.67.144.49
52.84.174.90
68.219.88.97
99.86.8.175
004a84114f6e1bd4c5042f9cf5842c7014c2b05a33a67d31093713c837064678
005a6153f630646c7c047fbe45e4043af2a4548355e2d59203cfef13f4cd236c
018044cff5f5fe2d7371a4c478ee5a6397c5126674fe6fb6eb5e0307aefceb92
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
0c5c9f95665ffc541c477a57ad14dfcc815586df570dc3a0f1b231dda4e5f86c
0d1d83d3b31a1bdcb62a940d70013d1ad23608a3c856e46e7b38ca1c59656e5e
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963
0fd0be12e8082eb2a38e1a97ab05cf96f31784bb209611f859416ebe52c9a863
101365ad0e2eb2eb542c6137bbd44dc947123d1791d9cbcf29e062ffe6001ef4
122b310043d61550b9f727cb30ec6463ea0ffdf3cbd53fe9896a3b402804ca7c
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1390b37d41bf25297e61453d05926ca26423dc12d51dde6cc3ab323059cb3e08
140f422d2b9411b10a77818e21b279021c5b02c59019dbf03d538270166397ea
17388e914da69f1ee8c6d650043903662adb6f680d8119ad32e217b38761f94f
17a3eaba9d243bbf7adfc7607a8a8b4bff06ed08f054990be5efea6f267062db
180b05893224e9340a5dfd148631f00f58e1ea6cd62b2cbe37b534140ce6d675
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e46a7a4b5d380b306f25066d438dbfc711756addf3c9fbc2cc2f9fd9853a2ea
27e0d13f10cae008ba2de8670a6c24c27d8d1e773222302c714702965c9d3c8d
2a798b43d205de53e3588023f488ef39b0f29b2edfd6e128115754b8c9994df3
2b35d4d039b436a9494b3bed074905653ffc14b04961ee1cf0ce109853bec02d
2d2677df8d426eb1e570ec10145645fc6a07667d1705234094e46900d50fbdbd
2d7b96268466e84a756f998f13f76fb0f2c814fd58d4d8a49ea02445aee8766e
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e787d9426af63537034df2649677ef0aa960290c609dc17db14f784d14040d4
2f19d63af6476af921c5e7dcd4f31d005ad3ea7028314088c5b10c43a6d7b279
2f26e9d7582e18ae223e3be61aeb2571038994eb323aa752291894abd76b9471
30291382fbd7e83c4eeb395abf620b3dfae3935937ab99382ddaf08406115f9a
34a2998dd32a9786a54d66bedef632b08df0943deca7fccf325e233f4830d51c
35825a86af65183f99c020623368870e165fa1c4eaa900e6b7fc065a8956b8d1
371e08ec65502ae7bac8aab86e2d264e609ee2befdc3ac86b24ca0f018a56ebd
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
391c0ac2c492fec7973388144f628fcbdd8b6e76b4efebad59251f7795dffd0b
3c4489fbcd3c81d284fb96084d17903234a5ba23048d07c9632602969e7d7f43
3c872b84edaa31274ff9d473c79e5ea016b70d974dec8160aa22209994143beb
3d4ad7bdeea12089935e069557d320d851f83aaa2fb5a95b02669dc71cfc69eb
3dfe9125cc2a8cada49e6831253425a352e3acc6909f72f84c70bba029f408b0
3e060eb1b6bd8fd92cca7c7eda6458ef5bbfbccc877cddf9e80e9443a78b8aa7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eaf0fb993760aa69b242e7a25d9ae117b723a6d3083cf98b9abcdb558bc0276
3ffb15573545729d2f1a2c847b172e2e0e43858fa58cffdc0db53f8c6db81655
4192e92fc312be5443112921d93d4109e004865cc9b043d0aa4e88b340fc36d7
43b258bc8073d36494d06c622415db04061dc1885f437e434d036b1ba3d3d320
4687be7860dfe8fded1fddcc3df1b9101badfc767f0e78f4f37d3b6ca22a863c
46e2b360cda1325aea8a73a2e3a81de5ac0df3f99eff6eb1b1c7287c99e3b6ab
495ee10d94f20f30e799221290021685802cd4afd91668f96e7fbb1ab212af55
4a584e6ef2efdf7efebba385890499e9faf1f6916c00eebb4e9304f8ba9517c9
4acceb27d5386747691dd12c5370dbd49802c855347c17b9b0d8ca3f98cc9a7f
4b488f2de1aee5abf08fedc2ff5547852ba8b2748ff30408f2e831cb92f7a71e
4c6b1995eb4968255e21f88b09bab157a4afa6047c2c099d995b33b83bc6029d
517b99ef8ecdc4aa734b2d659ef7e43b0d52acebf9bebc07847dd486c5c50ebf
5260d94ea3da7034227de29817a1c0a524f897ef32325cece70720bed3e03d72
5266d5157c13576135475a4e12581f816b6184650caca9dc097b76633d8b7e69
52adbad8f15ff713261524bba7c7b6c8055caa80ff0f2cbd0a0042f669e3462e
548e6d82364bc963022572f79b1f9a25b8cc6b50d20f9c5aa927e8f9a0349afd
54bd419d9505c7fbd64c84136eff41737a2911d588efef0ccc2267f0b3a73997
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
5759f31fc7fea7a28d60b457857c24c614645bb95ebc37522934aa3ce6ee48c6
5871c37bf2b44471207d8398cc773aa6260c9f0204bab6d0a59e23d012b591e5
628e97d5c061cab283317499fbbc7c93dd474c9eaa18b333f5b59bc0022c99be
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6a46d24641c9c7547bf5354b5bd55a3ab70ea00065586a9e05ce43ae54a0b431
6ca2534ccf285163aed881789e7dff15ab7e50f5b6f184559c18206ec82e9a39
6d00ab2039c403ba0ff1131f7c3d2957a6393e62130099f18b9edfc0d6979a3c
7275437de0752a12e8e308fb781792b81a4322261b3bde3873a1c77ce292c5e1
79b920c92fa02edc8f25bcfe0c28297cede789fb0e3e6275f612e2ad6d077c4f
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c0ec2924b2b11e41b1ce688693749e7752be1d2cce837fd81098b5c94488803
7d9593a8e527d7188946144abc8bc0eb33947b6bac122f06505b6d8a055bb2c7
809240d2f615cb172773c567496ac4ae67d66bb17eab378f358ead1639b8871b
82e52f0e7997d459528dbe1cd7b904510f5e0ac6b3a712d7d8689bbc54bc8f97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853bca381644d813e309ed7d034c5da6737aec2741dc28f52e5344cd5baf012d
862250065afb1cf9288eef238739938a786482b4657e2f705cb6136678c37de3
86b2f7ab7a2f5b4c37cda08f6f15fcc5f526aff6a2f7eb4d9e4d1601b3198f6f
8cd0d08585bcea85d539958a67c7d051f1b6072703f808de09114289f07ac55f
8ced9a77d624308e1f39d3384a0b32c9f8dd312d343c1f8154f829735a3debb7
90c1a03744155c490b8a88305dd703443f6346851a47b39812291ebc23516fce
91ce38d680cba5d0a5940ed32f09a815b63df85a48f4b29d5a4da76538ed75a5
922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5
92e114da8a28183a2030e1938445ee4ed45f67979c67ee0bd6e8b75ccccdcedb
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
974992cb3b723cd673814b8c73aaa9b6dc22aff6604f4a8b643d2e321ca7427c
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99b4156323dc82d355c6a62f6f668ccd05705c938fff878f362db3ba143cc66d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2
9ee83d76d1dca56e2d0a938933f41d18440b07c8ef7f56267c548fcfda4cf51a
9f34aacdf03b0b576b8bee6c27a54318534d87af345817f3fe18c99ebed797f6
9ffc4c26c92192a5252e62f0f8f326017695f430196e2f127773dc752d6fd769
a1776da4a07416faf818eb28a40470b42854f30beeb9b52b4f9d31b21706ad93
a1d86acaf1ff2a8f2f02467b204b5a6670430663894cc3fb815641c0ec7c6d2d
a3bbb5d5eefa492bbf9f7da8b69e805d238a6513ec56764fc7bed4e42641e341
a49ef57dcfdb2f096c56700f3185dcc75542b9b884780425be1212f19e0f8dcb
a5ba65e9c2f737d7d29d526a6bceef214b0698bcf788613f1ada10e728faba1b
a77ca9f6933ffcc4e79fc270ef64669f0ee5643f59d821add684a66c9d8bc633
aa67202d6fd3aa6689dad4b83b66e8cc5f3dae3dcb2152b3dac961a8899c3093
ab87cd626a4aef2d3955e831a2dc64337054623021ee889e0082d32c9d66961d
ac3511b92316824c5f58f3befd5b93df712fafe404bd84250c2453732b39a89d
ac572e11fdf826b70c9f1a129d21c5bf1da8d72257893910257876628ab54128
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b58e63522ed30c37d93941fd881ae0329f54371eede6871e91781031de5fc84b
b7e3b9ceef7c82a53f111f3723469f9ea1e4d80572760c44ba75cda585f8b305
b915790ab666dafed37820653f8d2a4c340fbdf71d5f311fc2f73ea91901dc24
bc21778ba7ea0483b8d2f1b97cba7328de1fad24ec1832e90a5691cb862e2e3b
bc4966dfeae31353586904404bd500dcb756ad217c6f0ed405cd88b784b654db
bd093508127b396fc1d7191606388040eeb094b64c4eadb2d94760835af39ee1
bf12f95b980dfa2a5d095c5e0f3dd537e6f095a0adad1a5b5463f89e73dbe50e
c16a7dfbe074d75ee2e74fc08f95bf824efa9442a2342cfe7865ca81f02fa6de
c46f1007e48cdf62e728326dc954ddf0cfec0387f093228d28ae36250458f6b9
c55ed1b9ea009a079d6e2ff4cf0dc71872bd180700a02b1488257d81813a51bc
c8ad9b7748abdef046ea99ddfeb62a7bab85558fe719e91a38982f9c34b180fb
ca100f67c3c832bfa7cb76afcc6ecbbe307ccba2eaed8cf35628637a36febc1f
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
cc69c55b0e02220a8949e8c74ce813a73da2615355c65460c27c438246100f01
cdddce71fdc2455dfef89c6ca6bd4a2d38b0508268fb5315a8b4c3035282e471
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d12689d61192d2b29fb7825ab72f9dc389c7efd4edfb811099f7f9dd48148355
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d28a3fb90d36dd110e6b486e9614403436d862203e473a642cb1f38339f1baf9
d2a692aef79cfbc33516c6c61862cc45d0a935f71ab4f925359a180ce44dc60b
d74063184fe81263b626046e701bc3989e10b8e7ab3edf3831657c9289347ac3
d7411cf9e9b65b6b9ac52189a9b4a00af78afe2db10bcf73fc5ca7b6acbbab96
dae5bcfb262c5b42c1caaa02e12c1d6c78a11a40c02ff147a8510eb4149d6920
dae72bda8b46cc7e176d1c2d56d524224a4166a7108109a4f10f3b12fe48b51a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e034d2e03adfb671d4042d091a16afa0559054b263dfe7574a3f96fa74b5050d
e0f8d6f5befc647d3d623b57fda9286b0e3d73c82c2145d6b51e179776a8da57
e13aa256ba6a5ac89a8aebd90e847e553d7cb04afd59ddd5688ea5741740a870
e1e053ab5104b844528d423f512091e80520587aba630a93f8c2a7d72fdf6900
e32d29d0231dc446781d9c7ac46397b38cc966ee68e6c6a61b4af30483a45c71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61aae49d6e13114e756afc4de8da6c44844636ddf1a81bb773e123162fef644
e73c46aaa8da9eaff6eeb041887f1f4c278086f79a2faebfec17fa2f9af5ef1b
e85cf06ac9ea469abc6dd7f696e9cbf93da324837703e97966c1b8ff3b7bb543
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13882fab24b949d9c075853887475fa13183b74dcea0bea3a5aa502bf0084c2
f553f6b2a866f141b651e929e5a62d6ebc785dcace0e3f124e2df6e7b86524c8
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6cf583c44c4a2d67623535d450edd9e568382f8d4bb206e9af8d2ce4b2da021
f6d5bd15fabc5ec7a64a905d955d354490f4488c2e52a43c42fb50b15e1d9715
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f88db0dd020ce6d0ea1b7a0edde19fe3741baf410ed1bb6cdae03fc4c98ea4f3
f9fa6f499321831a2f31339a31f5a8f4316f9b1566b7f138dc06e977ee89706f