urlscan.io logo urlscan.io
SecurityTrails logo

login-application.stg.creditas.io Open in urlscan Pro
2a03:b0c0:3:d0::d23:d001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login-application.stg.creditas.io/
Effective URL: https://login-application.stg.creditas.io/auth/
Submission: On September 01 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d23:d001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is login-application.stg.creditas.io.
TLS certificate: Issued by R3 on September 1st 2021. Valid for: 3 months.
This is the only time login-application.stg.creditas.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
7 34.120.195.249 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.27 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.247.243.147 13335 (CLOUDFLAR...)
2 52.1.83.253 14618 (AMAZON-AES)
29 9
13    2a03:b0c0:3:d0::d23:d001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
login-application.stg.creditas.io
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
7    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o274735.ingest.sentry.io
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    2606:4700::6810:e25b (United States)

ASN13335 (CLOUDFLARENET, US)
assets.creditas.com
3    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
2    52.1.83.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-83-253.compute-1.amazonaws.com
api.stg.creditas.io
Domain Requested by
13 login-application.stg.creditas.io 2 redirects login-application.stg.creditas.io
7 o274735.ingest.sentry.io login-application.stg.creditas.io
3 bam-cell.nr-data.net login-application.stg.creditas.io
3 assets.creditas.com login-application.stg.creditas.io
2 api.stg.creditas.io login-application.stg.creditas.io
1 js-agent.newrelic.com login-application.stg.creditas.io
1 www.googletagmanager.com login-application.stg.creditas.io
1 www.googleoptimize.com login-application.stg.creditas.io
29 8

This site contains no links.

Subject Issuer Validity Valid
login-application.stg.creditas.io
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.ingest.sentry.io
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
api.stg.creditas.io
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-application.stg.creditas.io/auth/
Frame ID: 13B416B56EFB6DCAD13DBF80EBA14971
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Taxas baixas de verdade - Creditas

Page URL History Show full URLs

  1. https://login-application.stg.creditas.io/ HTTP 301
    https://login-application.stg.creditas.io/auth HTTP 301
    https://login-application.stg.creditas.io/auth/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

584 kB
Transfer

1856 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login-application.stg.creditas.io/ HTTP 301
    https://login-application.stg.creditas.io/auth HTTP 301
    https://login-application.stg.creditas.io/auth/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login-application.stg.creditas.io/auth/
Redirect Chain
  • https://login-application.stg.creditas.io/
  • https://login-application.stg.creditas.io/auth
  • https://login-application.stg.creditas.io/auth/
1 KB
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
08d3613013788fc870f3293155fcfc3ee4be5c6a411d1a60cd8e6bd9dd9ce04e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
login-application.stg.creditas.io
:scheme
https
:path
/auth/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 01 Sep 2021 21:02:25 GMT
etag
"dcda94f3bf06fdf35b4736003cf060d3-ssl-df"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
server
Netlify
x-xss-protection
1; mode=block
content-length
453
content-encoding
br
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-content-type-options
nosniff
x-frame-options
DENY
x-nf-request-id
01FEHJQ2RYAPY0JMJG71GBD1R0
age
0

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 01 Sep 2021 21:02:24 GMT
etag
"dcda94f3bf06fdf35b4736003cf060d3-ssl-df"
strict-transport-security
max-age=31536000
server
Netlify
x-xss-protection
1; mode=block
age
2
content-length
453
location
/auth/
cache-control
max-age=0,no-cache,no-store,must-revalidate
x-content-type-options
nosniff
x-frame-options
DENY
x-nf-request-id
01FEHJQ2K1Y272KQ1P6433TGSX
new-relic.js
login-application.stg.creditas.io/auth//scripts/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6d1d1de4db78bda1deb5d7cb314b78fd4728325a4eb61c6aa2224e3f93a63f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth//scripts/new-relic.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ36JV8PPYEX3M7TX8F8J
date
Wed, 01 Sep 2021 21:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
69
x-frame-options
DENY
etag
"77c116553dfd1137c80eaf4a7dc3ff4d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
optimize.js
www.googleoptimize.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T9FHC7M
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4648a8521a93b0022a3ce440674a47bce85487b963709cf329f9cd1bb12f85ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:02:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42814
x-xss-protection
0
expires
Wed, 01 Sep 2021 21:02:25 GMT
vendors~main-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/vendors~main-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
d02e33b01f29207ca74f3e3363e606be4a2c52aada863d72f9b9e62560da91b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/vendors~main-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ36JP7T3MPFHQVR6CC2R
date
Wed, 01 Sep 2021 21:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
69
x-frame-options
DENY
etag
"e8310d8cd9598777ec66f527c93f517f-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
main-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/main-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
baa60f05fee1c0102e4dbefb0d29a2f9f2ea6383687aec777a2b1277b1474a4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/main-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ36JMD9BYTME4TGTVQ5A
date
Wed, 01 Sep 2021 21:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
69
etag
"05c10cb3339c2b59b1ead8a230eac4d0-ssl-df"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
1247
x-xss-protection
1; mode=block
8-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		1006 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/8-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
3ca9fbe3432053e334744db4e33b6de9c4415ea5262309c52a019ab4317f9362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/8-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ3NXGSRR9BNAJTNXJN62
date
Wed, 01 Sep 2021 21:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
69
x-frame-options
DENY
etag
"459729d61b7a4c6774b7bfb19bdad902-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
14-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/14-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
eb76c5a63ceafd6fd9ba91e9d12afe8cc533d075a66f33831d45ff18d486bcc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/14-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ3P0CWH41234RGDKZF8H
date
Wed, 01 Sep 2021 21:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
69
x-frame-options
DENY
etag
"c7ca3ca42c88c3ac55c86d2d4a50e935-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:28 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
gtm.js
www.googletagmanager.com/ 		158 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSFBCCL
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a9b9c465c110d58fe8ec4e9ea576ce09c46e151f47a47eda7404fb6330e4de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:02:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58102
x-xss-protection
0
expires
Wed, 01 Sep 2021 21:02:28 GMT
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:28 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:28 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
nr-spa-1210.min.js
js-agent.newrelic.com/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding
gzip
etag
"d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id
WX0V4HYCNZMQF8V1
x-cache
HIT
content-length
15563
x-amz-id-2
V3NWDRAGc9SgNVtEBWiiDcINCoTerPj471IMrsQhETN32n9I20g9CtqBNYipCh1nBoNnp81FM40=
x-served-by
cache-fra19133-FRA
last-modified
Tue, 22 Jun 2021 22:47:08 GMT
server
AmazonS3
x-timer
S1630530149.171717,VS0,VE0
date
Wed, 01 Sep 2021 21:02:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2240
sp.js
assets.creditas.com/de-assets/snowplow/2.13.0/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.creditas.com/de-assets/snowplow/2.13.0/sp.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3463
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
15Z8S6BPVHPYMSZP
x-amz-id-2
HzhHWsj8icssLCVgvVgaBuEKYouTaYjmni0FdOc28srM7+lL+i44s1GFtPYRAtelP5FYlFGVJkg=
last-modified
Mon, 22 Feb 2021 18:53:52 GMT
server
cloudflare
etag
W/"d34ad5a83bfc62211576c2bdcb347936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
688170984bcb5bf1-FRA
expires
Thu, 01 Sep 2022 21:02:29 GMT
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:29 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:29 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:29 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
/
o274735.ingest.sentry.io/api/3163706/envelope/ 		2 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o274735.ingest.sentry.io/api/3163706/envelope/?sentry_key=4c7f7f0752a3438789b271b7d38cda04&sentry_version=7
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:29 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
0-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/0-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6bbc6b543bc204455877f6a6bcf4dcab8f5511792017792479a9a08385080a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/0-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ6VXSJWFWJV6YJM06CJN
date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
0
x-frame-options
DENY
etag
"cff52f30f8ac6dd06fd54d65e5aaaf9d-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
2-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/2-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
52e5a370319474c38353a9c1331ce5f60e47593536a415662a966d34618b0696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/2-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ6VZMJABXNQ6D03Z8V0J
date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
0
etag
"33af64899891e6ec243d12745a3c6142-ssl-df"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
content-length
4244
x-xss-protection
1; mode=block
10-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/10-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b18d2ec2f9a06cc8cbda10502d736c5c256d3a99ce82203523e531900d822666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/10-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ6VZEFT6DZ3AQHED4FT0
date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
0
x-frame-options
DENY
etag
"2d586a03f2416f6dfd8096d40721a07b-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
1-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		41 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/1-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
53afc9a583627d6a80ac95499e9011756c76978448caabd6332105b3792895d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/1-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ6VZRAE0WP209TBDAE2T
date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
0
x-frame-options
DENY
etag
"71a97b2c54ea8e6b17e728f34146a3fe-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
24-649d17aea01911381ab5.js
login-application.stg.creditas.io/auth/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-application.stg.creditas.io/auth/24-649d17aea01911381ab5.js
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
33c214f9370cb0dd33f70b2333ef69d0e8a9098d15cf678cae79aef3f844459f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/24-649d17aea01911381ab5.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
login-application.stg.creditas.io
referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://login-application.stg.creditas.io/auth/passwordless/identificacao
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id
01FEHJQ6W0QAC65THG13R4BZ01
date
Wed, 01 Sep 2021 21:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
Netlify
age
0
x-frame-options
DENY
etag
"4e250864e7076e7ffc449724297137b2-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0,no-cache,no-store,must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-xss-protection
1; mode=block
b176554f6e
bam-cell.nr-data.net/1/ 		49 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/b176554f6e?a=357371964&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=4979&ck=1&ref=https://login-application.stg.creditas.io/auth/passwordless/identificacao&be=1336&fe=4602&dc=1462&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1630530144498,%22n%22:0,%22r%22:0,%22re%22:556,%22f%22:556,%22dn%22:556,%22dne%22:556,%22c%22:556,%22ce%22:556,%22rq%22:557,%22rp%22:879,%22rpe%22:880,%22dl%22:916,%22di%22:1461,%22ds%22:1462,%22de%22:1462,%22dc%22:4602,%22l%22:4602,%22le%22:4603%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=4520&jsonp=NREUM.setToken
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 21:02:31 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlRaCAMIU1RUFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDC1MNU3RMB05WAhtDA1ILV1QFBQcFVAYHVwACBkBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
688170a12dff4236-AMS
tp2
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 		2 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-83-253.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 21:02:30 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-kong-proxy-latency
43
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://login-application.stg.creditas.io
x-kong-upstream-latency
8
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/plain; charset=UTF-8
content-length
2
tp2
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Server
52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-83-253.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://login-application.stg.creditas.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 01 Sep 2021 21:02:30 GMT
content-length
0
vary
Origin
access-control-allow-origin
https://login-application.stg.creditas.io
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,OPTIONS,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-kong-response-latency
1
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2b6c05e636dc2edcaf984d5868c6a9d04dd3c4b1b853e983a19698c5490b019

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
HelveticaNowDisplay-Regular.woff2
assets.creditas.com/design-system-assets/fonts/helvetica-now-display/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.creditas.com/design-system-assets/fonts/helvetica-now-display/HelveticaNowDisplay-Regular.woff2
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://login-application.stg.creditas.io
Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:02:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
68HYM1Z1CQYFY1R0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
41644
x-amz-id-2
6c+kc2iY7/JMZPLn6R6NhzF/gqLFlr5EYkCMQJAamn0ya+x5hC33daxnOADIw5HglTvO1o/zIgw=
last-modified
Thu, 08 Apr 2021 18:19:24 GMT
server
cloudflare
etag
"a308f4a646391c18a57ca2256c6c809f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6881709f7c2d4a55-FRA
expires
Thu, 01 Sep 2022 21:02:30 GMT
HelveticaNowDisplay-Light.woff2
assets.creditas.com/design-system-assets/fonts/helvetica-now-display/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.creditas.com/design-system-assets/fonts/helvetica-now-display/HelveticaNowDisplay-Light.woff2
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:e25b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3df9a9b9707ee5bd8d80150a4ae607e2f41222898d915489cf7d7c44185a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://login-application.stg.creditas.io
Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 21:02:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
68HW671RVV18T1C7
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44428
x-amz-id-2
eKk+9fBRT/PlAVAAQDLdzWs+iMV5ClsURBfalquUJ+L8eppTmpRFyEMrH1i49FzvuyOzRu8+2X8=
last-modified
Thu, 08 Apr 2021 18:19:24 GMT
server
cloudflare
etag
"848e644286782085254309297686556a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6881709f7c2f4a55-FRA
expires
Thu, 01 Sep 2022 21:02:30 GMT
b176554f6e
bam-cell.nr-data.net/events/1/ 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/b176554f6e?a=357371964&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=6683&ck=1&ref=https://login-application.stg.creditas.io/auth/passwordless/identificacao
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 01 Sep 2021 21:02:32 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://login-application.stg.creditas.io
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
688170a7a8014236-AMS
Content-Length
24
b176554f6e
bam-cell.nr-data.net/events/1/ 		24 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/b176554f6e?a=357371964&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=14979&ck=1&ref=https://login-application.stg.creditas.io/auth/passwordless/identificacao
Requested by
Host: login-application.stg.creditas.io
URL: https://login-application.stg.creditas.io/auth//scripts/new-relic.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://login-application.stg.creditas.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 01 Sep 2021 21:02:39 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://login-application.stg.creditas.io
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
688170d8cd234236-AMS
Content-Length
24

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| google_tag_manager object| dataLayer object| google_optimize object| webpackJsonp object| SENTRY_RELEASE function| singleSpaNavigate object| System function| define object| __core-js_shared__ object| core object| global function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| singleSpa object| config object| GlobalSnowplowNamespace function| snowplow_stg string| variant_value function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow boolean| __EMOTION_REACT_11__

0 Cookies

3 Console Messages

Source Level URL
Text
console-api info URL: https://login-application.stg.creditas.io/auth/8-649d17aea01911381ab5.js(Line 50)
Message:
%cDownload the React DevTools for a better development experience: https://fb.me/react-devtools font-weight:bold
console-api warning URL: https://login-application.stg.creditas.io/auth/8-649d17aea01911381ab5.js(Line 92)
Message:
You rendered descendant <Routes> (or called `useRoutes`) at "/auth/" (under <Route path="/">) but the parent route path has no trailing "*". This means if you navigate deeper, the parent won't match anymore and therefore the child routes will never render. Please change the parent <Route path="/"> to <Route path="//*">.
console-api warning URL: https://login-application.stg.creditas.io/auth/8-649d17aea01911381ab5.js(Line 92)
Message:
Warning: componentWillMount has been renamed, and is not recommended for use. See https://fb.me/react-unsafe-component-lifecycles for details. * Move code with side effects to componentDidMount, and set initial state in the constructor. * Rename componentWillMount to UNSAFE_componentWillMount to suppress this warning in non-strict mode. In React 17.x, only the UNSAFE_ name will work. To rename all deprecated lifecycles to their new names, you can run `npx react-codemod rename-unsafe-lifecycles` in your project source folder. Please update the following components: %s n

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stg.creditas.io
assets.creditas.com
bam-cell.nr-data.net
js-agent.newrelic.com
login-application.stg.creditas.io
o274735.ingest.sentry.io
www.googleoptimize.com
www.googletagmanager.com
151.101.13.27
162.247.243.147
2606:4700::6810:e25b
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200e
2a03:b0c0:3:d0::d23:d001
34.120.195.249
52.1.83.253
08d3613013788fc870f3293155fcfc3ee4be5c6a411d1a60cd8e6bd9dd9ce04e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
33c214f9370cb0dd33f70b2333ef69d0e8a9098d15cf678cae79aef3f844459f
3a9b9c465c110d58fe8ec4e9ea576ce09c46e151f47a47eda7404fb6330e4de1
3ca9fbe3432053e334744db4e33b6de9c4415ea5262309c52a019ab4317f9362
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4648a8521a93b0022a3ce440674a47bce85487b963709cf329f9cd1bb12f85ea
4c3df9a9b9707ee5bd8d80150a4ae607e2f41222898d915489cf7d7c44185a77
52e5a370319474c38353a9c1331ce5f60e47593536a415662a966d34618b0696
53afc9a583627d6a80ac95499e9011756c76978448caabd6332105b3792895d8
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
6bbc6b543bc204455877f6a6bcf4dcab8f5511792017792479a9a08385080a1c
6d1d1de4db78bda1deb5d7cb314b78fd4728325a4eb61c6aa2224e3f93a63f9e
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
b18d2ec2f9a06cc8cbda10502d736c5c256d3a99ce82203523e531900d822666
b5fa9ba6de8ab858c6a0646ad8b88faaa1feba3f53bc841f2f81f8eab8ac5a99
baa60f05fee1c0102e4dbefb0d29a2f9f2ea6383687aec777a2b1277b1474a4a
d02e33b01f29207ca74f3e3363e606be4a2c52aada863d72f9b9e62560da91b6
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
eb76c5a63ceafd6fd9ba91e9d12afe8cc533d075a66f33831d45ff18d486bcc7
f2b6c05e636dc2edcaf984d5868c6a9d04dd3c4b1b853e983a19698c5490b019