portal.xpi.com.br Open in urlscan Pro
95.101.111.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emaillink.xpcorretora.com.br/ls/click?upn=-2FRN-2BlKzTCUSkg4Ai79ZUKWMflXi2grP-2F3WqqvjF7zHnzHyXKBcOLuqbpTMxj5bhXz53c_lVFKehpy...
Effective URL:
https://portal.xpi.com.br/
Submission: On May 15 via api (May 15th 2023, 5:39:35 pm UTC) from BR — Scanned from DE

Summary HTTP 216 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 32 domains to perform 216 HTTP transactions. The main IP is 95.101.111.157, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is portal.xpi.com.br.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 16th 2022. Valid for: a year.

This is the only time portal.xpi.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.83 167.89.118.83	11377 (SENDGRID) (SENDGRID)
1 46	95.101.111.157 95.101.111.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 12	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.27.42 13.32.27.42	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:184::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
3 8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
6 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
3	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:f000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	44.241.21.252 44.241.21.252	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
32	95.101.111.153 95.101.111.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.231.104.205 18.231.104.205	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.58 13.225.78.58	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.89.51 143.204.89.51	16509 (AMAZON-02) (AMAZON-02)
1 1	95.101.54.99 95.101.54.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.101.54.145 95.101.54.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
2	52.40.162.28 52.40.162.28	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
11	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
1	44.195.167.92 44.195.167.92	14618 (AMAZON-AES) (AMAZON-AES)
2	18.66.97.3 18.66.97.3	16509 (AMAZON-02) (AMAZON-02)
216	45

1 167.89.118.83 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net

emaillink.xpcorretora.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 95.101.111.157 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-157.deploy.static.akamaitechnologies.com

portal.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customerattendance.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-42.fra56.r.cloudfront.net

xp.dnofd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd311.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

9143205.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 6 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.21.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-21-252.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 95.101.111.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

cdn.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.231.104.205 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-231-104-205.sa-east-1.compute.amazonaws.com

s.dnofd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-58.fra2.r.cloudfront.net

ofdb-u.dnofd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-51.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.99 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-99.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-145.deploy.static.akamaitechnologies.com

xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.40.162.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-162-28.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

cdn.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.167.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-167-92.compute-1.amazonaws.com

ipa.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-3.fra56.r.cloudfront.net

events.elev.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	xpi.com.br 1 redirects portal.xpi.com.br cdn.xpi.com.br — Cisco Umbrella Rank: 615639 api.xpi.com.br — Cisco Umbrella Rank: 587117 customerattendance.xpi.com.br static.xpi.com.br	2 MB
19	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4631 udc-neb.kampyle.com — Cisco Umbrella Rank: 2405	136 KB
15	doubleclick.net 5 redirects 9143205.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 pubads.g.doubleclick.net — Cisco Umbrella Rank: 425 stats.g.doubleclick.net — Cisco Umbrella Rank: 91	12 KB
15	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4217 adservice.google.com — Cisco Umbrella Rank: 83	29 KB
14	elev.io cdn.elev.io — Cisco Umbrella Rank: 29040 ipa.elev.io — Cisco Umbrella Rank: 28269 events.elev.io — Cisco Umbrella Rank: 276761	141 KB
10	google.de www.google.de — Cisco Umbrella Rank: 5171	1 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	448 KB
9	linkedin.com 6 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 px4.ads.linkedin.com — Cisco Umbrella Rank: 6490 www.linkedin.com — Cisco Umbrella Rank: 645	5 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1059 p.clarity.ms — Cisco Umbrella Rank: 7927 c.clarity.ms — Cisco Umbrella Rank: 1586	23 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 179	58 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	416 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	4 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2296 xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2305 fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 254	13 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	41 KB
4	dnofd.com xp.dnofd.com — Cisco Umbrella Rank: 255266 s.dnofd.com — Cisco Umbrella Rank: 431725 ofdb-u.dnofd.com — Cisco Umbrella Rank: 722693	182 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	247 B
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 690	1 KB
3	t.co t.co — Cisco Umbrella Rank: 510	784 B
2	eum-appdynamics.com col.eum-appdynamics.com — Cisco Umbrella Rank: 3050	1 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1613	29 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	135 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1313 c.go-mpulse.net — Cisco Umbrella Rank: 625	52 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4294	117 KB
1	akstat.io 684dd311.akstat.io — Cisco Umbrella Rank: 87703	203 B
1	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3893	17 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1143	175 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1034	374 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 885	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 718	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1019	56 KB
1	xpcorretora.com.br 1 redirects emaillink.xpcorretora.com.br	227 B
216	32

	Domain	Requested by
35	portal.xpi.com.br	1 redirects portal.xpi.com.br
22	cdn.xpi.com.br	portal.xpi.com.br cdn.xpi.com.br
12	api.xpi.com.br	portal.xpi.com.br
12	www.google.com	3 redirects portal.xpi.com.br www.gstatic.com www.google.com
11	cdn.elev.io	customerattendance.xpi.com.br cdn.elev.io portal.xpi.com.br
10	www.google.de	portal.xpi.com.br 9143205.fls.doubleclick.net
10	nebula-cdn.kampyle.com	www.googletagmanager.com nebula-cdn.kampyle.com portal.xpi.com.br
9	udc-neb.kampyle.com
8	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
6	www.googleadservices.com	9143205.fls.doubleclick.net www.googleadservices.com
5	static.xpi.com.br	cdn.xpi.com.br
5	px.ads.linkedin.com	5 redirects
5	www.googletagmanager.com	portal.xpi.com.br www.googletagmanager.com
5	fonts.googleapis.com	portal.xpi.com.br customerattendance.xpi.com.br static.xpi.com.br
4	customerattendance.xpi.com.br	cdn.xpi.com.br
4	p.clarity.ms	portal.xpi.com.br
4	9143205.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.google-analytics.com	portal.xpi.com.br www.googleoptimize.com www.googletagmanager.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	bat.bing.com	portal.xpi.com.br bat.bing.com
3	www.facebook.com	portal.xpi.com.br
3	analytics.twitter.com	portal.xpi.com.br
3	t.co	portal.xpi.com.br
3	px4.ads.linkedin.com	portal.xpi.com.br
2	events.elev.io	portal.xpi.com.br
2	col.eum-appdynamics.com	portal.xpi.com.br
2	c.clarity.ms	1 redirects
2	adservice.google.com	9143205.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com portal.xpi.com.br
2	cdn.segment.com	portal.xpi.com.br cdn.segment.com
2	www.clarity.ms	portal.xpi.com.br www.clarity.ms
2	connect.facebook.net	portal.xpi.com.br connect.facebook.net
2	xp.dnofd.com	portal.xpi.com.br
1	ipa.elev.io	portal.xpi.com.br
1	fast.wistia.com	static.xpi.com.br
1	fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	684dd311.akstat.io	s.go-mpulse.net
1	cdn.appdynamics.com	portal.xpi.com.br
1	c.bing.com	1 redirects
1	ofdb-u.dnofd.com	xp.dnofd.com
1	s.dnofd.com	portal.xpi.com.br
1	api.segment.io	cdn.segment.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	portal.xpi.com.br
1	pubads.g.doubleclick.net	portal.xpi.com.br
1	snap.licdn.com	portal.xpi.com.br
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	c.go-mpulse.net	portal.xpi.com.br
1	s.go-mpulse.net	portal.xpi.com.br
1	emaillink.xpcorretora.com.br	1 redirects
216	56

This site contains links to these domains. Also see Links.

Domain
www.xpi.com.br
cadastro.xpi.com.br
cadastro.xpempresas.com.br
atendimento.xpi.com.br
customerattendance.xpi.com.br
api.whatsapp.com

Subject Issuer	Validity	Valid
xpi.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-09-16` - `2023-09-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.dnofd.com Amazon RSA 2048 M02	`2023-02-23` - `2023-11-02`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-23`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-26` - `2023-12-28`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
cdn.elev.io Amazon RSA 2048 M02	`2023-04-28` - `2024-05-26`	a year	crt.sh
*.elev.io Amazon RSA 2048 M02	`2023-02-21` - `2023-08-24`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://portal.xpi.com.br/
Frame ID: F770457128FEE0F29E02B88AEF442313
Requests: 188 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Frame ID: C61A5D5B5EE1A8C8722C41D3FA9478DB
Requests: 8 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F
Frame ID: 22853E1E6B15536C7B2FF9258B598710
Requests: 5 HTTP requests in this frame

Frame: https://ofdb-u.dnofd.com/web/ofdb/x.html
Frame ID: 5CBFE52F301B99270CC615AFA534420D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=rf41k1ku5uo8
Frame ID: D136E7C4545A984ADF9CC3DF8A9E379A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XP Investimentos - Login Seguro

Page URL History Show full URLs

http://emaillink.xpcorretora.com.br/ls/click?upn=-2FRN-2BlKzTCUSkg4Ai79ZUKWMflXi2grP-2F3WqqvjF7zHnzHyXKBcOLuqbpT... HTTP 302
http://portal.xpi.com.br/ HTTP 301
https://portal.xpi.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

216
Requests

96 %
HTTPS

49 %
IPv6

32
Domains

56
Subdomains

45
IPs

5
Countries

3980 kB
Transfer

13422 kB
Size

55
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.xpi.com.br/

Search URL Search Domain Scan URL

URL: https://cadastro.xpi.com.br/
Title: Ainda não sou cliente XP

Search URL Search Domain Scan URL

URL: https://cadastro.xpempresas.com.br/
Title: Ainda não sou cliente XP

Search URL Search Domain Scan URL

URL: https://atendimento.xpi.com.br/artigo/1433-saiba-como-alterar-o-seu-telefone
Title: clicando aqui

Search URL Search Domain Scan URL

URL: https://atendimento.xpi.com.br/artigo/1434-como-em-alterar-em-o-e-em-mail-em-cadastrado-em-minha-conta-xp
Title: clicando aqui

Search URL Search Domain Scan URL

URL: https://www.xpi.com.br/
Title: www.xpi.com.br

Search URL Search Domain Scan URL

URL: https://customerattendance.xpi.com.br/formszendesk/xp/index.html
Title: clique nesse formulário

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=551149352720&text=Oi
Title: (11) 4935-2720

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emaillink.xpcorretora.com.br/ls/click?upn=-2FRN-2BlKzTCUSkg4Ai79ZUKWMflXi2grP-2F3WqqvjF7zHnzHyXKBcOLuqbpTMxj5bhXz53c_lVFKehpyM1X4gp-2F1jw0ydd4mD3DayUq-2FewwgI9qbNYkpp4Qgq5L8l0tjE4vtMViagDrKitMcOmMXW2-2FUCoYwyGQ5-2Fzp3caDsWOqw4MvusX1byEY5JtxsgfQTJ9WvMvYIKGkV8xU3q6FG49jWo4pHshzqN3s0LvVN3Kcnu3Fqlo2BiiqyBpSoTuN7h7Nekl0W3rqikAkWOl48ujiJwDIz2mFuJg-2Fbjlljp1-2FY-2FD5IIhZrftXaFC2-2FB3JfcAqGJsOFiVwhRgj1dNkWAkJTxWGPYhcb5cC7AtCE4UfgzrPkiwwQK2QxeS62QMrgV3Tb6LWxscc1DIqDa63CibNgiJhP4n-2Fi-2Fecdbj49EGPKQe-2BH9u8TWuBAA0YW91qJEqH6p1FUG-2F3RRWoDNzyBCfUwI0V7Dg-3D-3D HTTP 302
http://portal.xpi.com.br/ HTTP 301
https://portal.xpi.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F

Request Chain 28

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F

Request Chain 42

https://px.ads.linkedin.com/collect/?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309 HTTP 302
https://px.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true&e_ipv6=AQJ7PRi1nTf-QgAAAYggft3pOuGuzjVCGJEVoPUU23kj21NNfLI0OG9iEtThTIWpOzTr0wbD

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4044697%26time%3D1684172364872%26url%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true&e_ipv6=AQIne3lD0EQoJQAAAYggft61owsyaY_H92ptStP5lLdy48Cw59lUChsl68G4XSDVp4VwRCHR

Request Chain 97

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TW5iZM7BLf6v9u8Pu6SZoAw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZM7BLf6v9u8Pu6SZoAw&cid=CAQSKQBygQiDATZmB53GTP6uFxz37BoZ9T2xuRyWqOQOXPsDlbc5N3LNUjbA&random=47116375&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZM7BLf6v9u8Pu6SZoAw&cid=CAQSKQBygQiDATZmB53GTP6uFxz37BoZ9T2xuRyWqOQOXPsDlbc5N3LNUjbA&random=47116375&resp=GooglemKTybQhCsO&ipr=y

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TW5iZN-HMM2d9u8P_8KAuAc&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZN-HMM2d9u8P_8KAuAc&cid=CAQSKQBygQiDmjcBT3qJT3N-sTaklwuDWYIV4U3PGbVNIzd1vhrUHXpCwsNH&random=2864219796&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZN-HMM2d9u8P_8KAuAc&cid=CAQSKQBygQiDmjcBT3qJT3N-sTaklwuDWYIV4U3PGbVNIzd1vhrUHXpCwsNH&random=2864219796&resp=GooglemKTybQhCsO&ipr=y

Request Chain 100

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TW5iZNHCM63F7_UPsca6gAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZNHCM63F7_UPsca6gAE&cid=CAQSKQBygQiDdJ3D5GLb0vjdJ3fNAPPoocAEL6kQcW270u-Q97e3107B69q5&random=1313624968&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZNHCM63F7_UPsca6gAE&cid=CAQSKQBygQiDdJ3D5GLb0vjdJ3fNAPPoocAEL6kQcW270u-Q97e3107B69q5&random=1313624968&resp=GooglemKTybQhCsO&ipr=y

Request Chain 148

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&RedC=c.clarity.ms&MXFR=2781CEB97B67669D2660DDAB7F6768B0 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&MUID=1BFA10EE3DBF68C9142D03FC3CBF6984

Request Chain 150

https://px.ads.linkedin.com/collect/?pid=1066761&fmt=gif&gtmcb=1682485124 HTTP 302
https://px4.ads.linkedin.com/collect?pid=1066761&fmt=gif&gtmcb=1682485124&e_ipv6=AQJwqP-pz_VDhAAAAYggfuj6LAmC1WPWgWPoa1IwcWCfHIO1mE6GiGmz_4NwIQaD789m16kS

Request Chain 152

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pln0lnz6p HTTP 302
https://xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 153

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pln0lnz6p HTTP 302
https://fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net/eum/results.txt

216 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portal.xpi.com.br/
Redirect Chain

http://emaillink.xpcorretora.com.br/ls/click?upn=-2FRN-2BlKzTCUSkg4Ai79ZUKWMflXi2grP-2F3WqqvjF7zHnzHyXKBcOLuqbpTMxj5bhXz53c_lVFKehpyM1X4gp-2F1jw0ydd4mD3DayUq-2FewwgI9qbNYkpp4Qgq5L8l0tjE4vtMViagDrKi...
http://portal.xpi.com.br/
https://portal.xpi.com.br/

64 KB
18 KB

1402ms
1381ms

Document
text/html

95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a49e7ef63352fb2de8663698426087a46df9345fde1c997c30fc0764c234fe1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store
content-encoding: gzip
content-length: 16233
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
content-type: text/html; charset=utf-8
date: Mon, 15 May 2023 17:39:22 GMT
expect-ct: maxage
expires: -1
pragma: no-cache
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
server: Microsoft-IIS/8.5
server-timing: cdn-cache; desc=MISS edge; dur=1208 origin; dur=49 ak_p; desc="467825_35115165_250703675_125736_12366_5_0";dur=1
strict-transport-security: maxage
vary: Accept-Encoding
x-akamai-transformed: 9 60923 0 pmb=mTOE,1mRUM,1
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge,chrome=1
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 15 May 2023 17:39:21 GMT
Location: https://portal.xpi.com.br/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="467825_35115165_250703404_13_433291_6_-";dur=1

GET
H2 200 adrum.js Show response
portal.xpi.com.br/Scripts/ 54 KB
14 KB 758ms
758ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/Scripts/adrum.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

676d8422b5d1a790e8119ece1d63040dc210183c85bf747207dde6875d690f15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=38, ak_p; desc="467825_35115165_250704451_23327_10596_10_0";dur=1
content-length: 14031
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache,public
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
936 B 135ms
51ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a1ca92f3f9e3fd5fe2055bc879f90215d9c1f4a137ad6daba763054e7809a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
x-xss-protection: 1; mode=block
expires: Mon, 15 May 2023 17:39:22 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 411 KB
165 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 22:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 22:54:31 GMT

GET
H2 200 OFDB.js Show response
xp.dnofd.com/ofdb/ 713 KB
159 KB 37ms
9ms Script
application/javascript 13.32.27.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.dnofd.com/ofdb/OFDB.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 222046bb759420cc945d50a40ba0da8f2dd965dffc0351254419b2bc317a791d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 17:33:15 GMT
x-amz-cf-pop: FRA56-C2
age: 473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 162283
last-modified: Wed, 10 May 2023 17:09:27 GMT
server: AmazonS3
etag: "22fea507f720533f867031daaf3cd4e5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: wrA7gHZhgZZ3hagpVDtbVY81py2oi5s9ueKqwCg4aTbcUa2R7uEtXw==

GET
H2 200 jquery.min.js Show response
xp.dnofd.com/ofdb/ 23 KB
9 KB 24ms
8ms XHR
application/javascript 13.32.27.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.dnofd.com/ofdb/jquery.min.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c00a1325478060ec4c95cae7b6b7a67b1764274dbd735636dd5a3daabc50feb2

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 17:33:15 GMT
x-amz-cf-pop: FRA56-C2
age: 471
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8363
last-modified: Wed, 10 May 2023 17:09:34 GMT
server: AmazonS3
etag: "88017c9e20fcbb27b5d0df4f12e1ed71"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 6dNiOYggFZYfJ21cmh1VK7LSKwnDZPOtKjrN7zHW1zsKgtp1gYHSSQ==

GET
H2 200 reset.css
portal.xpi.com.br/xpi/css/ 1 KB
1 KB 238ms
236ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/reset.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3ffb15573545729d2f1a2c847b172e2e0e43858fa58cffdc0db53f8c6db81655

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=198, origin; dur=13, ak_p; desc="467825_35115165_250704994_21041_8920_6_0";dur=1
content-length: 607
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 generics2012mc.css
portal.xpi.com.br/xpi/css/ 27 KB
6 KB 1009ms
1007ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/generics2012mc.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

54bd419d9505c7fbd64c84136eff41737a2911d588efef0ccc2267f0b3a73997

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=578, origin; dur=10, ak_p; desc="467825_35115165_250704995_58901_9176_5_0";dur=1
content-length: 5596
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 bootstrap.css
portal.xpi.com.br/content/ 128 KB
19 KB 1023ms
1021ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/content/bootstrap.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5d516f236853ee2afa1b902c135f81eb271ee247c101b1c25fa9f24211e6707b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=10, ak_p; desc="467825_35115165_250704996_20559_8725_5_0";dur=1
content-length: 18623
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 jquery-ui-1.9.2.custom.min.css
portal.xpi.com.br/content/jquery-ui-xp-theme/ 22 KB
5 KB 275ms
273ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/content/jquery-ui-xp-theme/jquery-ui-1.9.2.custom.min.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

25747c7308dc5a33ccd284257910d462ec6d732401469b0932db93f0fb588011

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=15, ak_p; desc="467825_35115165_250704997_21217_8727_5_0";dur=1
content-length: 4289
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 xpbootstrap.css
portal.xpi.com.br/content/ 117 KB
26 KB 601ms
599ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/content/xpbootstrap.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

90d658bf0f0773462aae96b479465ef6c4b076e1280533ae075874f7a8e1e90c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=58, ak_p; desc="467825_35115165_250704998_25471_8702_6_0";dur=1
content-length: 25345
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 minhaconta30.css
portal.xpi.com.br/xpi/css/ 17 KB
4 KB 247ms
246ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/minhaconta30.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2a798b43d205de53e3588023f488ef39b0f29b2edfd6e128115754b8c9994df3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=10, ak_p; desc="467825_35115165_250704999_20578_8735_6_0";dur=1
content-length: 3729
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 baseNew.css
portal.xpi.com.br/xpi/css/ 28 KB
6 KB 285ms
284ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/baseNew.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b915790ab666dafed37820653f8d2a4c340fbdf71d5f311fc2f73ea91901dc24

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=204, origin; dur=15, ak_p; desc="467825_35115165_250705000_22008_9030_6_0";dur=1
content-length: 5883
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 yield-home.css
portal.xpi.com.br/xpi/css/ 2 KB
1 KB 233ms
232ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/yield-home.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4192e92fc312be5443112921d93d4109e004865cc9b043d0aa4e88b340fc36d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:23 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=194, origin; dur=12, ak_p; desc="467825_35115165_250705001_20624_8915_6_0";dur=1
content-length: 575
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 responsive.css
portal.xpi.com.br/xpi/css/ 47 KB
8 KB 745ms
744ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/responsive.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

004a84114f6e1bd4c5042f9cf5842c7014c2b05a33a67d31093713c837064678

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=200, origin; dur=30, ak_p; desc="467825_35115165_250705002_23011_8762_5_0";dur=1
content-length: 7288
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 new-login-cs.css
portal.xpi.com.br/xpi/css/login/ 12 KB
4 KB 829ms
828ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/login/new-login-cs.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a5889484a1039b23247a058ec9ab7b29b1b36f86c1e3dea252a4edffe2624525

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=579, origin; dur=10, ak_p; desc="467825_35115165_250705003_58876_8945_5_0";dur=1
content-length: 2895
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 login-cs.css
portal.xpi.com.br/xpi/css/login/ 17 KB
4 KB 881ms
880ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/login/login-cs.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8ced9a77d624308e1f39d3384a0b32c9f8dd312d343c1f8154f829735a3debb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=586, origin; dur=11, ak_p; desc="467825_35115165_250705007_59843_6602_5_0";dur=1
content-length: 3373
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 accordion.css
portal.xpi.com.br/xpi/css/login/ 8 KB
2 KB 814ms
813ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/login/accordion.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3c872b84edaa31274ff9d473c79e5ea016b70d974dec8160aa22209994143beb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=581, origin; dur=10, ak_p; desc="467825_35115165_250705008_59143_7826_5_0";dur=1
content-length: 1579
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 xp-spinner.min.css
portal.xpi.com.br/xpi/css/atendimento/ 2 KB
1 KB 617ms
616ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/css/atendimento/xp-spinner.min.css

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5260d94ea3da7034227de29817a1c0a524f897ef32325cece70720bed3e03d72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=577, origin; dur=10, ak_p; desc="467825_35115165_250705009_58686_7808_5_0";dur=1
content-length: 519
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:00 GMT
server: Microsoft-IIS/8.5
etag: "06a8fabbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:300,400,700

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/new-login-cs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1390b37d41bf25297e61453d05926ca26423dc12d51dde6cc3ab323059cb3e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 16:26:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
938 B 81ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 17:14:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
677 B 82ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

140f422d2b9411b10a77818e21b279021c5b02c59019dbf03d538270166397ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 17:39:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2064
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 19:05:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 429 KB
120 KB 163ms
78ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85326302fc3ac76c5e13de8fd64ef9bd9cfc7d2a125772b24b0990c2817b8c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121990
x-xss-protection: 0
last-modified: Mon, 15 May 2023 16:09:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 8DDC3-DGW9A-K2LAS-M6TL2-STC4Q Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 37ms
7ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/8DDC3-DGW9A-K2LAS-M6TL2-STC4Q
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 12:45:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 scripts Show response
portal.xpi.com.br/bundles/ 331 KB
97 KB 488ms
488ms Script
text/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/bundles/scripts?v=nh79-wCWuC_SiipJcPbx-j30VC7ODqnTFMNpVp02qIs1

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e8b377a7219579fa8041b9bfd42aac4466e2eb77fc03627179d5fc87c89ba90b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=248, origin; dur=14, ak_p; desc="467825_35115165_250705515_26163_9678_5_0";dur=1
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
x-ua-compatible: IE=Edge,chrome=1
last-modified: Mon, 15 May 2023 17:39:24 GMT
server: Microsoft-IIS/8.5
expect-ct: maxage
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: public
access-control-allow-credentials: true
expires: Tue, 14 May 2024 17:39:24 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 2 KB
1 KB 94ms
54ms XHR
application/json 2a02:26f0:480:184::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=8DDC3-DGW9A-K2LAS-M6TL2-STC4Q&d=portal.xpi.com.br&t=5613908&v=1.632.0&sl=0&si=jmetdiwcwc9-rupnpp&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=597198
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 53dacf4edf6f45c1c881c25960fceeccf54ee9af399a71fd2083babbc0f480de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 17:39:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 745

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 172 KB
56 KB 273ms
57ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WTDNLDV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90be8f7d7f84f80d216e3990f19ec0d77da867ae10a828554550ccc2e6cfb352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 56626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 17:39:25 GMT

GET
H2

200

activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.16841... Show response
9143205.fls.doubleclick.net/ Frame C61A
Redirect Chain

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.168...
https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fport...

2 KB
883 B

86ms
84ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

b40a9069480c60503a7559b8ef3ea8b4acf6a5954e7c1774f88252497bb6cc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:39:25 GMT
expires: Mon, 15 May 2023 17:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:39:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u... Show response
9143205.fls.doubleclick.net/ Frame 2285
Redirect Chain

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F...
https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=...

1 KB
780 B

173ms
173ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

02603c44c4e1c7097e63fc23b65d42d0b25e49ac8e006c57515fa62fb6078f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 482
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:39:25 GMT
expires: Mon, 15 May 2023 17:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:39:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 43ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230032-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/ 2 KB
2 KB 283ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/635217008/?random=1684172364806&cv=11&fst=1684172364806&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=914510091.1684172365&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c162ba225d1b2ec4eb968888610eebdbde099661bdd53633318caf406ade1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1197
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 3 KB
1 KB 291ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1684172364810&cv=11&fst=1684172364810&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=914510091.1684172365&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aee9b164606bb5dc2ccf11bca0de0e2ea6cba0d600f1c17732e59e869dc1af28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/ 3 KB
1 KB 292ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10982704601/?random=1684172364810&cv=11&fst=1684172364810&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&label=cX-MCIju9YAYENmL-_Qo&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=914510091.1684172365&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e4a82771a4bbc5fb46c2d510607bedb0decdd114bf6298a957671554cf5198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
88 KB 80ms
80ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8DZM87&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ecbb596326f0ffe78193a0eb1785d03a486558f98d27a1720f7c219e392da1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90097
x-xss-protection: 0
last-modified: Mon, 15 May 2023 17:16:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
76 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K7SCJ3&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08587bf41e9564c83bdf3c8af119b958f1cbcf28ee8f5d4e56f60e03eed7b1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77688
x-xss-protection: 0
last-modified: Mon, 15 May 2023 17:16:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 17:39:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OyQTkP1EqzJBkTndOWQ0tgPdmVBhvyEGv+HR6vHv+Bc4sqkrRge8B0b5iUrM71ghfNBM+3W+O6LvPWbH5JOlZA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941062297

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5560e84e94d7004b9f3756cbcb4094a07ba57ab563c8c22f447caeadb5d3e111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53071
x-xss-protection: 0
last-modified: Mon, 15 May 2023 16:09:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/634815/onsite/ 1 KB
967 B 200ms
7ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32d71463afeb6dbbb127f92314ea4c3ea028284dd3010275856470f97bc181b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: GAShs3.Zrk70YfDv3FsRMyn1qghJIF.7
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:25 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 02H697GEB7PANQYN
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 518
x-amz-id-2: S+5FmZVn7Z89ajYpus5zwgY/Kc8GGGdCWGnjIvx2sSEhbUvwMdDobO89ux0EhpjZMBw98vrDFuc=
x-served-by: cache-fra-eddf8230034-FRA
last-modified: Mon, 15 May 2023 17:38:08 GMT
server: AmazonS3
x-timer: S1684172365.005791,VS0,VE2
etag: "b329daeea3c1c2638bb9e11fb6f18112"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 4ldwp954ta Show response
www.clarity.ms/tag/ 888 B
1 KB 286ms
94ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4ldwp954ta
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 85b855cae6b348895d013aad1697ef65c0ee97563502bf366154ac1a055262ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 15 May 2023 17:39:24 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0TW5iZAAAAACLGMMjU6cuT7xxf0Ka1anmRlJBMzFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 35ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=50612
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 104 KB
28 KB 35ms
11ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 335fb9aca83c238f7d7b55a9dcf4a17c9a283d4162b482fa1db310afc0cc585f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: aOtwdVOrlNC5jtPRk4tuj.7t086lRcp1
content-encoding: br
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 17:39:24 GMT
x-amz-cf-pop: FRA6-C1
age: 26
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 May 2023 22:09:08 GMT
server: AmazonS3
etag: W/"a4edb8cf77c3b5c4345dc91837365814"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: TTWBPNRHwwn6_Wox4Sl3YwysjtQVUygY2l58q99cltqYLjYS3sP3ig==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
80 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed7129681f8cdc16d7ea62e84e54f1cd0bd8c503c1ca91d0b35f33c1bd46fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 17:39:24 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309
https://px.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true
https://px4.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true&e_ipv6=AQJ7PRi1nTf-QgAAAYggft3pOuGuzjVCGJEVoPUU23kj21NNfLI0OG9iEtThTIWpOzTr0wbD

43 B
351 B

412ms
177ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true&e_ipv6=AQJ7PRi1nTf-QgAAAYggft3pOuGuzjVCGJEVoPUU23kj21NNfLI0OG9iEtThTIWpOzTr0wbD
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BC14DEFA353F4AEA80F87CB41879716A Ref B: FRAEDGE1806 Ref C: 2023-05-15T17:39:25Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAX7vu+ZbK9IX+lye4uhGg==

Redirect headers

date: Mon, 15 May 2023 17:39:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E6C0A9523CC342B8998851F72E800BF0 Ref B: FRAEDGE1312 Ref C: 2023-05-15T17:39:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=1066761&conversionId=6002305&fmt=gif&gtmcb=534630309&cookiesTest=true&e_ipv6=AQJ7PRi1nTf-QgAAAYggft3pOuGuzjVCGJEVoPUU23kj21NNfLI0OG9iEtThTIWpOzTr0wbD
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7vu+SvjDuiI0MpWh9yw==

GET
H2 200 DFPAudiencePixel;ord=%20[pubads.g.doubleclick.net]1545059305086735;dc_seg=6962937254
pubads.g.doubleclick.net/activity;dc_iu=/8003922/ 42 B
542 B 236ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/8003922/DFPAudiencePixel;ord=%20[pubads.g.doubleclick.net]1545059305086735;dc_seg=6962937254?

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 504012280243809 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/504012280243809?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d9c1064cf2b78f320b116c8bae30e319224da5627e6a3242695aba44d88f2c2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 17:39:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109847
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FYCsgODsOuWQIoWL8L4zKX1dbAI4+uRMrPoBjrFDSgefkP/0KF3ndaaB7Cnjf8RLYvem5fABWvgxDoVECIMKOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), idle-detection=(), serial=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 251ms
110ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=5&eci=2&event_id=422da4da-5e99-4c23-a949-a805d56a3ac8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4dt1&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b28f0d407120611a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 256e9deca76a8a41fe9a3603b2af7f14b7757c451922c546d6f119109f185009
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 255ms
115ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=5&eci=2&event_id=422da4da-5e99-4c23-a949-a805d56a3ac8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4dt1&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c67164ff5f06b089
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e8bbfd35ceeca752960c4a02fbb801068dc5270a319727713e9e94663bacf95e
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
204 B 116ms
115ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=213046a0-a89b-4225-bf41-cd5bea6bcbf9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&txn_id=o43cp&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5c4abea8bdb71daa
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 256e9deca76a8a41fe9a3603b2af7f14b7757c451922c546d6f119109f185009
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
547 B 117ms
116ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=213046a0-a89b-4225-bf41-cd5bea6bcbf9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&txn_id=o43cp&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 437232b5d0f788b0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e8bbfd35ceeca752960c4a02fbb801068dc5270a319727713e9e94663bacf95e
content-length: 43

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4044697/domain/portal.xpi.com.br/ 36 B
374 B 144ms
8ms XHR
application/json 2600:9000:20eb:f000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4044697/domain/portal.xpi.com.br/token
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:11:54 GMT
content-encoding: gzip
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1651
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: c63F4oqDFlN6xs8dji6LWsFojjVa2Z4TukdAx7A896nV1TEfWM4Naw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4044697%26time%3D1684172364872%26url%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true&e_ipv6=AQIne3lD0EQoJQAAAYggft61owsyaY_H92ptStP5lLdy48Cw59lUChsl68G4...

0
162 B

235ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true&e_ipv6=AQIne3lD0EQoJQAAAYggft61owsyaY_H92ptStP5lLdy48Cw59lUChsl68G4XSDVp4VwRCHR
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 419C007E85EE42C3BE55E704920D15D5 Ref B: FRAEDGE1806 Ref C: 2023-05-15T17:39:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7vu+Zd3q27XIIsTmX/g==

Redirect headers

date: Mon, 15 May 2023 17:39:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9F6A923088D749078031630F6D09B73F Ref B: FRAEDGE1312 Ref C: 2023-05-15T17:39:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4044697&time=1684172364872&url=https%3A%2F%2Fportal.xpi.com.br%2F&liSync=true&e_ipv6=AQIne3lD0EQoJQAAAYggft61owsyaY_H92ptStP5lLdy48Cw59lUChsl68G4XSDVp4VwRCHR
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7vu+V3Sw9ZRQVEPjnbw==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 774 B
1 KB 25ms
9ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 391c0ac2c492fec7973388144f628fcbdd8b6e76b4efebad59251f7795dffd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: _HR41ts4WAlS4NWpZFQOab1_..9H4pLh
date: Mon, 15 May 2023 17:05:51 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2032
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 774
last-modified: Wed, 21 Sep 2022 02:44:04 GMT
server: AmazonS3
etag: "562b59f24568650f9438d5ed5225db2a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: M4bA9fuv-kUKFVqNWF7U0ITFZyBwPiJJNzvwRLiRr2xu9nQD2HfnJQ==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 38ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504012280243809&ev=PageView&dl=https%3A%2F%2Fportal.xpi.com.br%2F&rl=&if=false&ts=1684172364894&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.2.1684172364891.1157624850&cs_est=true&it=1684172364853&coo=false&rqm=GET

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504012280243809&ev=ViewContent&dl=https%3A%2F%2Fportal.xpi.com.br%2F&rl=&if=false&ts=1684172364895&cd[value]=0&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.2.1684172364891.1157624850&it=1684172364853&coo=false&rqm=GET

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/ 2 KB
1 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941062297/?random=1684172364908&cv=11&fst=1684172364908&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=914510091.1684172365&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-941062297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9429ef2648ec986866530ddffd188eb86a69380ba3fffa4768afed1614ba3e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
204 B 111ms
110ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=43c37855-a2a3-4e96-b133-51db6cbacf35&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&txn_id=tw-o4dt1-oepyfhttps%3A%2F%2Fportal.xpi.com.br%2F&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3d4397f9f2aa83eb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 256e9deca76a8a41fe9a3603b2af7f14b7757c451922c546d6f119109f185009
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
547 B 125ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=43c37855-a2a3-4e96-b133-51db6cbacf35&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8de918a9-45d3-4b79-974d-c32c827a3d65&tw_document_href=https%3A%2F%2Fportal.xpi.com.br%2F&tw_iframe_status=0&txn_id=tw-o4dt1-oepyfhttps%3A%2F%2Fportal.xpi.com.br%2F&type=javascript&version=2.3.29

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 118
date: Mon, 15 May 2023 17:39:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fcae8dbf54bf778d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e8bbfd35ceeca752960c4a02fbb801068dc5270a319727713e9e94663bacf95e
content-length: 43

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 72ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 15 May 2023 17:39:24 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B67459F69FBB4A5EADC9A64D46EDB3CC Ref B: FRAEDGE1812 Ref C: 2023-05-15T17:39:25Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 49ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HM1230DXLC&gtm=45je35a0&_p=1793022412&_gaz=1&cid=2104091606.1684172365&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fportal.xpi.com.br%2F&sid=1684172364&sct=1&seg=0&dt=XP%20Investimentos%20-%20Login%20Seguro&en=page_view&_fv=2&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HM1230DXLC&cid=2104091606.1684172365&gtm=45je35a0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 162ms
77ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HM1230DXLC&cid=2104091606.1684172365&gtm=45je35a0&aip=1&z=1795569864

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
175 B 782ms
170ms Fetch
application/json 44.241.21.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.21.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-21-252.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://portal.xpi.com.br
date: Mon, 15 May 2023 17:39:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 fechar_banner_mobile.svg
portal.xpi.com.br/xpi/images/ 1 KB
1 KB 222ms
221ms Image
image/svg+xml 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/xpi/images/fechar_banner_mobile.svg

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

7019cc52e3031ac6d5fb585477ff1926273d2d4a1c57f26e81f8a2e38a46210a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=8, ak_p; desc="467825_35115165_250705814_20345_8961_5_0";dur=1
content-length: 569
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:02 GMT
server: Microsoft-IIS/8.5
etag: "097c0acbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 logo_xp_banner_mobile.svg
portal.xpi.com.br/xpi/images/ 3 KB
2 KB 223ms
222ms Image
image/svg+xml 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/xpi/images/logo_xp_banner_mobile.svg

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

cc57b4dac5943aaade305b63e5673ecd5760a529a18e21f73c53fb26ab111646

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=9, ak_p; desc="467825_35115165_250705815_20517_8873_5_0";dur=1
content-length: 1198
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:02 GMT
server: Microsoft-IIS/8.5
etag: "097c0acbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 xp_logo_home.png
portal.xpi.com.br/xpi/images/header/ 711 B
1 KB 222ms
222ms Image
image/png 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/xpi/images/header/xp_logo_home.png

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a49ef57dcfdb2f096c56700f3185dcc75542b9b884780425be1212f19e0f8dcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=9, ak_p; desc="467825_35115165_250705816_20592_8901_5_0";dur=1
content-length: 711
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:02 GMT
server: Microsoft-IIS/8.5
etag: "097c0acbc77d91:0"
expect-ct: maxage
content-type: image/png
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ScriptResource.axd Show response
portal.xpi.com.br/ 86 KB
28 KB 239ms
238ms Script
application/x-javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/ScriptResource.axd?d=KsN2F9I13MKIO0dOHrV78086SWW7VZCZcWhM1X3UeCrS78gU3PivqntrUU39ryXrkT0cnWkc7gYx4G5bQO7ImyrOQGjVXvkQyv50a5q-V8g4h_Pg0&t=397b6a7

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f1d2a34f883d83fe764db7fa3b17845cfd31f81ccd1426129111cde47437ad0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 15 May 2023 17:39:25 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=10, ak_p; desc="467825_35115165_250705826_20961_9648_5_0";dur=1
content-length: 27417
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
x-ua-compatible: IE=Edge,chrome=1
last-modified: Mon, 15 May 2023 06:13:50 GMT
server: Microsoft-IIS/8.5
expect-ct: maxage
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: public
access-control-allow-credentials: true
expires: Tue, 14 May 2024 06:13:50 GMT

GET
H2 200 img_bulletamarela2013v2.png
portal.xpi.com.br/xpi/images/login/ 1 KB
2 KB 265ms
265ms Image
image/png 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/xpi/images/login/img_bulletamarela2013v2.png

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/baseNew.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b58e63522ed30c37d93941fd881ae0329f54371eede6871e91781031de5fc84b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/xpi/css/baseNew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=221, origin; dur=11, ak_p; desc="467825_35115165_250705827_23630_9530_5_0";dur=1
content-length: 1166
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:02 GMT
server: Microsoft-IIS/8.5
etag: "097c0acbc77d91:0"
expect-ct: maxage
content-type: image/png
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 /
www.google.com/pagead/1p-user-list/635217008/ 42 B
327 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/635217008/?random=1684172364806&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1343569221&rmt_tld=0&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/635217008/ 42 B
108 B 122ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/635217008/?random=1684172364806&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1343569221&rmt_tld=1&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 9ms
9ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4ldwp954ta
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:24 GMT
content-encoding: br
last-modified: Thu, 11 May 2023 16:13:04 GMT
x-azure-ref-originshield: 0T6ZhZAAAAADpSSDTHT7KRaniXkFiFM9RRlJBMjMxMDUwNDE3MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB523A9A0D7A32"
x-azure-ref: 0TW5iZAAAAAAFmyiVZLckR5Alh4sr47SPRlJBMzFFREdFMDkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9bab6add-601e-0050-5c81-86ec8b000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 /
www.google.com/pagead/1p-user-list/10982704601/ 42 B
108 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10982704601/?random=1684172364810&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1601926267&rmt_tld=0&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10982704601/ 42 B
455 B 92ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10982704601/?random=1684172364810&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1601926267&rmt_tld=1&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10982704601/ 42 B
108 B 51ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10982704601/?random=1684172364810&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2864415914&rmt_tld=0&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10982704601/ 42 B
108 B 92ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10982704601/?random=1684172364810&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&label=cX-MCIju9YAYENmL-_Qo&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=2864415914&rmt_tld=1&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 145000350.js Show response
bat.bing.com/p/action/ 0
136 B 118ms
118ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/145000350.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 15 May 2023 17:39:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CCB4FDF3715F4854A3C54DDC162E9051 Ref B: FRAEDGE1812 Ref C: 2023-05-15T17:39:25Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame C61A 49 KB
18 KB 531ms
82ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18138
x-xss-protection: 0
server: cafe
etag: 11333120444134058802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 17:39:25 GMT

GET
H2 200 dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefi...
adservice.google.com/ddm/fls/z/ Frame C61A 42 B
107 B 534ms
80ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COzRu_zu9_4CFUm0mgod7nsNRw;src=9143205;type=xp_pages;cat=xp-pa0;ord=7196172186020;gtm=45He35a0;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;u4=undefined;u13=undefined;u20=undefined;u5=undefined;u6=;u7=undefined;u16=undefined;~oref=https%3A%2F%2Fportal.xpi.com.br%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize-dyn.js Show response
www.google-analytics.com/gtm/ 57 B
249 B 52ms
51ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize-dyn.js?id=GTM-WTDNLDV&cid=2104091606.1684172365&cb=0.7228469329537635

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-WTDNLDV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5ba65e9c2f737d7d29d526a6bceef214b0698bcf788613f1ada10e728faba1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Mon, 15 May 2023 17:39:25 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/941062297/ 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941062297/?random=1684172364908&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=70281961&rmt_tld=0&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/941062297/ 42 B
108 B 57ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941062297/?random=1684172364908&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45be35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=70281961&rmt_tld=1&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
297 B 494ms
96ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.xpi.com.br
Date: Mon, 15 May 2023 17:39:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 novo_background_home1888x745.jpg
portal.xpi.com.br/xpi/images/login/ 54 KB
55 KB 221ms
221ms Image
image/jpeg 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/xpi/images/login/novo_background_home1888x745.jpg

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/xpi/css/login/login-cs.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e13aa256ba6a5ac89a8aebd90e847e553d7cb04afd59ddd5688ea5741740a870

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/xpi/css/login/login-cs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=9, ak_p; desc="467825_35115165_250705980_20463_9507_5_0";dur=1
content-length: 55031
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:02 GMT
server: Microsoft-IIS/8.5
etag: "097c0acbc77d91:0"
expect-ct: maxage
content-type: image/jpeg
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 49ms
49ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1793022412&t=pageview&_s=1&dl=https%3A%2F%2Fportal.xpi.com.br%2F&dp=%2Flogin%2Fcodigo-cliente&ul=en-us&de=UTF-8&dt=xp%20-%20web%20-%20nl%20-%20login%20-%20numero%20da%20conta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACUABTAAAACAGK~&jid=1131010898&gjid=1095531965&cid=2104091606.1684172365&tid=UA-5145909-16&_gid=1897140486.1684172365&_r=1&_slc=1&gtm=45He35a0n81NZZVKVD&cd35=n%C3%A3o&cd36=nc&cd81=GTM-NZZVKVD%20-%20601&cd83=Security%20Services%3Alogin&cd108=v2&cd109=https%3A%2F%2Fportal.xpi.com.br%2F&cd6=2104091606.1684172365&z=1787368053

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 19:05:00 GMT

GET
H2 200 arrow-right-pf.svg
portal.xpi.com.br/images/ 261 B
978 B 221ms
221ms Image
image/svg+xml 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/images/arrow-right-pf.svg

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6bf6eedd6f1568a26cbefe2e83251cffa668370d40a231e1432416d340dd13c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=193, origin; dur=9, ak_p; desc="467825_35115165_250706000_20288_11213_11_0";dur=1
content-length: 261
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
content-type: image/svg+xml
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 arrow-right-pj.svg
portal.xpi.com.br/images/ 259 B
976 B 231ms
231ms Image
image/svg+xml 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.xpi.com.br/images/arrow-right-pj.svg

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ad6789325bdce30a6137013a9cb03601fa3811f498315f9083c471307736cba0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=194, origin; dur=9, ak_p; desc="467825_35115165_250706005_20285_9730_9_0";dur=1
content-length: 259
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
content-type: image/svg+xml
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504012280243809&ev=Microdata&dl=https%3A%2F%2Fportal.xpi.com.br%2F&rl=&if=false&ts=1684172365453&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtXP%20Investimentos%20-%20Login%20Seguro%5Cn%22%2C%22meta%3Adescription%22%3A%22Fa%C3%A7a%20seu%20login%20seguro%20e%20acesse%20a%20%C3%A1rea%20logada%20da%20XP%20Investimentos%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22XP%20Investimentos%20-%20Login%20Seguro%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fportal.xpi.com.br%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.xpi.com.br%2FXPI%2Fimages%2Fxp_logo.jpg%22%2C%22og%3Asite_name%22%3A%22XP%20Investimentos%20-%20Login%20Seguro%22%2C%22og%3Adescription%22%3A%22Fa%C3%A7a%20o%20seu%20login%20seguro%20e%20acesse%20a%20%C3%A1rea%20logada%20da%20XP%20Investimentos%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=2&o=30&fbp=fb.2.1684172364891.1157624850&it=1684172364853&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clearSession.js Show response
portal.xpi.com.br/xpi/scripts/ 813 B
2 KB 230ms
230ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/clearSession.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ce94c7f7bcf31160fdf4a2c9c17d23c6aa56ad6323e146ca92cf1faf270b9abe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=199, origin; dur=15, ak_p; desc="467825_35115165_250706030_21450_8815_8_0";dur=1
content-length: 813
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2285 49 KB
18 KB 128ms
127ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9143205.fls.doubleclick.net
URL: https://9143205.fls.doubleclick.net/activityi;dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=914510091.1684172365;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18138
x-xss-protection: 0
server: cafe
etag: 11333120444134058802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 17:39:25 GMT

GET
H2 200 dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref...
adservice.google.com/ddm/fls/z/ Frame 2285 42 B
401 B 84ms
79ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIvXu_zu9_4CFcirmgodiWgFcQ;src=9143205;type=xp_pages;cat=xp-se0;ord=2104091606.1684172365--20230515;gtm=45He35a0;auiddc=*;u1=https%3A%2F%2Fportal.xpi.com.br%2F;u3=2104091606.1684172365;~oref=https%3A%2F%2Fportal.xpi.com.br%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5145909-16&cid=2104091606.1684172365&jid=1131010898&gjid=1095531965&_gid=1897140486.1684172365&_u=aHDACUAATAAAACAGK~&z=539924804

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5145909-16&cid=2104091606.1684172365&jid=1131010898&_u=aHDACUAATAAAACAGK~&z=1270783829

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
76ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5145909-16&cid=2104091606.1684172365&jid=1131010898&_u=aHDACUAATAAAACAGK~&z=1270783829

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 appInsightsConfiguration.js Show response
portal.xpi.com.br/xpi/scripts/ 147 B
870 B 227ms
227ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/appInsightsConfiguration.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

a3666573d07cb672d594ce5112c78aabc9e4128c5186d0ef822a3f07e94d78d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:25 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=16, ak_p; desc="467825_35115165_250706137_21115_9214_5_0";dur=1
content-length: 147
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/765733756/ Frame C61A 3 KB
2 KB 52ms
51ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765733756/?random=1684172365733&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

46086c80990e08b3eea59aef06d85e58464240d8e69522f6ce8d6c00d8ad0c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1550
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame C61A 49 KB
18 KB 84ms
83ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18138
x-xss-protection: 0
server: cafe
etag: 11333120444134058802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 17:39:25 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/765503342/ Frame 2285 3 KB
2 KB 54ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765503342/?random=1684172365777&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9364e982578e59eec328f39c9f2d7f8c33c63cf077ebba97098558acc0cca35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/765733756/ Frame C61A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C4...
https://www.google.com/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&...
https://www.google.de/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u...

42 B
64 B

55ms
55ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZM7BLf6v9u8Pu6SZoAw&cid=CAQSKQBygQiDATZmB53GTP6uFxz37BoZ9T2xuRyWqOQOXPsDlbc5N3LNUjbA&random=47116375&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765733756/?random=2019332550&cv=9&fst=1684172365733&num=1&label=UwzqCJLsuKwBEPzWkO0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZM7BLf6v9u8Pu6SZoAw&cid=CAQSKQBygQiDATZmB53GTP6uFxz37BoZ9T2xuRyWqOQOXPsDlbc5N3LNUjbA&random=47116375&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/765503342/ Frame C61A 3 KB
2 KB 50ms
50ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/765503342/?random=1684172365833&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

347deadf7961550c179c21def766c96fe61116ed211a3ae83edab65ad4cd533f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1574
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/765503342/ Frame 2285
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46...
https://www.google.com/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u...
https://www.google.de/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_...

42 B
64 B

55ms
55ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZN-HMM2d9u8P_8KAuAc&cid=CAQSKQBygQiDmjcBT3qJT3N-sTaklwuDWYIV4U3PGbVNIzd1vhrUHXpCwsNH&random=2864219796&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765503342/?random=894828953&cv=9&fst=1684172365777&num=1&label=arwNCMr3sasBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIvXu_zu9_4CFcirmgodiWgFcQ%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-se0%3Bord%3D2104091606.1684172365--20230515%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZN-HMM2d9u8P_8KAuAc&cid=CAQSKQBygQiDmjcBT3qJT3N-sTaklwuDWYIV4U3PGbVNIzd1vhrUHXpCwsNH&random=2864219796&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/765503342/ Frame C61A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C4...
https://www.google.com/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&...
https://www.google.de/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u...

42 B
64 B

57ms
57ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZNHCM63F7_UPsca6gAE&cid=CAQSKQBygQiDdJ3D5GLb0vjdJ3fNAPPoocAEL6kQcW270u-Q97e3107B69q5&random=1313624968&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9143205.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/765503342/?random=1884980733&cv=9&fst=1684172365733&num=2&label=jxVWCKzthqoBEO7Ogu0C&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9143205.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOzRu_zu9_4CFUm0mgod7nsNRw%3Bsrc%3D9143205%3Btype%3Dxp_pages%3Bcat%3Dxp-pa0%3Bord%3D7196172186020%3Bgtm%3D45He35a0%3Bauiddc%3D914510091.1684172365%3Bu1%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3Bu3%3D2104091606.1684172365%3Bu4%3Dundefined%3Bu13%3Dundefined%3Bu20%3Dundefined%3Bu5%3Dundefined%3Bu6%3D%3Bu7%3Dundefined%3Bu16%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fportal.xpi.com.br%252F%3F&ref=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TW5iZNHCM63F7_UPsca6gAE&cid=CAQSKQBygQiDdJ3D5GLb0vjdJ3fNAPPoocAEL6kQcW270u-Q97e3107B69q5&random=1313624968&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
cdn.xpi.com.br/loadertools/ 830 KB
244 KB 65ms
55ms Script
application/x-javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c8ad9b7748abdef046ea99ddfeb62a7bab85558fe719e91a38982f9c34b180fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:26 GMT
content-encoding: gzip
content-md5: 2rf8i+wLSY3nD9nES5QL4g==
server-timing: cdn-cache; desc=HIT, edge; dur=34, ak_p; desc="467825_35115165_250706250_3438_13968_5_0";dur=1
content-length: 249155
x-ms-lease-status: unlocked
last-modified: Thu, 17 Mar 2022 21:51:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA08603B66F8E1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1119a975-301e-007b-53f4-86809e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 spinner.js Show response
portal.xpi.com.br/xpi/scripts/login/ 492 B
1 KB 256ms
255ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/login/spinner.js?_V=2023-05-15-03-00

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

0f2310c44027d94757d1ada16e7f7851a8d2d084d7c85b849fdf55313f0cfa6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:26 GMT
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=194, origin; dur=44, ak_p; desc="467825_35115165_250706316_23847_10326_5_0";dur=1
content-length: 492
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
297 B 95ms
95ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.xpi.com.br
Date: Mon, 15 May 2023 17:39:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 login.min.js Show response
portal.xpi.com.br/xpi/scripts/ 7 KB
3 KB 243ms
243ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/login.min.js?_V=2023-05-15-03-00

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

993505fdb931dcb3665915462eb030414ce6b0c74ab8433d7043495e014c5914

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:26 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=197, origin; dur=24, ak_p; desc="467825_35115165_250706457_22080_10172_5_0";dur=1
content-length: 1864
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 new-login-cs.js Show response
portal.xpi.com.br/xpi/scripts/login/ 9 KB
3 KB 257ms
256ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/login/new-login-cs.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2f9211af5e768a1a24d5d233bad5d487dabb08c3aa764daed2f6dd333f9c2a7e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:26 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=200, origin; dur=16, ak_p; desc="467825_35115165_250706623_21634_9559_5_0";dur=1
content-length: 2445
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ads.js Show response
portal.xpi.com.br/xpi/scripts/login/ 1 KB
1 KB 232ms
231ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/xpi/scripts/login/ads.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

827a34f7286a46b2fb3ecbe28bd49bb07f82617ddcd520944a82de4c2475f8e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=19, ak_p; desc="467825_35115165_250706741_21326_9967_5_0";dur=1
content-length: 567
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:27:04 GMT
server: Microsoft-IIS/8.5
etag: "0c4f1adbc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 html.esm.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 20 KB
6 KB 124ms
101ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2b35d4d039b436a9494b3bed074905653ffc14b04961ee1cf0ce109853bec02d

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: z15eR2Ywx1P03HJJKXZPZQ==
server-timing: cdn-cache; desc=HIT, edge; dur=85, ak_p; desc="467825_35115161_469961350_8478_9727_6_0";dur=1
content-length: 5239
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057A1BBE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5def6783-b01e-0075-48de-fba92e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 index.js Show response
cdn.xpi.com.br/soma/soma/ds/3.6.0/tokens/themes/xp-empresas/ 50 KB
8 KB 92ms
82ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/ds/3.6.0/tokens/themes/xp-empresas/index.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9f34aacdf03b0b576b8bee6c27a54318534d87af345817f3fe18c99ebed797f6

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: 4NCoAhqtvlqzGHBXGoM7oQ==
server-timing: cdn-cache; desc=HIT, edge; dur=63, ak_p; desc="467825_35115161_469961351_6263_9707_6_0";dur=1
content-length: 7225
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:18:26 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC8D04CC15
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 521d506e-001e-005f-5c51-ea763e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 Yw4 Show response
portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/ 193 KB
70 KB 14ms
13ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/Yw4
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f692f5a354d4b1001e1ca3fbfd494a9af18683d3a960a78d63f146e8270c22f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: br
last-modified: Wed, 01 Mar 2023 16:38:29 GMT
etag: "fe66ff99c74f785555570b8617e7eb397ace65884b76c50ca8c9ac98fdb4fe23"
stored-attribute-sha-checksum: f692f5a354d4b1001e1ca3fbfd494a9af18683d3a960a78d63f146e8270c22f8
content-type: application/javascript
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467825_35115165_250706842_42_5900_5_0";dur=1
content-length: 71129

POST
H2 201 Yw4 Show response
portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/ 18 B
906 B 365ms
365ms XHR
application/json 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/Yw4
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://portal.xpi.com.br/
ADRUM: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 May 2023 17:39:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://portal.xpi.com.br
access-control-allow-credentials: true
x_req_id: 9c2675e5-a5f5-4dc5-993f-5dd357c5a3c2
server-timing: edge; dur=2, origin; dur=351, cdn-cache; desc=MISS, ak_p; desc="467825_35115165_250706875_35338_4614_10_0";dur=1
access-control-allow-headers: Content-Type
content-length: 18

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/ 3 KB
1 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/797073946/?random=1684172367200&cv=11&fst=1684172367200&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&auid=914510091.1684172365&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a535bd673e76e631f4a058a5d142c2c972218a8ada20001057c804e53c459e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=145000350&Ver=2&mid=f61d197f-c6ed-4499-97e8-1fdf8a7eb561&sid=7062c540f34711edbad521af39b610aa&vid=7062da80f34711edb8032908c615e011&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=XP%20Investimentos%20-%20Login%20Seguro&p=https%3A%2F%2Fportal.xpi.com.br%2F&r=&evt=pageLoad&sv=1&rn=337191

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 15 May 2023 17:39:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D25148D9DC954F61AD99E45952141754 Ref B: FRAEDGE1812 Ref C: 2023-05-15T17:39:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index-3fcaf980.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 127 KB
30 KB 50ms
49ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bc21778ba7ea0483b8d2f1b97cba7328de1fad24ec1832e90a5691cb862e2e3b

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: lTKjuMELpFsCLuJr6T2CAg==
server-timing: cdn-cache; desc=HIT, edge; dur=33, ak_p; desc="467825_35115161_469961436_3304_7486_6_0";dur=1
content-length: 30170
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057D017D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0bbde510-401e-004e-77f9-01ec8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 app-globals-502d7db3.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 5 KB
2 KB 71ms
70ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/app-globals-502d7db3.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27e0d13f10cae008ba2de8670a6c24c27d8d1e773222302c714702965c9d3c8d

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: 09gv/KJv4IESGZPcSaD0WQ==
server-timing: cdn-cache; desc=HIT, edge; dur=51, ak_p; desc="467825_35115161_469961437_5220_7239_6_0";dur=1
content-length: 1878
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC0572C9E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 17363fc1-801e-008a-1651-ea99b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 index.esm-5e8aee4f.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 2 KB
1 KB 36ms
35ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index.esm-5e8aee4f.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f553f6b2a866f141b651e929e5a62d6ebc785dcace0e3f124e2df6e7b86524c8

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: 8boHy5pSgXm/mSEMmIdCSw==
server-timing: cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="467825_35115161_469961438_1438_6069_6_0";dur=1
content-length: 607
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057F4B1A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 665a4123-a01e-0069-4ca5-00fb4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 _commonjsHelpers-fd4b916d.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 1 KB
1 KB 60ms
59ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/_commonjsHelpers-fd4b916d.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 122b310043d61550b9f727cb30ec6463ea0ffdf3cbd53fe9896a3b402804ca7c

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: tj1ZwnHiiR752AopjdVP0w==
server-timing: cdn-cache; desc=HIT, edge; dur=36, ak_p; desc="467825_35115161_469961439_4496_7833_6_0";dur=1
content-length: 626
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC059E6708
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9f3ae152-401e-0003-22b2-ff2366000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 index-b873f3f6.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 13 KB
4 KB 36ms
36ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-b873f3f6.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52adbad8f15ff713261524bba7c7b6c8055caa80ff0f2cbd0a0042f669e3462e

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: lQu/5dxDoYgPJ9uk/OMUVA==
server-timing: cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="467825_35115161_469961440_1343_7009_6_0";dur=1
content-length: 3676
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057F2410
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2e8f2264-b01e-0007-5c24-01ae61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 index-ee618681.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 39 KB
10 KB 58ms
58ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-ee618681.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3dfe9125cc2a8cada49e6831253425a352e3acc6909f72f84c70bba029f408b0

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: mD6h8+iG7/F9JEvSL9i8CA==
server-timing: cdn-cache; desc=HIT, edge; dur=34, ak_p; desc="467825_35115161_469961441_4362_7791_6_0";dur=1
content-length: 9685
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057A69D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b53caf40-801e-008a-41d2-eb99b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 environment-24fb2ad2.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 1 KB
1 KB 47ms
46ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/environment-24fb2ad2.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9ee83d76d1dca56e2d0a938933f41d18440b07c8ef7f56267c548fcfda4cf51a

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/html.esm.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: OjiW7l376XOsI/jq7JLXJQ==
server-timing: cdn-cache; desc=HIT, edge; dur=31, ak_p; desc="467825_35115161_469961442_3121_6997_6_0";dur=1
content-length: 595
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057CDA73
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d423fb3e-f01e-0090-3902-f7f86c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-alert.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 6 KB
2 KB 78ms
78ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-alert.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7275437de0752a12e8e308fb781792b81a4322261b3bde3873a1c77ce292c5e1

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: rElVCWcQ9SWn1tmY38N33A==
server-timing: cdn-cache; desc=HIT, edge; dur=63, ak_p; desc="467825_35115161_469961504_6229_8700_6_0";dur=1
content-length: 1985
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057F4B1A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bb3482d9-101e-006c-2c96-002995000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-radio.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 9 KB
3 KB 57ms
57ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-radio.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2f19d63af6476af921c5e7dcd4f31d005ad3ea7028314088c5b10c43a6d7b279

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: GEitFwUyTv31+91k0ubtVQ==
server-timing: cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="467825_35115161_469961534_2447_8711_7_0";dur=1
content-length: 2292
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC058E8B01
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8486a980-f01e-0074-44c2-01f6f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-radio-group.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 2 KB
1 KB 47ms
47ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-radio-group.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e85cf06ac9ea469abc6dd7f696e9cbf93da324837703e97966c1b8ff3b7bb543

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: kqtBXrJO9xun7A+B2DFOsg==
server-timing: cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="467825_35115161_469961535_1432_8832_7_0";dur=1
content-length: 947
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC058F7538
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 866b26d7-d01e-0011-1e28-0358b6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-spinner.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 3 KB
2 KB 59ms
59ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-spinner.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bc80bd4f6e6ba06ac442798d053b0574dba705dcb8561a918745c3a4280dadea

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: pTorcxXZfDQ7ITBujM4hBw==
server-timing: cdn-cache; desc=HIT, edge; dur=24, ak_p; desc="467825_35115161_469961536_2624_8766_7_0";dur=1
content-length: 1151
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC058F7538
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a05dde1d-701e-009e-6bc5-56d1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-tab.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 4 KB
2 KB 49ms
49ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-tab.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 628e97d5c061cab283317499fbbc7c93dd474c9eaa18b333f5b59bc0022c99be

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: nkceBrn69NPBEWDO+bclJg==
server-timing: cdn-cache; desc=HIT, edge; dur=14, ak_p; desc="467825_35115161_469961537_1659_8724_7_0";dur=1
content-length: 1311
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC0591E5DA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 521d5393-001e-005f-3851-ea763e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 soma-tabs.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 3 KB
2 KB 80ms
80ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-tabs.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e034d2e03adfb671d4042d091a16afa0559054b263dfe7574a3f96fa74b5050d

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: A/iVWZCePOOiqmxSK7hurQ==
server-timing: cdn-cache; desc=HIT, edge; dur=45, ak_p; desc="467825_35115161_469961538_4754_8768_6_0";dur=1
content-length: 1350
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC0591BED1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 958e3f4d-a01e-0079-5bb1-013e26000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 import.css
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/ 624 B
731 B 48ms
48ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/app-globals-502d7db3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3eaf0fb993760aa69b242e7a25d9ae117b723a6d3083cf98b9abcdb558bc0276

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: ggxu5xhB2CCAlQdezOnicg==
server-timing: cdn-cache; desc=HIT, edge; dur=30, ak_p; desc="467825_35115165_250706933_3079_7387_11_0";dur=1
content-length: 173
x-ms-lease-status: unlocked
last-modified: Tue, 09 May 2023 18:10:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB50B8B81B60DF
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b4d0c47d-001e-0060-53a2-82be9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

HEAD
H2 200 adrum.js Show response
portal.xpi.com.br/Scripts/ 0
663 B 224ms
224ms XHR
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.xpi.com.br/Scripts/adrum.js

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-157.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

mode: no-cors
Referer: https://portal.xpi.com.br/
ADRUM: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: maxage
content-security-policy: frame-ancestors *.xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br *.whg.com.br
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
x-powered-by: ASP.NET
server-timing: ak_p; desc="467825_35115165_250706964_20703_9624_9_0";dur=1
content-length: 20
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge,chrome=1
request-context: appId=cid-v1:6df38306-5c40-4534-a118-bccd5d045f71
last-modified: Tue, 25 Apr 2023 21:26:58 GMT
server: Microsoft-IIS/8.5
etag: "03d5eaabc77d91:0"
expect-ct: maxage
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.xpi.com.br
access-control-expose-headers: Request-Context
cache-control: no-cache,public
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 x Show response
s.dnofd.com/ 34 B
212 B 678ms
206ms XHR
application/json 18.231.104.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dnofd.com/x
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.231.104.205 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-231-104-205.sa-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1af95a804d107387ef0d6a8576b3a48b8da926573724a54e6fc000303aa94764

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 15 May 2023 17:39:27 GMT
cache-control: private, max-age=31536000
server: nginx
etag: 47c73a7e-ceb5-4432-a43f-2397471602f9
content-length: 34
content-type: application/json; charset=utf-8

GET
H2 200 x.html Show response
ofdb-u.dnofd.com/web/ofdb/ Frame 5CBF 37 KB
14 KB 40ms
8ms Document
text/html 13.225.78.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ofdb-u.dnofd.com/web/ofdb/x.html
Requested by: Host: xp.dnofd.com
URL: https://xp.dnofd.com/ofdb/OFDB.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-58.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 180b05893224e9340a5dfd148631f00f58e1ea6cd62b2cbe37b534140ce6d675

Request headers

Referer: https://portal.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40823
cache-control: max-age=86400
content-encoding: gzip
content-length: 13744
content-type: text/html; charset=utf-8
date: Mon, 15 May 2023 06:19:13 GMT
etag: "0fc39ae55adc9a4ac4572bcdde7b6718"
last-modified: Tue, 17 Jan 2023 12:57:12 GMT
server: AmazonS3
vary: Origin
via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-id: jL3BG2O1tAxgTD7c3lA9RPVLGpSPuKViQWwr9Z2TEaMmO9KB0ZtjDA==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame D136 50 KB
27 KB 77ms
76ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=rf41k1ku5uo8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1650aa4ccc39063c51679f495c0533534823367c6e6c4b22921684e1bd8420e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FX9WxlKCb1jaW2Hiyo6Wpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27417
content-security-policy: script-src 'report-sample' 'nonce-FX9WxlKCb1jaW2Hiyo6Wpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:39:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 XP-RegularLighthouse.otf
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/ 76 KB
77 KB 63ms
62ms Font
application/octet-stream 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/XP-RegularLighthouse.otf
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a77ca9f6933ffcc4e79fc270ef64669f0ee5643f59d821add684a66c9d8bc633

Request headers

Referer: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
last-modified: Tue, 09 May 2023 18:10:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: KShsKW7cTHTen4xx1U0X1A==
etag: 0x8DB50B8B81BAEF9
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: d9029f0a-001e-005f-2515-83763e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=HIT, edge; dur=46, ak_p; desc="467825_35115161_469961632_4670_8980_8_0";dur=1
content-length: 77496

GET
H2 200 XP-MediumLighthouse.otf
cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/ 76 KB
78 KB 107ms
107ms Font
application/octet-stream 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/otf/XP-MediumLighthouse.otf
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dae5bcfb262c5b42c1caaa02e12c1d6c78a11a40c02ff147a8510eb4149d6920

Request headers

Referer: https://cdn.xpi.com.br/soma/soma-fonts/xp-empresas/import.css
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
last-modified: Tue, 09 May 2023 18:10:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: bu0DZxEehBSlaDJD3QYDAA==
etag: 0x8DB50B8B81B12CE
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 7428c747-501e-0042-80a2-827b82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=HIT, edge; dur=68, ak_p; desc="467825_35115161_469961654_7658_8784_6_0";dur=1
content-length: 77924

GET
H3 200 /
www.google.com/pagead/1p-user-list/797073946/ 42 B
64 B 81ms
81ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/797073946/?random=1684172367200&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1068169655&rmt_tld=0&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/797073946/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/797073946/?random=1684172367200&cv=11&fst=1684170000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.xpi.com.br%2F&frm=0&tiba=XP%20Investimentos%20-%20Login%20Seguro&fmt=3&is_vtc=1&random=1068169655&rmt_tld=1&ipr=y

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.esm-baacf272.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 2 KB
1 KB 47ms
46ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index.esm-baacf272.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 371e08ec65502ae7bac8aab86e2d264e609ee2befdc3ac86b24ca0f018a56ebd

Request headers

Referer: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-alert.entry.js
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: Y89t8Cf30CWtU30F/7xyHw==
server-timing: cdn-cache; desc=HIT, edge; dur=16, ak_p; desc="467825_35115161_469961662_1708_8118_8_0";dur=1
content-length: 660
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC057AB7E9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fd5ccc31-b01e-0017-3a51-ea6b09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame D136 55 KB
24 KB 117ms
40ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=rf41k1ku5uo8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 14:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 14:42:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame D136 411 KB
164 KB 139ms
61ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 22:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 22:54:31 GMT

GET
H2 200 soma-icon.entry.js Show response
cdn.xpi.com.br/soma/soma/html/3.6.0/html/ 4 KB
2 KB 44ms
43ms Script
application/x-javascript 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/soma-icon.entry.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/soma/soma/html/3.6.0/html/index-3fcaf980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ac572e11fdf826b70c9f1a129d21c5bf1da8d72257893910257876628ab54128

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: zuPasdIXhGRZg83dO7f38Q==
server-timing: cdn-cache; desc=HIT, edge; dur=19, ak_p; desc="467825_35115161_469961699_1893_8376_6_0";dur=1
content-length: 1584
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 00:14:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7BC058C416C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b3e301f2-a01e-0046-13ce-04f685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 alert-triangle-fill.svg Show response
cdn.xpi.com.br/soma/soma-icons/xp-empresas/md/ 827 B
1 KB 36ms
36ms XHR
image/svg+xml 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xpi.com.br/soma/soma-icons/xp-empresas/md/alert-triangle-fill.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4a584e6ef2efdf7efebba385890499e9faf1f6916c00eebb4e9304f8ba9517c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
content-md5: WTe7PWvnLaxy775Rsas9/Q==
server-timing: cdn-cache; desc=HIT, edge; dur=20, ak_p; desc="467825_35115161_469961742_1962_9340_7_0";dur=1
content-length: 450
x-ms-lease-status: unlocked
last-modified: Tue, 09 May 2023 18:09:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB50B88B02B4DB
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b4d0c763-001e-0060-39a2-82be9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=31536000, max-age=31536000
x-ms-version: 2009-09-19

POST
H2 201 Yw4 Show response
portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/ 18 B
890 B 299ms
299ms XHR
application/json 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.xpi.com.br/Frg1D42MjgS1s/3cf2h3Dj/uxVAl4/b57O0GrQchV7/L0MmXABYBA/PAxmcDFT/Yw4
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://portal.xpi.com.br/
ADRUM: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 May 2023 17:39:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://portal.xpi.com.br
access-control-allow-credentials: true
x_req_id: 84049dae-290f-4bac-977d-f6c7f6cc8dd5
server-timing: edge; dur=10, origin; dur=274, cdn-cache; desc=MISS, ak_p; desc="467825_35115165_250707104_28471_4620_9_0";dur=1
access-control-allow-headers: Content-Type
content-length: 18

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D136 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 154012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D136 15 KB
16 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 151852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D136 15 KB
15 KB 133ms
49ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 172302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:47:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame D136 102 B
132 B 48ms
47ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LeGn14jAAAAAFGI1Sd4FqRuNQZU2YyhNS4E0Z1Z&co=aHR0cHM6Ly9wb3J0YWwueHBpLmNvbS5icjo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=rf41k1ku5uo8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 15 May 2023 17:39:27 GMT

OPTIONS
H2 200 xp
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/pages/ Frame 0
0 254ms
211ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/pages/xp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:28 GMT
server-timing: ak_p; desc="467825_35115161_469962140_19562_8567_7_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 xp Show response
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/pages/ 408 B
2 KB 316ms
315ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/pages/xp

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

bdaf343f01d6efd576e63e26c1a8afde94edace18cd78d1a8ebfc1f6fcfc0cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:28 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=209, origin; dur=90, ak_p; desc="467825_35115161_469962333_29968_8985_7_0";dur=1
content-length: 408
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"198-9TcaUlXEXRlg/nbVZfuQMoVWacQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
x-download-options: noopen
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true

GET
H2 200 generic1684172286235.js Show response
nebula-cdn.kampyle.com/us/wu/634815/onsite/ 1 MB
108 KB 951ms
951ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1684172286235.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cbe7eb3362af1c98c04ab4a5dd67d5d42872db4156f3a423a940110b6bffc14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: xc1qbENO4caJIKqtu00.XuWOnftMnVfW
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:28 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: GK0NJ3AVFKKD6R6A
x-amz-server-side-encryption: AES256
x-cache: MISS
content-length: 110024
x-amz-id-2: C18ogK5kdK8sAd7AlDJj+Lih4ZJQ71MbAe8zt4pMR9CWGKOFloatq1Ap24sPau7mrehR7uAvSlo=
x-served-by: cache-fra-eddf8230034-FRA
last-modified: Mon, 15 May 2023 17:38:07 GMT
server: AmazonS3
x-timer: S1684172368.988220,VS0,VE943
etag: "fef248e0928c225ea4a8ee2970cbdf54"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&RedC=c.clarity.ms&MXFR=2781CEB97B67669D2660DDAB7F6768B0
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&MUID=1BFA10EE3DBF68C9142D03FC3CBF6984

42 B
445 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&MUID=1BFA10EE3DBF68C9142D03FC3CBF6984
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:27 GMT
last-modified: Thu, 04 May 2023 15:33:28 GMT
server: Microsoft-IIS/10.0
etag: "6de038c69d7ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F50473C08444D6188FC3E64DCB38252 Ref B: FRAEDGE1812 Ref C: 2023-05-15T17:39:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=55CBFB5AD34E443E9649AF985A3B13E5&MUID=1BFA10EE3DBF68C9142D03FC3CBF6984
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 adrum-ext.206c403a1a532b310b15ea4509f4902b.js Show response
cdn.appdynamics.com/ 44 KB
17 KB 59ms
8ms Script
application/javascript 143.204.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.206c403a1a532b310b15ea4509f4902b.js
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-51.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6e7e4fca96d4efed41e842c2761a59a829600224e482f0279bd6ae2dc0870c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 22:55:23 GMT
content-encoding: gzip
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1536245
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2016 16:22:40 GMT
server: nginx/1.16.1
etag: W/"58249ed0-b09b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EfBzUr71MWwG9QlHCVQmm6UIuNtGOdSF_QgyubUxg7Aq8H4twZOclA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=1066761&fmt=gif&gtmcb=1682485124
https://px4.ads.linkedin.com/collect?pid=1066761&fmt=gif&gtmcb=1682485124&e_ipv6=AQJwqP-pz_VDhAAAAYggfuj6LAmC1WPWgWPoa1IwcWCfHIO1mE6GiGmz_4NwIQaD789m16kS

43 B
219 B

191ms
190ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?pid=1066761&fmt=gif&gtmcb=1682485124&e_ipv6=AQJwqP-pz_VDhAAAAYggfuj6LAmC1WPWgWPoa1IwcWCfHIO1mE6GiGmz_4NwIQaD789m16kS
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:27 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B8A16479D96F4B6189CF01D3121FBE89 Ref B: FRAEDGE1806 Ref C: 2023-05-15T17:39:28Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
content-type: image/gif
x-li-proto: http/2
content-length: 65
x-li-uuid: AAX7vu/BCE0Xa3BiWJYveA==

Redirect headers

date: Mon, 15 May 2023 17:39:27 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D54BAF19105247A69C67099E9069C5DA Ref B: FRAEDGE1312 Ref C: 2023-05-15T17:39:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?pid=1066761&fmt=gif&gtmcb=1682485124&e_ipv6=AQJwqP-pz_VDhAAAAYggfuj6LAmC1WPWgWPoa1IwcWCfHIO1mE6GiGmz_4NwIQaD789m16kS
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7vu+997ix9rAvVFJLmA==

POST
H2 204 /
684dd311.akstat.io/ 0
203 B 48ms
47ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd311.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/8DDC3-DGW9A-K2LAS-M6TL2-STC4Q

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:28 GMT
content-type: image/gif
access-control-allow-origin: https://portal.xpi.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 15 May 2023 17:39:28 GMT

GET
H/1.1

200
OK

results.txt Show response
xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pln0lnz6p
https://xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

96ms
11ms

XHR
text/plain

95.101.54.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 95.101.54.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-145.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 17:39:28 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 15 May 2023 17:39:28 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pln0lnz6p
https://fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

72ms
6ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 17:39:28 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Mon, 15 May 2023 17:39:28 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
297 B 99ms
99ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.xpi.com.br
Date: Mon, 15 May 2023 17:39:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

OPTIONS
H2 200 loaders
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/ Frame 0
0 236ms
235ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/loaders
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:28 GMT
server-timing: ak_p; desc="467825_35115161_469962622_21984_8062_6_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 loaders Show response
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/ 5 KB
2 KB 261ms
261ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/loaders

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

3f9719f547c668efa2a0d8b6cbe30612ec32691c2ddda4e379f15802241417b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 17:39:29 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=211, origin; dur=26, ak_p; desc="467825_35115161_469962848_23715_9092_6_0";dur=1
content-length: 589
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"12fb-BX7+TmMicOk9BdwwMeANbBPy0Ls"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
x-download-options: noopen
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true
vary: Accept-Encoding

GET
H2 200 formData1681889403516_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/38337/ 13 KB
3 KB 44ms
29ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/38337/formData1681889403516_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34a2998dd32a9786a54d66bedef632b08df0943deca7fccf325e233f4830d51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 8XYr.ILUozJMwgJAn77DEX4GKGA.7HJt
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04TF8DE238DCPRY
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2908
x-amz-id-2: 0PNnplhrmRq/qBWBdEOATF87EjOtKOwgu0SMEfl2JY8s5kAdmJItnxZRlGZ4hDizAJAy6PTGpHk=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 19 Apr 2023 07:30:05 GMT
server: AmazonS3
x-timer: S1684172369.025171,VS0,VE22
etag: "34b69a878e6920da86cf005fc8e09f68"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1681889612220_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/40221/ 13 KB
3 KB 23ms
9ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/40221/formData1681889612220_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8cd0d08585bcea85d539958a67c7d051f1b6072703f808de09114289f07ac55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ACzUyJHUZsEzriTrYMavwUpwfE4Z6.vZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04NYHVJSPNHNWG8
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3139
x-amz-id-2: ynLybFsMZc0OZkYcbDjDfFbqEBORWEGXLeK9ltbcBAtE4OipiljWKL3L4z6dRVgVdkv1lurgAiQ=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 19 Apr 2023 07:33:33 GMT
server: AmazonS3
x-timer: S1684172369.025859,VS0,VE1
etag: "66ebce11bd6b2496186b7fb30cc1524c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1681890273019_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/40222/ 13 KB
3 KB 23ms
10ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/40222/formData1681890273019_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e1e053ab5104b844528d423f512091e80520587aba630a93f8c2a7d72fdf6900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: .2G5wyh.b0lAwSJTCvG_xi23liyIU_NP
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04MDJ76KSTS4CCS
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3066
x-amz-id-2: NLWfJmpN7RsRw4ZYRyt+N7/R+8FEJIZF+XnE74c+zMk/UrhQTwedQPFcwZbtbtByUfkrDnabeZU=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 19 Apr 2023 07:44:34 GMT
server: AmazonS3
x-timer: S1684172369.025868,VS0,VE2
etag: "0887a65ef99ece91eb8b262f863247f1"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1681889137599_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/46973/ 12 KB
3 KB 20ms
8ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/46973/formData1681889137599_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c5c9f95665ffc541c477a57ad14dfcc815586df570dc3a0f1b231dda4e5f86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: w7bijVoSbzE._k7BnPZkSvHT4V8f3bv_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04ZS64YP4A1HJAJ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3017
x-amz-id-2: 7Ql5vwVzVNCzttogEwSB5Gw7GfHO+D01it8KFXv52Txv8nBGuxuddRQbn7sShaWXGaEyTPGQlus=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 19 Apr 2023 07:25:39 GMT
server: AmazonS3
x-timer: S1684172369.025819,VS0,VE1
etag: "818b796031c31a858e22f2a2fff78f13"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1681889638768_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47096/ 15 KB
3 KB 20ms
10ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47096/formData1681889638768_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

517b99ef8ecdc4aa734b2d659ef7e43b0d52acebf9bebc07847dd486c5c50ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: AJTy_qEOk_PImfgsKrGi.pvI0FyPfAh0
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04QFC5ZPSRJKQRJ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3271
x-amz-id-2: C+8Gvylldrq5L4X8JmZtoPh7TpHf1vGcxj0jTx8sY/1ZSMGe0e81vWoHRCxlck/5e+06kSm85AQ=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 19 Apr 2023 07:34:00 GMT
server: AmazonS3
x-timer: S1684172369.026667,VS0,VE1
etag: "a3f0fba5861955302e2de54fd072d660"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1683220745987_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47664/ 15 KB
3 KB 25ms
16ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47664/formData1683220745987_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e46a7a4b5d380b306f25066d438dbfc711756addf3c9fbc2cc2f9fd9853a2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 4XIP4J5F63K4V49BJXNrdwIwQw1XE4nq
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04KH7RG88F40ZXQ
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3269
x-amz-id-2: QRZyk+eJVsQyPuIfY31S+sYMksr8AqPqCtbEvfgBLICgZVyewMULwnodY7gmWJ65bh/uVds0BTY=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 04 May 2023 17:19:07 GMT
server: AmazonS3
x-timer: S1684172369.026472,VS0,VE8
etag: "a010f0e5db22b76ebdefde6f31e53faf"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1683223488401_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47666/ 15 KB
3 KB 18ms
10ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47666/formData1683223488401_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9fa6f499321831a2f31339a31f5a8f4316f9b1566b7f138dc06e977ee89706f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ABG.pPnA3DUFQSSHz4hHifI6UjDrHbRA
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04JGD4KFQ747W5H
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3260
x-amz-id-2: OYRNPD1cpLPAGTY97dCaKV3Rq8uKW39ic+SpIxI/mnNJgOLb1wmZYBSXPoHwubxMg09rmhusz1g=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 04 May 2023 18:04:49 GMT
server: AmazonS3
x-timer: S1684172369.026223,VS0,VE1
etag: "446b6b1882ce182895a39afcc99c7301"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 formData1683223568255_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47667/ 15 KB
3 KB 17ms
9ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47667/formData1683223568255_pt-br.json

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ca2534ccf285163aed881789e7dff15ab7e50f5b6f184559c18206ec82e9a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: WvtWL0v1tmEC8P0YwIn_D.tcWZOCMb7H
content-encoding: gzip
via: 1.1 varnish
date: Mon, 15 May 2023 17:39:29 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: S04Q8AVPF68SMJXA
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3270
x-amz-id-2: Z3GIr+wM5N8ItwNRFnoqlOiUSTSNlZtpNC0AqLC92LqkzZ7ZPMy7NkFGzmJfjIakHMjde+hEmXE=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 04 May 2023 18:06:09 GMT
server: AmazonS3
x-timer: S1684172369.025797,VS0,VE2
etag: "ce8499ed68637e848aa3c7e11e533bdd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
77 B 157ms
105ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjg0MTcyMzY5MDA1IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODgyMDdlZWM2MDE0Ny0wMmQzNTEwMTI1YzM4Yi0xMzMxMzE3MC0xZDRjMDAtMTg4MjA3ZWVjNjFjMWEiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDYzNDgxMywidXJsIjogImh0dHBzOi8vcG9ydGFsLnhwaS5jb20uYnIvIiwid2Vic2l0ZUlkIjogNjM0ODE1LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1YTcyLTc0NTgtYWQ4Ni0xZjEyLTQyNTQtMDY2Mi1lZjc0LTJjZDYiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY4NDE3MjM2OTAwMiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAyMjM0LCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDA1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-3spm
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 main.js Show response
customerattendance.xpi.com.br/widgetelevio/assets/js/ 1 MB
311 KB 1008ms
997ms Script
application/x-javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://customerattendance.xpi.com.br/widgetelevio/assets/js/main.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 43b258bc8073d36494d06c622415db04061dc1885f437e434d036b1ba3d3d320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 21:32:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: s7nNkD92d3MtlFmwgFm3bw==
etag: 0x8DB3AD450372D04
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 337fc5c9-401e-002c-0d54-8716ac000000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=MISS, edge; dur=203, origin; dur=39, ak_p; desc="467825_35115165_250707883_24278_7690_6_0";dur=1

GET
H2 200 vendors.js Show response
customerattendance.xpi.com.br/widgetelevio/assets/js/ 1 MB
399 KB 585ms
575ms Script
application/x-javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://customerattendance.xpi.com.br/widgetelevio/assets/js/vendors.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 17a3eaba9d243bbf7adfc7607a8a8b4bff06ed08f054990be5efea6f267062db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 21:32:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: UJMc9Btle1ZOX1vFQuqXnw==
etag: 0x8DB3AD4503B7223
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2267cb57-301e-0045-1f54-874900000000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=MISS, edge; dur=198, origin; dur=29, ak_p; desc="467825_35115165_250707881_22764_7743_6_0";dur=1

GET
H2 200 commons.js Show response
customerattendance.xpi.com.br/widgetelevio/assets/js/ 21 KB
6 KB 298ms
288ms Script
application/x-javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://customerattendance.xpi.com.br/widgetelevio/assets/js/commons.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c6b1995eb4968255e21f88b09bab157a4afa6047c2c099d995b33b83bc6029d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 21:32:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: lcXQWlcy7VYgL8GPTcH8tg==
etag: 0x8DB3AD4501D6739
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 31471b0e-301e-004e-2d54-875174000000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=MISS, edge; dur=199, origin; dur=16, ak_p; desc="467825_35115165_250707882_21595_7686_6_0";dur=1
content-length: 6120

GET
H2 200 main.css
customerattendance.xpi.com.br/widgetelevio/assets/css/ 4 KB
2 KB 246ms
237ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://customerattendance.xpi.com.br/widgetelevio/assets/css/main.css
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a46d24641c9c7547bf5354b5bd55a3ab70ea00065586a9e05ce43ae54a0b431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 21:32:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: j01Y2QWFAoCYir/A4D3Ccg==
etag: 0x8DB3AD4501BB9BD
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cbeefb5c-701e-0049-1f54-87a7f1000000
x-ms-version: 2009-09-19
server-timing: cdn-cache; desc=MISS, edge; dur=196, origin; dur=13, ak_p; desc="467825_35115165_250707880_22156_7896_8_0";dur=1
content-length: 1172

GET
H2 200 commons.css
static.xpi.com.br/cs/attendance-tools/assets/css/ 7 KB
2 KB 253ms
228ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xpi.com.br/cs/attendance-tools/assets/css/commons.css
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3c4489fbcd3c81d284fb96084d17903234a5ba23048d07c9632602969e7d7f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 13:58:50 GMT
server: Microsoft-IIS/10.0
etag: "09161f5848d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600,public
accept-ranges: bytes
content-length: 1806

GET
H2 200 faq.css
static.xpi.com.br/cs/attendance-tools/assets/css/ 8 KB
2 KB 805ms
779ms Stylesheet
text/css 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xpi.com.br/cs/attendance-tools/assets/css/faq.css
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cdddce71fdc2455dfef89c6ca6bd4a2d38b0508268fb5315a8b4c3035282e471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 13:58:50 GMT
server: Microsoft-IIS/10.0
etag: "09161f5848d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600,public
accept-ranges: bytes
content-length: 1675

GET
H2 200 vendors.js Show response
static.xpi.com.br/cs/attendance-tools/assets/js/ 1 MB
405 KB 1259ms
1233ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xpi.com.br/cs/attendance-tools/assets/js/vendors.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d74063184fe81263b626046e701bc3989e10b8e7ab3edf3831657c9289347ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 21:53:42 GMT
server: Microsoft-IIS/10.0
etag: "0f7b449884cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=291
accept-ranges: bytes
content-length: 413828

GET
H2 200 commons.js Show response
static.xpi.com.br/cs/attendance-tools/assets/js/ 33 KB
10 KB 300ms
275ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xpi.com.br/cs/attendance-tools/assets/js/commons.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ab87cd626a4aef2d3955e831a2dc64337054623021ee889e0082d32c9d66961d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 21:53:42 GMT
server: Microsoft-IIS/10.0
etag: "0f7b449884cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=281
accept-ranges: bytes
content-length: 10034

GET
H2 200 faq.js Show response
static.xpi.com.br/cs/attendance-tools/assets/js/ 7 KB
3 KB 295ms
270ms Script
application/javascript 95.101.111.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xpi.com.br/cs/attendance-tools/assets/js/faq.js
Requested by: Host: cdn.xpi.com.br
URL: https://cdn.xpi.com.br/loadertools/index.js?_V=2023-05-15-03-00
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-157.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 91ce38d680cba5d0a5940ed32f09a815b63df85a48f4b29d5a4da76538ed75a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 21:53:42 GMT
server: Microsoft-IIS/10.0
etag: "0f7b449884cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
content-length: 2872

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 110ms
105ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA3OCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy8zODMzNy9mb3JtRGF0YTE2ODE4ODk0MDM1MTZfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wNjZ9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDc4LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-v0hb
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 107ms
107ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA5MSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80MDIyMS9mb3JtRGF0YTE2ODE4ODk2MTIyMjBfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wNzd9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDkxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-f3k3
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 105ms
105ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA5MyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80MDIyMi9mb3JtRGF0YTE2ODE4OTAyNzMwMTlfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wNzh9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDkzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-d5pp
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 109ms
109ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA5NSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80Njk3My9mb3JtRGF0YTE2ODE4ODkxMzc1OTlfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wNzl9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDk1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-42wk
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 106ms
106ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA5NyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzA5Ni9mb3JtRGF0YTE2ODE4ODk2Mzg3NjhfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wOH19LCJjb29raWVfc2l6ZSI6IDIyODEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUwLjIiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUwLjIiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2ODQxNzIzNjkwOTcsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-40fv
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 104ms
103ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTA5OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2NC9mb3JtRGF0YTE2ODMyMjA3NDU5ODdfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wODF9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MDk5LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-scnj
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
76 B 104ms
104ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTEwMSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2Ni9mb3JtRGF0YTE2ODMyMjM0ODg0MDFfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wODJ9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MTAxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-mvrl
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
47 B 103ms
103ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuOTIgU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIlhQIEludmVzdGltZW50b3MgLSBMb2dpbiBTZWd1cm8iLCJwYWdlX3VybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX2FmdGVyX2h0dHBfZ2V0X3JlcXVlc3QiLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NDE3MjM2OTEwMyIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4MjA3ZWVjNjAxNDctMDJkMzUxMDEyNWMzOGItMTMzMTMxNzAtMWQ0YzAwLTE4ODIwN2VlYzYxYzFhIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLW1haW4iLCJhY2NvdW50SWQiOiA2MzQ4MTMsInVybCI6ICJodHRwczovL3BvcnRhbC54cGkuY29tLmJyLyIsIndlYnNpdGVJZCI6IDYzNDgxNSwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiNWE3Mi03NDU4LWFkODYtMWYxMi00MjU0LTA2NjItZWY3NC0yY2Q2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2ODQxNzIzNjkwMDIiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiODUuODQ1MDQ4MDQ4MTM4NjIiLCJTVUJNSVRURURfREFURSI6ICIiLCJodHRwUmVxdWVzdERhdGEiOiB7InJlcXVlc3RVcmwiOiAiaHR0cHM6Ly9uZWJ1bGEtY2RuLmthbXB5bGUuY29tL3VzL3d1LzYzNDgxNS9mb3Jtcy80NzY2Ny9mb3JtRGF0YTE2ODMyMjM1NjgyNTVfcHQtYnIuanNvbiIsImF0dGVtcHROdW1iZXIiOiAwLCJyZXF1ZXN0VG90YWxUaW1lSW5TZWNvbmRzIjogMC4wODN9fSwiY29va2llX3NpemUiOiAyMjgxLCJrYW1weWxlX3ZlcnNpb24iOiAiMi41MC4yIiwib25zaXRlX3ZlcnNpb24iOiAiMi41MC4yIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjg0MTcyMzY5MTAzLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-40fv
date: Mon, 15 May 2023 17:39:29 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

POST
H2 200 adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAP-JAU/ 0
735 B 549ms
175ms XHR
text/html 52.40.162.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAP-JAU/adrum

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.162.28 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-162-28.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:29 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
access-control-allow-headers: origin, content-type, accept
expires: 0

POST
H2 200 adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAP-JAU/ 0
735 B 720ms
350ms XHR
text/html 52.40.162.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAP-JAU/adrum

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.162.28 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-162-28.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 17:39:29 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
784 B 49ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Requested by

Host: customerattendance.xpi.com.br
URL: https://customerattendance.xpi.com.br/widgetelevio/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e787d9426af63537034df2649677ef0aa960290c609dc17db14f784d14040d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://customerattendance.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 17:39:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 17:39:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 174914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 180876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:24:53 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
688 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Requested by

Host: static.xpi.com.br
URL: https://static.xpi.com.br/cs/attendance-tools/assets/css/faq.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e787d9426af63537034df2649677ef0aa960290c609dc17db14f784d14040d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 17:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 16:51:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 17:39:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 174914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 180876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:24:53 GMT

OPTIONS
H2 200 articles
api.xpi.com.br/xpinc-customerservicefaq/v1/faq/ Frame 0
0 239ms
239ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/xpinc-customerservicefaq/v1/faq/articles?categoryId=84&complete=true&account=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:30 GMT
server-timing: ak_p; desc="467825_35115161_469964378_21403_9325_6_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 641 KB
117 KB 49ms
7ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: static.xpi.com.br
URL: https://static.xpi.com.br/cs/attendance-tools/assets/js/vendors.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1875c74085b47df0f65541dd169264da6b5038372a9af588eb31c836c75286a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:39:30 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1710
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 118875
x-served-by: cache-iad-kjyo7100175-IAD, cache-fra-eddf8230137-FRA
x-browser-version: 113
last-modified: Mon, 15 May 2023 16:09:58 GMT
server: AmazonS3
x-timer: S1684172370.446761,VS0,VE0
etag: "d0747c2f56f4dccfc8b9498e1b36a3d2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: ef79cb9802aa5dd1d7a8524c99b80be4afc8bfea
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 60, 183

GET
H2 200 articles Show response
api.xpi.com.br/xpinc-customerservicefaq/v1/faq/ 22 KB
24 KB 549ms
549ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/xpinc-customerservicefaq/v1/faq/articles?categoryId=84&complete=true&account=0

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7a7b118662011023495e894f6078188827824b99ebd80144830d7309507e0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:31 GMT
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=407, origin; dur=125, ak_p; desc="467825_35115161_469964629_53222_9842_6_0";dur=1
content-length: 22730

OPTIONS
H2 200 rulesXP
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/ Frame 0
0 229ms
228ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:30 GMT
server-timing: ak_p; desc="467825_35115161_469964605_21178_8274_6_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 rulesXP Show response
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/ 381 B
2 KB 219ms
219ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/webchat/rulesXP

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f82ceb345c4bea404ff38836eee25b5391b8e3100d8c4501c648372125bf133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:31 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=191, origin; dur=12, ak_p; desc="467825_35115161_469964800_20309_9050_6_0";dur=1
content-length: 381
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"17d-cKXG6YHB34OsC3vPhgkdE0slTxQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
x-download-options: noopen
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true

OPTIONS
H2 200 widget
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/tapume/ Frame 0
0 220ms
219ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/tapume/widget
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:31 GMT
server-timing: ak_p; desc="467825_35115161_469965032_20352_9090_6_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 widget Show response
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/tapume/ 85 B
2 KB 223ms
222ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/tapume/widget

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

67905d7fa668bbb62a74057f26ec18d153418671c7c19697898a3caa84cc8db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:31 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=190, origin; dur=16, ak_p; desc="467825_35115161_469965256_20615_8517_6_0";dur=1
content-length: 85
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"55-Gau/fEGIUv4CWVA2MiZwfhIjkP4"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
x-download-options: noopen
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true

OPTIONS
H2 200 xp
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/lgpd/ Frame 0
0 214ms
214ms Preflight 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/lgpd/xp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,ocp-apim-subscription-key
access-control-allow-methods: GET
access-control-allow-origin: https://portal.xpi.com.br
access-control-max-age: 1000
content-length: 0
date: Mon, 15 May 2023 17:39:31 GMT
server-timing: ak_p; desc="467825_35115161_469965481_19660_8634_6_0";dur=1
warning: True-Client-Port:53726

GET
H2 200 xp Show response
api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/lgpd/ 15 B
2 KB 267ms
266ms XHR
application/json 95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xpi.com.br/corporate-customerservice-backoffice-bff/v1/api/lgpd/xp

Requested by

Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

3147c875520439e1c9eda06339e533dbee86e1b532146069523b0489597f8675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Ocp-Apim-Subscription-Key: 82731b8c7883467c8268d7771bee1c88
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 17:39:31 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=192, origin; dur=56, ak_p; desc="467825_35115161_469965700_24838_10983_6_0";dur=1
content-length: 15
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"f-FlwNxn1mQQwsSLKKksUsdVZ1Ip4"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
warning: True-Client-Port:53726
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.xpi.com.br
x-download-options: noopen
access-control-expose-headers: authorization,x-authorization,x-mfa-code,content-type,token,signaturetoken,X-Captcha,x-datadog-origin,x-datadog-sampled,x-datadog-trace-id,x-datadog-parent-id,x-datadog-sampling-priority
access-control-allow-credentials: true

GET
H2 200 elevio-bootloader.js Show response
cdn.elev.io/sdk/bootloader/v4/ 794 B
1 KB 77ms
8ms Script
application/javascript 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5d2e99ff7648f
Requested by: Host: customerattendance.xpi.com.br
URL: https://customerattendance.xpi.com.br/widgetelevio/assets/js/vendors.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c85f8a8efce74d92b969888aedb15cb55792c436c17f71aced3b11ee0ad5ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 05:47:26 GMT
x-amz-version-id: bsUp1gMdZu_8apKWSuoi2bEhNldhYHu3
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 00:07:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 42727
etag: "eee7f9773e227696bdc8998099fa8463"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 794
x-amz-cf-id: 5QZyERZRLbDC2Newy3f6L_OxgvuSGv9lYDqwEddlx--XRI-bUaSfiQ==

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
297 B 97ms
96ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.xpi.com.br
Date: Mon, 15 May 2023 17:39:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 elevio-main.js Show response
cdn.elev.io/sdk/main/v4/1682640476331/ 392 KB
102 KB 8ms
8ms Script
application/javascript 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/main/v4/1682640476331/elevio-main.js
Requested by: Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5d2e99ff7648f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c78f45350797fca04cfa7e3a9764874411fc4e0c4bafc2ed28001b6dc3e90db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: WA2b_rOeIfxFhGHaXXvzCbTKIVa8F12k
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
date: Sun, 14 May 2023 20:33:01 GMT
last-modified: Fri, 28 Apr 2023 00:07:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 75991
x-amz-server-side-encryption: AES256
etag: W/"18ffbdfc94929f01f3cbdd5fe830fd41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2592000, public, immutable
x-amz-cf-id: -D2AzLivMBPPNlN77YK9JTJKXJYfEFZz0P76N2OUDABHegD7gCY5zA==

GET
H2 200 en Show response
ipa.elev.io/api/settings/5d2e99ff7648f/ 3 KB
1 KB 394ms
159ms XHR
application/json 44.195.167.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipa.elev.io/api/settings/5d2e99ff7648f/en?is_init_load=true&loggedin_only=false&first_name=null&last_name=null&registered_at=null&previewMode=false&url=https%3A%2F%2Fportal.xpi.com.br%2F
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.167.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-167-92.compute-1.amazonaws.com
Software: /
Resource Hash: 6bc9e0a1b9e41a724c024c1ca8a4d7fb4a3554d4abca1e8e0a2566f2d740ef9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 May 2023 17:39:32 GMT
content-encoding: gzip
content-type: application/json

GET
H2 200 app.json Show response
cdn.elev.io/sdk/locales/v71/pt-br/ 4 KB
2 KB 25ms
8ms XHR
application/json 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/locales/v71/pt-br/app.json
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45807afd2bb3b8277bd133c87576b9ba2f9bf5beb7705534a7219dd4353bfcb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 05:31:49 GMT
x-amz-cf-pop: FRA56-P5
age: 43664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 01 Aug 2022 06:34:48 GMT
server: AmazonS3
etag: W/"17d367bfdf1a1f49a725d9fbad818172"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: lk4vQwwMhazs3ROrXiZhlCyw4ym0pc0Gr0z1zyjoL5hNlx1G3UVyog==

GET
H2 200 elevio-noto-sans-400.woff
cdn.elev.io/sdk/fonts/ 14 KB
14 KB 9ms
9ms Font
application/font-woff 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/fonts/elevio-noto-sans-400.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 06:39:36 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 39597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13976
last-modified: Tue, 07 Jul 2020 06:02:44 GMT
server: AmazonS3
etag: "66388ef84ff4c5d874ed3875ea4c110b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: AWKjbMJSjNON6LWiAPs27ikHVOCe3IQsijAevGWty8l5msAgRNYyMw==

GET
H2 200 elevio-noto-sans-700.woff
cdn.elev.io/sdk/fonts/ 13 KB
14 KB 8ms
8ms Font
application/font-woff 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/fonts/elevio-noto-sans-700.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d4ad7bdeea12089935e069557d320d851f83aaa2fb5a95b02669dc71cfc69eb

Request headers

Referer: https://portal.xpi.com.br/
Origin: https://portal.xpi.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 06:11:13 GMT
x-amz-version-id: null
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 41300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13744
last-modified: Tue, 07 Jul 2020 06:02:44 GMT
server: AmazonS3
etag: "d0f1cc11f68556411a88c400c8e199ed"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: tE--AAt9hWA-uZvWnXZLOlq_mQ_qQHxlvA9ReByMXsH9OPC4aa9epg==

GET
H2 200 child.svg Show response
cdn.elev.io/sdk/icons/v9/ 363 B
888 B 8ms
8ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/child.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8522b284b3b60a6929d02464ef50fc40a94a89637f0d7d620f21da77340a5351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 08:13:44 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 33949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 363
last-modified: Mon, 18 May 2020 08:36:53 GMT
server: AmazonS3
etag: "884d38abe49c95b031136d0bdf729d7b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=6048000, immutable
accept-ranges: bytes
x-amz-cf-id: RtVWFHvp8xdofcgLP4JVtDleRXJpckJCPl5pXwQwQVHqCWKw4EBPbw==

GET
H2 200 comments.svg Show response
cdn.elev.io/sdk/icons/v9/ 297 B
821 B 8ms
8ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/comments.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3829d939f88420c16fb7a65d34d0b11780a8458a4be553c4baf97badeaa8af98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 08:09:08 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 34225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 297
last-modified: Mon, 18 May 2020 08:36:54 GMT
server: AmazonS3
etag: "3edb3fbee4e9edf2d7ebd83558f1d4ac"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=6048000, immutable
accept-ranges: bytes
x-amz-cf-id: pTOh5a8_9_WAk9ksVH9L3CstXHD8lnQH4usqNhSiYs_V9THYc0zgwQ==

GET
H2 200 users.svg Show response
cdn.elev.io/sdk/icons/v9/ 959 B
1 KB 8ms
8ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/users.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2710670e584bd5ad5159b69e6b36fff373be2298840921a73af7383d9406d48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 09:09:57 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 30576
x-cache: Hit from cloudfront
content-length: 959
last-modified: Thu, 17 Nov 2016 04:22:10 GMT
server: AmazonS3
etag: "55ded6bf030bcde48116a8dfbbe4642c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: sgqWPJ3dWhYH1TLDNRaqfskkoXCdEbSeNmRVDX2LjhtoRVKCSH_1Bw==

GET
H2 200 bullhorn.svg Show response
cdn.elev.io/sdk/icons/v9/ 259 B
783 B 8ms
8ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/bullhorn.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59128342a13da69d21cb04fbbd6fcb4d4b435fa67e0c7452a69f18f1d6bddd1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 09:13:20 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 30373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 259
last-modified: Mon, 18 May 2020 08:36:52 GMT
server: AmazonS3
etag: "4242b97b9af400abe6533a3bac922188"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=6048000, immutable
accept-ranges: bytes
x-amz-cf-id: j_BsMvIp_6WDGqjGFq7kLg0ScwQCWEeVq-zhqkpNl3NkeU5jFv-Ihw==

GET
H2 200 file-pdf-o.svg Show response
cdn.elev.io/sdk/icons/v9/ 392 B
916 B 8ms
8ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/file-pdf-o.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e8e56675811f7d9acdfc690ad4d237c57f8222b17f9bafcfd75d7976247644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 08:31:46 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 32866
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 392
last-modified: Mon, 18 May 2020 08:36:55 GMT
server: AmazonS3
etag: "97dd3796cecea15e4f071706aa3841b7"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=6048000, immutable
accept-ranges: bytes
x-amz-cf-id: xaNHUqSoznVuJtnmsG53OJFjsvgUY8ZyqCGxupixA6z-qOuHcUkfXg==

GET
H2 200 bookmark.svg Show response
cdn.elev.io/sdk/icons/v9/ 301 B
824 B 10ms
9ms XHR
image/svg+xml 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.elev.io/sdk/icons/v9/bookmark.svg
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8feddd27653fa0a3c9e9b5b7f068d5be42952b7639178814945dd6f740361888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.xpi.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 15 May 2023 05:51:40 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 42473
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Mon, 18 May 2020 08:36:52 GMT
server: AmazonS3
etag: "6f1905eea80557a5214262d670606fba"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=6048000, immutable
accept-ranges: bytes
x-amz-cf-id: 9kBkTM68KsxdM8ZkP68d0fcNPQ0vitME8tmLaVHRVDCeXx-XNhyP0Q==

OPTIONS
H2 200 events
events.elev.io/v1/ Frame 0
0 322ms
283ms Preflight
application/json 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://portal.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-elevio-debug-temp
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Mon, 15 May 2023 17:39:33 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-apigw-id: E-YteGSsoAMFQSg=
x-amz-cf-id: 0nw3Of57f5HOaj_OZUVU-GwoQITNb-cgu1vt8XawNMNjHlhw8b7Hcw==
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 20d8f918-b41f-4fba-b7ab-8357c10d0f45
x-cache: Miss from cloudfront

POST
H2 200 events Show response
events.elev.io/v1/ 13 B
590 B 357ms
357ms XHR
application/json 18.66.97.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.elev.io/v1/events
Requested by: Host: portal.xpi.com.br
URL: https://portal.xpi.com.br/Scripts/adrum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-3.fra56.r.cloudfront.net
Software: /
Resource Hash: f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6

Request headers

Referer: https://portal.xpi.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 May 2023 17:39:34 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amzn-requestid: 0da76ef8-f8c7-48f4-b919-0f9b27deb6b9
x-amzn-trace-id: Root=1-64626e56-281175652551fe070b99e371;Sampled=0;lineage=ba02c674:0
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: E-YthF_jIAMFQZg=
content-length: 13
x-amz-cf-id: l_9QLZEJHTJXA0X26AfqdrpL_hB3YrQsA-3LLqYqW3LEXP3rfs8LpQ==
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ofdb-u.dnofd.com/web/ofdb	1970-01-20 21:25:32	Name: cck Value: a25ab957-dd2b-80b2-876b-c44198213b10
ofdb-u.dnofd.com/web/ofdb	1970-01-20 21:25:32	Name: ccn Value: b55d1e8-a1d5-d21e-ce67-5a5adb8fcdc9
.portal.xpi.com.br/	1970-01-20 11:49:32	Name: akaalb_portalxpi Value: 1684172661~op=portalxpi:origin-portal-xpi-1\|~rv=58~m=origin-portal-xpi-1:0\|~os=4232c9215b76bc535ce1ca00c6c76064~id=e4342196143997552b66dd9cc66bc115
.xpi.com.br/	1970-01-20 11:49:46	Name: bm_sz Value: 9405B655F84F19900113C3CC39960029~YAAQndAXAlXtmQOIAQAAes1+IBMGkJf3sIBYdQivS4gkVcu2mPVF6VBUc/IGqfMO4BdyK9TwVvTJl3cWwmhRDGGxrOC8GO0vPYQMHiaW9aOb8FK3j5/Hj2FEzmgoXRTOImwI+CyCR4gLhWpsK6nMCQ1ztkHGCAixQ5mP16CExRqtaQStht/tIWXNowEa/T5Ii9sniePAq0Ynv1k3dpv3TjB0EGhZwwtqwbVK94JJzBdT9CVvaqgIxsJMKyVtfeYm2MWvmdfNeNNq5sJQnHu1+KZFCw+e/NPwBsRWz1LpO+b9ruQ=~3359044~3551799
.xpi.com.br/	1970-01-20 11:49:39	Name: ak_bmsc Value: DF4BD67CB12C10F677989041786AE9E2~000000000000000000000000000000~YAAQndAXAurtmQOIAQAA+NJ+IBMIl308KX/KbLmIrV2NUXvV2VXT8ZBuJixyaSwiLrQ6wQwdwr4Y3CDEIkrECziHFTdIhX14NqxhjVh5nVQ7fhozhjNU0s9g26LzuuVsk/EvuKlksqKNvff40T7Sx0S3l3KyEfdMTGul6jHtcFT8UgAwQDNcSnnkNV52L7pHJJTV2LqBNWrSE5xZZ4e+7zo02+KTAvnGtwcca5lmHvbqdbIPYzAoF7iSctuxf69tuIOd4zbPnfAQXlmO1SUDvNzR2Xjw8/g8aS7t4bYUu6tCBzo0oPX4D0WNXVMPDdSbjMHq41j/hEWI3bG6CM9DJ+z1WJZRlov0WUYxxqKwmcc1acnB2q5vL45SCvuAnL+lzg1VmZqHmlGvPcMc
.xpi.com.br/	1970-01-20 11:50:58	Name: _gid Value: GA1.3.1897140486.1684172365
.xpi.com.br/	1970-01-20 13:59:08	Name: _gcl_au Value: 1.1.914510091.1684172365
portal.xpi.com.br/	1969-12-31 23:59:59	Name: clientId Value: 2104091606.1684172365
.xpi.com.br/	1970-01-20 13:59:08	Name: _fbp Value: fb.2.1684172364891.1157624850
.xpi.com.br/	1970-01-20 21:25:32	Name: _ga_HM1230DXLC Value: GS1.1.1684172364.1.0.1684172364.60.0.0
portal.xpi.com.br/	1970-01-20 11:49:32	Name: ADRUM_BTa Value: R:26\|g:ff7c16b9-3485-4fd1-922d-b64896e6449b\|n:xp-beta_4a51785d-469a-431c-8b52-933d7149a844
.xpi.com.br/	1970-01-20 20:35:08	Name: isReset Value: true
.xpi.com.br/	1970-01-20 20:35:08	Name: ajs_anonymous_id Value: 23fd7fd5-2fad-490f-92f7-5f068724ed6f
.xpi.com.br/	1970-01-20 20:35:08	Name: segment_anon_id Value: 23fd7fd5-2fad-490f-92f7-5f068724ed6f
portal.xpi.com.br/	1970-01-20 11:50:58	Name: ln_or Value: eyI0MDQ0Njk3IjoiZCJ9
www.clarity.ms/	1970-01-20 20:35:08	Name: CLID Value: f7c92b09a6f34eaa9abcf39016195d30.20230515.20240514
.xpi.com.br/	1970-01-20 20:35:08	Name: _clck Value: yctf4s\|2\|fbm\|0\|1230
.t.co/	1970-01-20 21:25:32	Name: muc_ads Value: a128ddd1-bb8b-425e-b5ec-217dbf0a7c23
.twitter.com/	1970-01-20 21:25:32	Name: guest_id_marketing Value: v1%3A168417236510963761
.twitter.com/	1970-01-20 21:25:32	Name: guest_id_ads Value: v1%3A168417236510963761
.twitter.com/	1970-01-20 21:25:32	Name: personalization_id Value: "v1_Y+InKVzmzMrmbqBjbFheyQ=="
.twitter.com/	1970-01-20 21:25:32	Name: guest_id Value: v1%3A168417236510963761
.linkedin.com/	1970-01-20 13:59:08	Name: li_sugr Value: bfb5646d-5a0c-4c24-b775-24dade72c6c0
.linkedin.com/	1970-01-20 11:50:58	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2935:u=1:x=1:i=1684172365:t=1684258765:v=2:sig=AQG0yQx8wYLu1eKo-3HTaFoVlirY_laB"
.linkedin.com/	1970-01-20 12:32:44	Name: UserMatchHistory Value: AQJRO74Y_-tCUAAAAYggft0xZI28PDaAf8g_66TPzifQHSCK-uUlquDY8hHPWqSFiCXC7vtyXyoVyw
.linkedin.com/	1970-01-20 12:32:44	Name: AnalyticsSyncHistory Value: AQLimQHZ7HGicgAAAYggft0xzMFORxWbmXGGAPOIkWHPrSzcP64WMSzq_i7QsXavwLPn9uJ4pwbmgSb7X5Eoeg
.linkedin.com/	1970-01-20 20:35:08	Name: bcookie Value: "v=2&a3f0f2cf-81b9-4da9-8485-a6f1940709d0"
.doubleclick.net/	1970-01-20 21:11:08	Name: IDE Value: AHWqTUmrQ9uTTVzmQZeGrzkYb1wB_uTYrg745x85C7ttjb-jG3oa5KxpyNbsxFcH0t4
.www.linkedin.com/	1970-01-20 20:35:08	Name: bscookie Value: "v=1&20230515173925c741bf02-c353-4dc8-8f40-7e63ed1bcfebAQHEluA-Ka8M7nuXTILXFJUApJzlVkUT"
.linkedin.com/	1970-01-20 16:08:44	Name: li_gc Value: MTswOzE2ODQxNzIzNjU7MjswMjEccheGtmry/VhQN9OxkCp0CZyIilGmI6gYI72yvXzXgg==
.xpi.com.br/	1970-01-20 21:25:32	Name: _ga Value: GA1.3.2104091606.1684172365
.xpi.com.br/	1970-01-20 11:49:32	Name: _gat_UA-5145909-16 Value: 1
.xpi.com.br/	1970-01-20 11:50:58	Name: _clsk Value: 16g8rcw\|1684172365738\|1\|1\|p.clarity.ms/collect
portal.xpi.com.br/	1969-12-31 23:59:59	Name: akavpau_visitor-xp Value: 1684172667~id=788cfb785b101e5bbf6c51289fb626c7
.xpi.com.br/	1970-01-20 11:50:58	Name: _uetsid Value: 7062c540f34711edbad521af39b610aa
.xpi.com.br/	1970-01-20 21:11:08	Name: _uetvid Value: 7062da80f34711edb8032908c615e011
.bing.com/	1970-01-20 21:11:08	Name: MUID Value: 1BFA10EE3DBF68C9142D03FC3CBF6984
portal.xpi.com.br/	1970-01-20 21:25:32	Name: tga Value: 554ec1b5-8bfd-4db1-8d90-75fc84632f76
.dnofd.com/	1970-01-20 21:25:32	Name: cck Value: a25ab957-dd2b-80b2-876b-c44198213b10
.dnofd.com/	1970-01-20 21:25:32	Name: ccn Value: b55d1e8-a1d5-d21e-ce67-5a5adb8fcdc9
portal.xpi.com.br/	1970-01-20 21:25:32	Name: cck Value: a25ab957-dd2b-80b2-876b-c44198213b10
portal.xpi.com.br/	1970-01-20 21:25:32	Name: ccn Value: b55d1e8-a1d5-d21e-ce67-5a5adb8fcdc9
.xpi.com.br/	1970-01-20 20:35:08	Name: _abck Value: 08A1A984C12D74E1B1BB84C48121F695~0~YAAQndAXAnzvmQOIAQAAVOh+IAm9XUEEb/Px9hneVo3YJ9crms9t5ubfehOSXgu78EHHtLL8XgICqKokTrkdcX1W+2WTrbNjC435PVIUmRKoupVzz1Y5553+oo1V0CgR9wk0aPv2zM2/yH8+TjTu7QQwvmvZk2K4BXiZqwoA160B93PqRqmIWO/oJnxrwqvOiIXVs19WvJQiaM2J93E3V+2I6I0OBfsYEUW+TB1QNO65t9zmCNee7lMdThWSxxe1uUn/tGP/FZUpM5bbOj97SZYRYVoXcmfAwKyqtfAMj/bknxPSO3oGUT/JD/8KAzmMTCkb2/M8PtlBpw6cOcb258kRrECpmwOqzotG/YBXNXaX3Ue9ux+PTkc63j5Tzq6q7JGzkyYJIJ7u8EsFIY4ViDdbDLjh1MHS~-1~\|\|-1\|\|~-1
.c.bing.com/	1970-01-20 11:59:37	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:11:08	Name: SRM_B Value: 1BFA10EE3DBF68C9142D03FC3CBF6984
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:11:08	Name: MUID Value: 1BFA10EE3DBF68C9142D03FC3CBF6984
.c.clarity.ms/	1970-01-20 11:59:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 11:49:32	Name: ANONCHK Value: 0
portal.xpi.com.br/	1970-01-20 20:35:08	Name: mdLogger Value: false
portal.xpi.com.br/	1970-01-20 20:35:08	Name: kampyle_userid Value: 5a72-7458-ad86-1f12-4254-0662-ef74-2cd6
portal.xpi.com.br/	1970-01-20 20:35:08	Name: kampyleUserSession Value: 1684172369002
portal.xpi.com.br/	1970-01-20 20:35:08	Name: kampyleUserSessionsCount Value: 1
portal.xpi.com.br/	1970-01-20 20:35:08	Name: kampyleSessionPageCounter Value: 1
portal.xpi.com.br/	1970-01-20 20:35:08	Name: kampyleUserPercentile Value: 85.84504804813862

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .xpi.com.br xpi.com.br cadastro-xpi-dev.azurewebsites.net cadastro-xpi-hml.azurewebsites.net whg.com.br .whg.com.br
Strict-Transport-Security	maxage
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd311.akstat.io
9143205.fls.doubleclick.net
adservice.google.com
analytics.twitter.com
api.segment.io
api.xpi.com.br
bat.bing.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.appdynamics.com
cdn.elev.io
cdn.linkedin.oribi.io
cdn.segment.com
cdn.xpi.com.br
col.eum-appdynamics.com
connect.facebook.net
customerattendance.xpi.com.br
emaillink.xpcorretora.com.br
events.elev.io
fast.wistia.com
fibrwiaaa3ybckqce3ydkaaaczsge3sq-pln0ln-6e505baf0-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipa.elev.io
nebula-cdn.kampyle.com
ofdb-u.dnofd.com
p.clarity.ms
portal.xpi.com.br
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.dnofd.com
s.go-mpulse.net
snap.licdn.com
static.ads-twitter.com
static.xpi.com.br
stats.g.doubleclick.net
t.co
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
udc-neb.kampyle.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
xhkzxdk7mu3ggzdcnzia-pln0ln-7e9a6b19c-clientnsv4-s.akamaihd.net
xp.dnofd.com
104.244.42.5
104.244.42.67
13.107.42.14
13.225.78.58
13.32.27.42
142.250.185.66
142.250.186.70
143.204.89.51
146.75.116.157
151.101.129.175
167.89.118.83
18.231.104.205
18.66.112.79
18.66.97.3
20.122.63.128
2001:4860:4802:32::36
2600:9000:20eb:f000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9d
2a02:26f0:1700:391::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a02:26f0:480:184::11a6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::622
35.241.45.82
44.195.167.92
44.241.21.252
52.40.162.28
68.219.88.97
95.101.111.153
95.101.111.157
95.101.54.145
95.101.54.99
99.86.8.175
004a84114f6e1bd4c5042f9cf5842c7014c2b05a33a67d31093713c837064678
02603c44c4e1c7097e63fc23b65d42d0b25e49ac8e006c57515fa62fb6078f8c
08587bf41e9564c83bdf3c8af119b958f1cbcf28ee8f5d4e56f60e03eed7b1f4
08e4a82771a4bbc5fb46c2d510607bedb0decdd114bf6298a957671554cf5198
08e8e56675811f7d9acdfc690ad4d237c57f8222b17f9bafcfd75d7976247644
0a1ca92f3f9e3fd5fe2055bc879f90215d9c1f4a137ad6daba763054e7809a82
0c5c9f95665ffc541c477a57ad14dfcc815586df570dc3a0f1b231dda4e5f86c
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963
0f2310c44027d94757d1ada16e7f7851a8d2d084d7c85b849fdf55313f0cfa6f
122b310043d61550b9f727cb30ec6463ea0ffdf3cbd53fe9896a3b402804ca7c
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1390b37d41bf25297e61453d05926ca26423dc12d51dde6cc3ab323059cb3e08
140f422d2b9411b10a77818e21b279021c5b02c59019dbf03d538270166397ea
1650aa4ccc39063c51679f495c0533534823367c6e6c4b22921684e1bd8420e8
17a3eaba9d243bbf7adfc7607a8a8b4bff06ed08f054990be5efea6f267062db
180b05893224e9340a5dfd148631f00f58e1ea6cd62b2cbe37b534140ce6d675
1875c74085b47df0f65541dd169264da6b5038372a9af588eb31c836c75286a9
1af95a804d107387ef0d6a8576b3a48b8da926573724a54e6fc000303aa94764
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c85f8a8efce74d92b969888aedb15cb55792c436c17f71aced3b11ee0ad5ffd
1d9c1064cf2b78f320b116c8bae30e319224da5627e6a3242695aba44d88f2c2
1e46a7a4b5d380b306f25066d438dbfc711756addf3c9fbc2cc2f9fd9853a2ea
222046bb759420cc945d50a40ba0da8f2dd965dffc0351254419b2bc317a791d
25747c7308dc5a33ccd284257910d462ec6d732401469b0932db93f0fb588011
2710670e584bd5ad5159b69e6b36fff373be2298840921a73af7383d9406d48a
27e0d13f10cae008ba2de8670a6c24c27d8d1e773222302c714702965c9d3c8d
2a798b43d205de53e3588023f488ef39b0f29b2edfd6e128115754b8c9994df3
2b35d4d039b436a9494b3bed074905653ffc14b04961ee1cf0ce109853bec02d
2e787d9426af63537034df2649677ef0aa960290c609dc17db14f784d14040d4
2f19d63af6476af921c5e7dcd4f31d005ad3ea7028314088c5b10c43a6d7b279
2f9211af5e768a1a24d5d233bad5d487dabb08c3aa764daed2f6dd333f9c2a7e
3147c875520439e1c9eda06339e533dbee86e1b532146069523b0489597f8675
32d71463afeb6dbbb127f92314ea4c3ea028284dd3010275856470f97bc181b9
335fb9aca83c238f7d7b55a9dcf4a17c9a283d4162b482fa1db310afc0cc585f
347deadf7961550c179c21def766c96fe61116ed211a3ae83edab65ad4cd533f
34a2998dd32a9786a54d66bedef632b08df0943deca7fccf325e233f4830d51c
371e08ec65502ae7bac8aab86e2d264e609ee2befdc3ac86b24ca0f018a56ebd
3829d939f88420c16fb7a65d34d0b11780a8458a4be553c4baf97badeaa8af98
391c0ac2c492fec7973388144f628fcbdd8b6e76b4efebad59251f7795dffd0b
3c4489fbcd3c81d284fb96084d17903234a5ba23048d07c9632602969e7d7f43
3c872b84edaa31274ff9d473c79e5ea016b70d974dec8160aa22209994143beb
3d4ad7bdeea12089935e069557d320d851f83aaa2fb5a95b02669dc71cfc69eb
3dfe9125cc2a8cada49e6831253425a352e3acc6909f72f84c70bba029f408b0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eaf0fb993760aa69b242e7a25d9ae117b723a6d3083cf98b9abcdb558bc0276
3ecbb596326f0ffe78193a0eb1785d03a486558f98d27a1720f7c219e392da1b
3f9719f547c668efa2a0d8b6cbe30612ec32691c2ddda4e379f15802241417b5
3ffb15573545729d2f1a2c847b172e2e0e43858fa58cffdc0db53f8c6db81655
4192e92fc312be5443112921d93d4109e004865cc9b043d0aa4e88b340fc36d7
43b258bc8073d36494d06c622415db04061dc1885f437e434d036b1ba3d3d320
45807afd2bb3b8277bd133c87576b9ba2f9bf5beb7705534a7219dd4353bfcb1
46086c80990e08b3eea59aef06d85e58464240d8e69522f6ce8d6c00d8ad0c28
4a584e6ef2efdf7efebba385890499e9faf1f6916c00eebb4e9304f8ba9517c9
4c6b1995eb4968255e21f88b09bab157a4afa6047c2c099d995b33b83bc6029d
517b99ef8ecdc4aa734b2d659ef7e43b0d52acebf9bebc07847dd486c5c50ebf
5260d94ea3da7034227de29817a1c0a524f897ef32325cece70720bed3e03d72
52adbad8f15ff713261524bba7c7b6c8055caa80ff0f2cbd0a0042f669e3462e
53dacf4edf6f45c1c881c25960fceeccf54ee9af399a71fd2083babbc0f480de
54bd419d9505c7fbd64c84136eff41737a2911d588efef0ccc2267f0b3a73997
5560e84e94d7004b9f3756cbcb4094a07ba57ab563c8c22f447caeadb5d3e111
59128342a13da69d21cb04fbbd6fcb4d4b435fa67e0c7452a69f18f1d6bddd1d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d516f236853ee2afa1b902c135f81eb271ee247c101b1c25fa9f24211e6707b
5f82ceb345c4bea404ff38836eee25b5391b8e3100d8c4501c648372125bf133
60c162ba225d1b2ec4eb968888610eebdbde099661bdd53633318caf406ade1f
628e97d5c061cab283317499fbbc7c93dd474c9eaa18b333f5b59bc0022c99be
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
676d8422b5d1a790e8119ece1d63040dc210183c85bf747207dde6875d690f15
67905d7fa668bbb62a74057f26ec18d153418671c7c19697898a3caa84cc8db3
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
6a46d24641c9c7547bf5354b5bd55a3ab70ea00065586a9e05ce43ae54a0b431
6bc9e0a1b9e41a724c024c1ca8a4d7fb4a3554d4abca1e8e0a2566f2d740ef9c
6bf6eedd6f1568a26cbefe2e83251cffa668370d40a231e1432416d340dd13c9
6c78f45350797fca04cfa7e3a9764874411fc4e0c4bafc2ed28001b6dc3e90db
6ca2534ccf285163aed881789e7dff15ab7e50f5b6f184559c18206ec82e9a39
6e7e4fca96d4efed41e842c2761a59a829600224e482f0279bd6ae2dc0870c80
7019cc52e3031ac6d5fb585477ff1926273d2d4a1c57f26e81f8a2e38a46210a
7275437de0752a12e8e308fb781792b81a4322261b3bde3873a1c77ce292c5e1
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
827a34f7286a46b2fb3ecbe28bd49bb07f82617ddcd520944a82de4c2475f8e0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8522b284b3b60a6929d02464ef50fc40a94a89637f0d7d620f21da77340a5351
85326302fc3ac76c5e13de8fd64ef9bd9cfc7d2a125772b24b0990c2817b8c80
85b855cae6b348895d013aad1697ef65c0ee97563502bf366154ac1a055262ae
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd0d08585bcea85d539958a67c7d051f1b6072703f808de09114289f07ac55f
8ced9a77d624308e1f39d3384a0b32c9f8dd312d343c1f8154f829735a3debb7
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8feddd27653fa0a3c9e9b5b7f068d5be42952b7639178814945dd6f740361888
90be8f7d7f84f80d216e3990f19ec0d77da867ae10a828554550ccc2e6cfb352
90d658bf0f0773462aae96b479465ef6c4b076e1280533ae075874f7a8e1e90c
91ce38d680cba5d0a5940ed32f09a815b63df85a48f4b29d5a4da76538ed75a5
9364e982578e59eec328f39c9f2d7f8c33c63cf077ebba97098558acc0cca35b
9429ef2648ec986866530ddffd188eb86a69380ba3fffa4768afed1614ba3e7a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259
993505fdb931dcb3665915462eb030414ce6b0c74ab8433d7043495e014c5914
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a535bd673e76e631f4a058a5d142c2c972218a8ada20001057c804e53c459e2
9ee83d76d1dca56e2d0a938933f41d18440b07c8ef7f56267c548fcfda4cf51a
9f34aacdf03b0b576b8bee6c27a54318534d87af345817f3fe18c99ebed797f6
a3666573d07cb672d594ce5112c78aabc9e4128c5186d0ef822a3f07e94d78d1
a49e7ef63352fb2de8663698426087a46df9345fde1c997c30fc0764c234fe1f
a49ef57dcfdb2f096c56700f3185dcc75542b9b884780425be1212f19e0f8dcb
a5889484a1039b23247a058ec9ab7b29b1b36f86c1e3dea252a4edffe2624525
a5ba65e9c2f737d7d29d526a6bceef214b0698bcf788613f1ada10e728faba1b
a77ca9f6933ffcc4e79fc270ef64669f0ee5643f59d821add684a66c9d8bc633
a7a7b118662011023495e894f6078188827824b99ebd80144830d7309507e0f6
ab87cd626a4aef2d3955e831a2dc64337054623021ee889e0082d32c9d66961d
ac572e11fdf826b70c9f1a129d21c5bf1da8d72257893910257876628ab54128
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6789325bdce30a6137013a9cb03601fa3811f498315f9083c471307736cba0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee9b164606bb5dc2ccf11bca0de0e2ea6cba0d600f1c17732e59e869dc1af28
b40a9069480c60503a7559b8ef3ea8b4acf6a5954e7c1774f88252497bb6cc65
b58e63522ed30c37d93941fd881ae0329f54371eede6871e91781031de5fc84b
b915790ab666dafed37820653f8d2a4c340fbdf71d5f311fc2f73ea91901dc24
b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a
bc21778ba7ea0483b8d2f1b97cba7328de1fad24ec1832e90a5691cb862e2e3b
bc80bd4f6e6ba06ac442798d053b0574dba705dcb8561a918745c3a4280dadea
bdaf343f01d6efd576e63e26c1a8afde94edace18cd78d1a8ebfc1f6fcfc0cb2
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c00a1325478060ec4c95cae7b6b7a67b1764274dbd735636dd5a3daabc50feb2
c8ad9b7748abdef046ea99ddfeb62a7bab85558fe719e91a38982f9c34b180fb
cbe7eb3362af1c98c04ab4a5dd67d5d42872db4156f3a423a940110b6bffc14d
cc57b4dac5943aaade305b63e5673ecd5760a529a18e21f73c53fb26ab111646
cdddce71fdc2455dfef89c6ca6bd4a2d38b0508268fb5315a8b4c3035282e471
ce94c7f7bcf31160fdf4a2c9c17d23c6aa56ad6323e146ca92cf1faf270b9abe
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d74063184fe81263b626046e701bc3989e10b8e7ab3edf3831657c9289347ac3
dae5bcfb262c5b42c1caaa02e12c1d6c78a11a40c02ff147a8510eb4149d6920
e034d2e03adfb671d4042d091a16afa0559054b263dfe7574a3f96fa74b5050d
e13aa256ba6a5ac89a8aebd90e847e553d7cb04afd59ddd5688ea5741740a870
e1e053ab5104b844528d423f512091e80520587aba630a93f8c2a7d72fdf6900
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e85cf06ac9ea469abc6dd7f696e9cbf93da324837703e97966c1b8ff3b7bb543
e8b377a7219579fa8041b9bfd42aac4466e2eb77fc03627179d5fc87c89ba90b
ed7129681f8cdc16d7ea62e84e54f1cd0bd8c503c1ca91d0b35f33c1bd46fdaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d2a34f883d83fe764db7fa3b17845cfd31f81ccd1426129111cde47437ad0a
f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6
f553f6b2a866f141b651e929e5a62d6ebc785dcace0e3f124e2df6e7b86524c8
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f692f5a354d4b1001e1ca3fbfd494a9af18683d3a960a78d63f146e8270c22f8
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9fa6f499321831a2f31339a31f5a8f4316f9b1566b7f138dc06e977ee89706f

portal.xpi.com.br Open in urlscan Pro 95.101.111.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

216 Requests

96 %HTTPS

49 %IPv6

32 Domains

56 Subdomains

45 IPs

5 Countries

3980 kBTransfer

13422 kBSize

55 Cookies

8 Outgoing links

Page URL History

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portal.xpi.com.br Open in urlscan Pro
95.101.111.157 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

96 %
HTTPS

49 %
IPv6

32
Domains

56
Subdomains

45
IPs

5
Countries

3980 kB
Transfer

13422 kB
Size

55
Cookies

216 HTTP transactions
0 data transactions