urlscan.io logo urlscan.io
SecurityTrails logo

nubank.mobills.com.br Open in urlscan Pro
151.101.1.195  Public Scan

Go To Rescan Add Verdict Report
URL: https://nubank.mobills.com.br/
Submission: On February 20 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 15 domains to perform 56 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is nubank.mobills.com.br.
TLS certificate: Issued by GTS CA 1O1 on October 28th 2019. Valid for: a year.
This is the only time nubank.mobills.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
nubank.mobills.com.br
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
www.googleadservices.com
1    147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2
static.hotjar.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2001:4860:4802:34::75 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2001:4860:4802:36::75 (United States)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    147.75.32.105 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress5
script.hotjar.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    151.101.65.63 (United States)

ASN54113 (FASTLY, US)
assets.pagar.me
1    147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1
vars.hotjar.com
4    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
3    104.16.52.111 (United States)

ASN13335 (CLOUDFLARENET, US)
mobills.zendesk.com
2    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseremoteconfig.googleapis.com
Domain Requested by
10 static.zdassets.com nubank.mobills.com.br
static.zdassets.com
7 nubank.mobills.com.br nubank.mobills.com.br
ajax.googleapis.com
5 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
4 firebaseinstallations.googleapis.com nubank.mobills.com.br
4 www.googletagmanager.com nubank.mobills.com.br
www.googletagmanager.com
4 connect.facebook.net nubank.mobills.com.br
connect.facebook.net
3 mobills.zendesk.com static.zdassets.com
3 www.google.de nubank.mobills.com.br
3 www.google.com 2 redirects nubank.mobills.com.br
3 www.facebook.com nubank.mobills.com.br
2 firebaseremoteconfig.googleapis.com nubank.mobills.com.br
2 ekr.zdassets.com static.zdassets.com
2 stats.g.doubleclick.net 2 redirects
1 vars.hotjar.com static.hotjar.com
1 assets.pagar.me nubank.mobills.com.br
1 ajax.googleapis.com nubank.mobills.com.br
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 static.hotjar.com nubank.mobills.com.br
1 www.googleadservices.com www.googletagmanager.com
1 cdnjs.cloudflare.com nubank.mobills.com.br
1 fonts.googleapis.com nubank.mobills.com.br
1 apis.google.com nubank.mobills.com.br
56 23

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1O1		 2019-10-28 -
2020-10-26		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
r.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-08-07 -
2020-04-11		 8 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
mobills.zendesk.com
CloudFlare Inc ECC CA-2		 2019-05-06 -
2020-05-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://nubank.mobills.com.br/
Frame ID: 7C5158D1A672898E1A8381FFBAE425B2
Requests: 45 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/runtime.88b5327cb572f4153c2d.js
Frame ID: 73E4B0485B477B85CED47A74B5482D06
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 44C8400BF7FF073FF641A35695CF9523
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

56
Requests

88 %
HTTPS

64 %
IPv6

15
Domains

23
Subdomains

21
IPs

6
Countries

2543 kB
Transfer

10288 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1907691824&t=pageview&_s=1&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&ul=en-us&de=UTF-8&dt=Mobills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1350284147&gjid=829055265&cid=1964212276.1582166228&tid=UA-50130448-11&_gid=483573648.1582166228&_r=1&gtm=2ou2c0&z=424323503 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_gid=483573648.1582166228&gjid=829055265&_v=j81&z=424323503 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503&slf_rd=1&random=1159212435
Request Chain 32
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1907691824&t=pageview&_s=1&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Mobills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUIR~&jid=769511703&gjid=1056357437&cid=1964212276.1582166228&tid=UA-50130448-2&_gid=483573648.1582166228&_r=1&z=1963766653 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_gid=483573648.1582166228&gjid=1056357437&_v=j81&z=1963766653 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653&slf_rd=1&random=509774126

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nubank.mobills.com.br/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0df8e2a626db4f83a54714934b644adf7e655138b13627a179d9b164ed0b700c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
nubank.mobills.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
dc2400c19d130dffd4d4cea7aa03a8e77c37b15e2255d3df02aa2ac00fef68bb
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Thu, 20 Feb 2020 02:37:07 GMT
x-served-by
cache-lon4235-LON
x-cache
MISS
x-cache-hits
0
x-timer
S1582166227.933083,VS0,VE328
vary
x-fh-requested-host, accept-encoding
content-length
3064
platform.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-ouUDqz6OtTOqGhLuwZHNaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"06b0d0db64c2b82c836462cf13496b69"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 20 Feb 2020 02:37:07 GMT
icon
fonts.googleapis.com/ 		574 B
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:37:07 GMT
server
ESF
date
Thu, 20 Feb 2020 02:37:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Feb 2020 02:37:07 GMT
fullcalendar.min.css
cdnjs.cloudflare.com/ajax/libs/fullcalendar/3.8.0/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fullcalendar/3.8.0/fullcalendar.min.css
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911a3eefa5ce2cd63450250bf034234cf73ccc5615773caab1565ef2c7f7a16f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
cf-cache-status
HIT
age
1102576
cf-ray
567d18c87ea5c2d6-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:59 GMT
server
cloudflare
etag
W/"5afd493f-3d46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 09 Feb 2021 02:37:07 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.000
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ceded893d0a1df60c85b8523804bf4493b470d6ada1d60347ae55be7fedea314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
WsTSjJWOojgVDjIEQxJX3A==
status
200
date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
expires
Thu, 20 Feb 2020 02:42:07 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1780
x-fb-debug
Lx5P6NbJxb9MUlb8zwsUedzhcvjPyuASX3n/dYoZEm8mxdlG9LBOsn9RBBDy8PjOBWfGo/DMON4lTjCJ2yuQcg==
x-fb-trip-id
420120009
x-fb-content-md5
aa37548fb91da93d5290d8b7c18ee3b5
etag
"9a388ef70b7cb0511f5e316992f83ca2"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
3.af243c40.chunk.css
nubank.mobills.com.br/static/css/ 		135 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/static/css/3.af243c40.chunk.css
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5a877f56c9b275e8cb38968d8af38c20630f553c70256af3a62b940b3e2aae2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166227.283472,VS0,VE416
etag
ebed2e69b2302565f9a8fab99a127d4e0e6e5dbbb5e7d0410a01a4c501b6a532
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:07 GMT
accept-ranges
bytes
content-length
28499
x-cache-hits
0
main.0c49d97f.chunk.css
nubank.mobills.com.br/static/css/ 		357 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/static/css/main.0c49d97f.chunk.css
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
758491019d14c859dc59745afdc95054fee1a3b440da6bf2588cced2e91ee096
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166227.283518,VS0,VE499
etag
c9b2e577c41a6e59d5892bcf01d947c4db3064dc66a0b76799aad15a9217c521
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:07 GMT
accept-ranges
bytes
content-length
47310
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-50130448-11
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64c85894f290638bb46037663bd1fe57f60cadec351648a43df40019f5ade417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28492
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Feb 2020 02:37:07 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-950865385
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3834ab95f494c1e6b484c696cd069565b31b631ac2696bfe12ff8c97522b356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28495
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Feb 2020 02:37:07 GMT
snippet.js
static.zdassets.com/ekr/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=f755c976-978e-4073-be3a-85189683caed
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e27f5f8916e21559e25bfcde9efe81b64651bf47897b879317f260cecd74e01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
cf-cache-status
HIT
age
5
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
C32AC87EE120E27E
x-amz-id-2
w/rhE+gma8FVmtnXm4XgHWlp07mk4f7YY6bYCL5iFmVrq/YrVQ5qmnWmOG4OVMoB2QelxUpZ1rs=
last-modified
Fri, 14 Feb 2020 00:37:35 GMT
server
cloudflare
etag
W/"9765ba52254ce59c963fe211d9ac322f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
M45Gz4pobVYqqIzN641GnDVJjxvapAp8
cf-ray
567d18c8c9023474-LHR
3.28572cd3.chunk.js
nubank.mobills.com.br/static/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd28cfa6ef97186eb131e38c62f1d2d1914ca4a062936fb1c020d4b062918001
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166227.283670,VS0,VE829
etag
34c82e485d4312045b674b2d252f6f46b85549253c05a84ac7d4bbd49d702a98
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:08 GMT
accept-ranges
bytes
content-length
1064538
x-cache-hits
0
main.2b5d7a11.chunk.js
nubank.mobills.com.br/static/js/ 		2 MB
380 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/static/js/main.2b5d7a11.chunk.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb9883dd554a3b58b0a64113318ac3d836018b73b724a43abac930971f225299
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166227.283730,VS0,VE755
etag
17628f81980d7e6d4e01a146c1be3bb9096dcff358630f4d5d089d7af6a2a0ea
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:08 GMT
accept-ranges
bytes
content-length
388717
x-cache-hits
0
gtm.js
www.googletagmanager.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQXM3
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b4c0f1ad74c4c3b0523c7a6a2f325396c993a8ca0cdf3d987ab8f9b2f939bc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21441
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Feb 2020 02:37:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
eHTXjO4clQf3jgxU43VZPHXui3xdW0R0UYnSNfRMtvq1hP1kcLdKPqc1vb2CjYuo5Oz5oD3OOkRHbbiSC+3wwA==
x-fb-trip-id
420120009
date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=35debc807ae785088f146b5270ba1395&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6798235c818de4c9a488f3e5c87aa897a18e5dfb331c13837972850e657eb026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
seshYCXX9LtzEOOpxvxMDg==
status
200
date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
expires
Fri, 19 Feb 2021 02:14:49 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59544
x-fb-debug
GDm2cLQeffs8bLc3TYxVOflR4L7j2RlT//7DHgQ4mhS68pHGqvrK2x+gWE+FB+JWl8RbJQdoHdMb/kSa5c/uRw==
x-fb-trip-id
420120009
x-fb-content-md5
34bf9d5b7aecf65fff31b7e96d7cac2b
etag
"039fdbe06dd209f795872836f5cb55cd"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
832889160158475
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/832889160158475?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c286e59ff13282eb9f3ce182ac9fc2fd7ac45fab7fae6c0e14a00eb4337074ae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
es/oa4dymXPKxvp9R9YXDb22Tcv50WbkpewlrUGEa6vR3zT2CZ1YGtCNHwROnEQTPf4/FX/KBKKoeWIJh6zOIw==
x-fb-trip-id
420120009
date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=819926324713636&ev=fb_page_view&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&rl=&if=false&ts=1582166227337&sw=1600&sh=1200
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 20 Feb 2020 02:37:07 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=832889160158475&ev=PageView&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&rl=&if=false&ts=1582166227430&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.2.1582166227429.1952974155&it=1582166227321&coo=false&rqm=GET
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT, Thu, 20 Feb 2020 02:37:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 20 Feb 2020 02:37:07 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50130448-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
215
date
Thu, 20 Feb 2020 02:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 20 Feb 2020 04:33:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50130448-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
9478280665056484852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Feb 2020 02:37:07 GMT
asset_composer.e1bff6f5d65fe2db09e0.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f755c976-978e-4073-be3a-85189683caed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
cf-cache-status
HIT
age
525520
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
D765711C95B54839
x-amz-id-2
9iZs4nOUr8M5jwWppVSd/OUDCO1MSb8wh0bv4UpBuxPNPk+ZvZ+QrQFrnK0oaDJjhVtJpxJDrBw=
last-modified
Fri, 14 Feb 2020 00:37:35 GMT
server
cloudflare
etag
W/"6084772ba40e90778e01c5e012eadcda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-version-id
.gCZx3Pfx86ERt5GquCogepY_tF_uBcq
cf-ray
567d18cbea1d3474-LHR
hotjar-885886.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-885886.js?sv=6
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress2
Software
/
Resource Hash
f0464b6f48dc6818efd34bfacf5f2e44621b6b8e452fcf960e2b89993024dd71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
0
status
200
access-control-max-age
600
section-io-cache
Miss
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/80b95b0f0bc1634ee84232a3dfe53e60
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.076
accept-ranges
bytes
section-io-id
a69af00cc889a1bce410b51b2ccbd9bf
section-origin-responded
true
load.gif
nubank.mobills.com.br/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nubank.mobills.com.br/load.gif
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92c6f9737f58c77e51023e0f83b42fdcdd2f5e8c0e1333df2ca1be37f9e6478
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166228.827314,VS0,VE484
etag
67eaa57e63a05c514f4c4b3cb486c4cd5e8cada1680ea25b48bcc211b0ce028d
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
image/gif
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:08 GMT
accept-ranges
bytes
content-length
11180
x-cache-hits
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1907691824&t=pageview&_s=1&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&ul=en-us&de=UTF-8&dt=Mobills&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_gid=483573648.1582166228&gjid=829055265&_v=j81&z=424323503
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503&slf_rd=1&random=1159212435
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503&slf_rd=1&random=1159212435
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-11&cid=1964212276.1582166228&jid=1350284147&_v=j81&z=424323503&slf_rd=1&random=1159212435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f755c976-978e-4073-be3a-85189683caed
ekr.zdassets.com/compose/ 		308 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/f755c976-978e-4073-be3a-85189683caed
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f93dc1ac6ec7501209ce8ee52ac594961c9177dbe62a1abeded2596c0c54ca8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
715b3624-9f3b-4f8e-9630-9bedfbe3e2d9
x-runtime
0.008299
server
cloudflare
etag
W/"4f93dc1ac6ec7501209ce8ee52ac5949"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=600, s-maxage=60
cf-ray
567d18cc4e866b8f-LHR
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950865385/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950865385/?random=1582166227891&cv=9&fst=1582166227891&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnubank.mobills.com.br%2F&tiba=Mobills&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90a2ffc66719c854b9f2816bac7bf87862f7dfbe423d670b91f0a540ca7455f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1010
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/950865385/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950865385/?random=1582166227891&cv=9&fst=1582164000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnubank.mobills.com.br%2F&tiba=Mobills&async=1&fmt=3&is_vtc=1&random=1307367322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/950865385/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/950865385/?random=1582166227891&cv=9&fst=1582164000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2ou2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnubank.mobills.com.br%2F&tiba=Mobills&async=1&fmt=3&is_vtc=1&random=1307367322&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.98591d9c2c879f3aa719.js
script.hotjar.com/ 		401 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.98591d9c2c879f3aa719.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-885886.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.105 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress5
Software
/
Resource Hash
b7998710121f07b527b21d744ba7b194204c6416b0a09bbf8040442dfcc41c4b

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:07 GMT
content-encoding
br
content-type
application/javascript
age
42341
status
200
section-io-cache
Hit
content-length
71247
last-modified
Wed, 19 Feb 2020 14:48:15 GMT
etag
"5a53ba26c41981e45edfb1e066cd2795"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.095
accept-ranges
bytes
section-io-id
a4d0d3681bc85355feec10e24fef9bc3
section-origin-responded
true
4c3b0a0459dcd2a61ed3c14fbba204aa7480d649
ekr.zdassets.com/compose_product/web_widget/ 		647 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose_product/web_widget/4c3b0a0459dcd2a61ed3c14fbba204aa7480d649?features[]=help_center&features[]=ticket_submission&features[]=chat&use_json=true
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb3c1655b9f3dc5604e8d2b59bd0db914bff617ae1e1d8b5109f590f6b2511c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
status
200, 200 OK
strict-transport-security
max-age=0
x-request-id
3789e167-537f-4a09-a819-a2fc300c1171
x-runtime
0.004759
server
cloudflare
etag
W/"afb3c1655b9f3dc5604e8d2b59bd0db9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=31536000
cf-ray
567d18cd6f046b8f-LHR
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/static/js/main.2b5d7a11.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 03:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1291860
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 03:46:08 GMT
easyXDM.js
assets.pagar.me/checkout/1.1.0// 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pagar.me/checkout/1.1.0//easyXDM.js
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/static/js/main.2b5d7a11.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
gzip
age
2620
x-cache
HIT, HIT
status
200
content-length
6379
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sea4480-SEA, cache-lon4241-LON
last-modified
Wed, 16 Oct 2019 20:09:31 GMT
server
nginx
etag
"5da778fb-45ca"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2, 1
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1468
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
738
x-xss-protection
0
expires
Thu, 20 Feb 2020 03:12:40 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1907691824&t=pageview&_s=1&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Mobills&sd=24-bit&sr=1600x1200&vp=1600x1200&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_gid=483573648.1582166228&gjid=1056357437&_v=j81&z=1963766653
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653&slf_rd=1&random=509774126
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653&slf_rd=1&random=509774126
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-50130448-2&cid=1964212276.1582166228&jid=769511703&_v=j81&z=1963766653&slf_rd=1&random=509774126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime.88b5327cb572f4153c2d.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/runtime.88b5327cb572f4153c2d.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839a1b55ca1bc40011453ba517ce8cf0a75699616844a0934cde1b740227d341
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
98410
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
5E10E80A421E3E92
x-amz-id-2
mhOnwIWo4qhx+VdBYGN7B1vH89a0ahv1mELO8zIgSKy7kzP2d2swb3tTc9kk/RQ4spLzkmOW9y8=
last-modified
Mon, 17 Feb 2020 02:56:45 GMT
server
cloudflare
etag
W/"b6bd499739cb7cf352ef533fe888ca7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
r90NukOV2ppAuyChK.VSx.JH_dsiFiVK
cf-ray
567d18d0dbac3474-LHR
expires
Tue, 16 Feb 2021 02:56:44 GMT
preload.5b282863230fef49f3b7.chunk.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		464 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.5b282863230fef49f3b7.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b181eee69b38b4fa6bea457693f0db4958f25bb4597d0389b7e0f34a41fdef75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
526283
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
9829757FEDB400EF
x-amz-id-2
3+0BbyJsQ9BFCkENfmzlW3ecvODrQh6Kbu9x54mhqCJCv9EXzgr0+OBe6b4oZJGC+iTg0KM8e1E=
last-modified
Thu, 13 Feb 2020 23:12:21 GMT
server
cloudflare
etag
W/"351ccf2044225b92a90f5c62ab48f327"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
v0FkH6No2xhU0jJ8qxTn8TvdNYgtr4qi
cf-ray
567d18d0dbad3474-LHR
expires
Fri, 12 Feb 2021 23:12:20 GMT
vendors~preload.893db148b7b962a2c6ca.chunk.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~preload.893db148b7b962a2c6ca.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57637fc93fd32a685096808f801fa0161dc3609682ef7b6e791a07ec4c78ab0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
526283
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
BB54B3275349556C
x-amz-id-2
d0nCzhVm9V2cw/ngzl2PiLQnal0pj6tbK0S+jmnwKjrDEtnFjgnqH0VhJzhuMqu6pD2AGj0ZZBA=
last-modified
Thu, 13 Feb 2020 23:12:23 GMT
server
cloudflare
etag
W/"7040ca3fe6b8d89e280ef117ca1a42d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Zuz3Rhg1QTGcxPIJR7GB3RQzqHS45YyD
cf-ray
567d18d0dbae3474-LHR
expires
Fri, 12 Feb 2021 23:12:21 GMT
vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		1016 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540abf67136c912f645ff5d1503cdb2af1688f0849e0d535f9c5931b1bb380e4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
526283
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
22104FF83BE54B87
x-amz-id-2
ewfPMy+04sHW3ffJiFV7nIPfllFbDYK5M5FJVF2ca49CQFbg5tCb9lP0kYZyOve44qZB9iToG4Y=
last-modified
Thu, 13 Feb 2020 23:12:23 GMT
server
cloudflare
etag
W/"67159d1adf38697a8c6aeb10797aa4fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
8cDNKzaa36ipdPPp4pXeZJ6cG9ujcnwU
cf-ray
567d18d0dbaf3474-LHR
expires
Fri, 12 Feb 2021 23:12:22 GMT
web_widget.9736b9883380995add10.chunk.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		962 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.9736b9883380995add10.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666a9c91a624c656be97cd85d3ead5b3b869d2d9c09915bc384267efd706b24e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
98410
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
8B4F167C21E49896
x-amz-id-2
xFUrjPwHcsiOov1JoIRgd6UIoVKZgSdOAcyOW2zInVn3o7pe8AF8WZxoP5lLwSg19fiuPwhee1U=
last-modified
Mon, 17 Feb 2020 02:56:46 GMT
server
cloudflare
etag
W/"21433afdb01e4d1b177a7d9551e731e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
xzvAlv3b6beG2rwb6oFlx998LQFx9RwQ
cf-ray
567d18d0dbb03474-LHR
expires
Tue, 16 Feb 2021 02:56:45 GMT
chat-sdk.3c7749a9d0a06a5bc68f.chunk.js
static.zdassets.com/web_widget/latest/ Frame 73E4 		254 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/chat-sdk.3c7749a9d0a06a5bc68f.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af0b43d62f12b14d6b0bddae4b98d41f5dffbe5da43af1e9ac5dd9aada33b7a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
864332
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
486B6DFD5682AA5F
x-amz-id-2
zmHqTkcWGfSjuL2m6O+f+/MT2kRSKwYFMA8PHJPcf/ppDDIcYcg/yLhZRp4OeNyHvQ2Tj1yDDbA=
last-modified
Mon, 10 Feb 2020 01:20:45 GMT
server
cloudflare
etag
W/"d32b8cae6d52dc9d4b9f152c85eab20d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ko.zpt8bQFm7P7wUozO_6UXlfM4wfQLA
cf-ray
567d18d0dbb13474-LHR
expires
Tue, 09 Feb 2021 01:20:44 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 44C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-885886.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress1
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://nubank.mobills.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://nubank.mobills.com.br/

Response headers

status
200
date
Thu, 20 Feb 2020 02:37:08 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.082
section-origin-responded
true
age
1864850
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
adef132fcafbd420b950466a293f9950
installations
firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/ 		0
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/installations
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Access-Control-Request-Method
POST
Origin
https://nubank.mobills.com.br
Referer
https://nubank.mobills.com.br/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-goog-api-key

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
vary
origin, referer, x-origin
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
access-control-allow-origin
https://nubank.mobills.com.br
x-frame-options
SAMEORIGIN
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
text/html
status
200
access-control-max-age
3600
x-content-type-options
nosniff
access-control-allow-headers
content-type,x-goog-api-key
content-length
0
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YS9WPXT35P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50130448-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f11dee59aaf1b00e04f1365af23944c9db8dd84cf31802286e1b285028f7ee7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
32911
x-xss-protection
0
expires
Thu, 20 Feb 2020 02:37:08 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/ 		0
61 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/installations
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Access-Control-Request-Method
POST
Origin
https://nubank.mobills.com.br
Referer
https://nubank.mobills.com.br/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-goog-api-key

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
vary
origin, referer, x-origin
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
access-control-allow-origin
https://nubank.mobills.com.br
x-frame-options
SAMEORIGIN
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
text/html
status
200
access-control-max-age
3600
x-content-type-options
nosniff
access-control-allow-headers
content-type,x-goog-api-key
content-length
0
x-xss-protection
0
config
mobills.zendesk.com/embeddable/ 		858 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mobills.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.e1bff6f5d65fe2db09e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d1541e9b0b9a018291ba5924a2850d3fc27022b732913533fa823184a9b014f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Origin, Accept-Encoding
x-request-id
567d18d15f42f437-IAD
x-runtime
0.001563
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-7dd64d57c-6bvp6
cf-ray
567d18d15f42f437-LHR
installations
firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/ 		568 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/installations
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
138a8779ef5b74adcff724831477cacfcc0417c02b2e39790714e3a2ea63ce6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
x-goog-api-key
AIzaSyBB0x0KsrIUZr5DFPOGQ031_mr2vJZGqqs
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nubank.mobills.com.br
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
457
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/ 		570 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/mobillseducacaofinanceira/installations
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dbde9f118c0719e60389144051e97fd6c549c4352613c8bd4645eb8489df5f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
x-goog-api-key
AIzaSyBB0x0KsrIUZr5DFPOGQ031_mr2vJZGqqs
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nubank.mobills.com.br
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
458
x-xss-protection
0
noto-sans-latin-400.abc24b0f.woff2
nubank.mobills.com.br/static/media/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nubank.mobills.com.br/static/media/noto-sans-latin-400.abc24b0f.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://nubank.mobills.com.br/static/css/3.af243c40.chunk.css
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 02:02:01 GMT
x-timer
S1582166229.657655,VS0,VE395
etag
474de77d9ba665f56dda1bd5b2866ad11ffb88d622d4b873893a179fba1fbf3f
x-served-by
cache-lon4235-LON
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
font/woff2
status
200
cache-control
max-age=3600
date
Thu, 20 Feb 2020 02:37:09 GMT
accept-ranges
bytes
content-length
15595
x-cache-hits
0
collect
www.google-analytics.com/g/ 		35 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YS9WPXT35P&gtm=2oe2c0&_p=1907691824&sr=1600x1200&ul=en-us&_fid=du2-N5x1GUfBoWoJy8-c0I&cid=1964212276.1582166228&_s=1&en=page_view&_fv=1&_ss=2&ep.origin=firebase&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&dr=&dt=Mobills&sid=1582166228&sct=1&seg=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS9WPXT35P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nubank.mobills.com.br/
Origin
https://nubank.mobills.com.br
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Feb 2020 02:37:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://nubank.mobills.com.br
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
embeddable_blip
mobills.zendesk.com/ Frame 73E4 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mobills.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuaGlkZSIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjpudWxsfX0sImJ1aWQiOiI3OGZhZDM2OTcwYTE3NWZjYThkZTUyMmQ4NGE3YTIzYyIsInN1aWQiOiJkZmJkMDhjM2JjODA2ZTQzOGYxYzQ5ZjkwZTVmY2VjNyIsInZlcnNpb24iOiI0YzNiMGEwNDUiLCJ0aW1lc3RhbXAiOiIyMDIwLTAyLTIwVDAyOjM3OjA4Ljg3NloiLCJ1cmwiOiJodHRwczovL251YmFuay5tb2JpbGxzLmNvbS5ici8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://nubank.mobills.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nubank.mobills.com.br
accept-ranges
bytes
cf-ray
567d18d28908f437-LHR
content-length
0
en-us.e36b2e35ff41a255c566.js
static.zdassets.com/web_widget/latest/locales/ Frame 73E4 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us.e36b2e35ff41a255c566.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2be39ece20eac062d527e47974dda2c376996628dea396bb53606200011c95
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 20 Feb 2020 02:37:08 GMT
content-encoding
br
cf-cache-status
HIT
age
526283
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
4BA6FD17EB39C303
x-amz-id-2
xg9sTsAkHGzFe2l1469826A2lv/8w7I5+AmFEJ7ZpMZexBYqTfs9T68ucKL4TGr4YRudib/mZ+w=
last-modified
Thu, 13 Feb 2020 23:12:39 GMT
server
cloudflare
etag
W/"e36b2e35ff41a255c566d5860a098920"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
SjL6eAbfH3DQ7fT5EgUOsbV0ANvXM9mU
cf-ray
567d18d28c003474-LHR
expires
Fri, 12 Feb 2021 23:12:37 GMT
embeddable_blip
mobills.zendesk.com/ Frame 73E4 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mobills.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vbnViYW5rLm1vYmlsbHMuY29tLmJyLyIsInRpbWUiOjEwMCwibG9hZFRpbWUiOjMyLjI1NTAwMTM2NjEzODQ2LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiTW9iaWxscyIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSxzaHJpbmstdG8tZml0PW5vIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiJiYjBmYjc4MTkzNDg4ZDMyYTM0Yjc1YTg2YjAwMzY2YyIsInN1aWQiOiJhMGFmM2I3NjM0Y2E4ZDI1M2JlYWQyMzEyMmFiNDQwOCIsInZlcnNpb24iOiI0YzNiMGEwNDUiLCJ0aW1lc3RhbXAiOiIyMDIwLTAyLTIwVDAyOjM3OjA4Ljk3M1oiLCJ1cmwiOiJodHRwczovL251YmFuay5tb2JpbGxzLmNvbS5ici8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://nubank.mobills.com.br
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Thu, 20 Feb 2020 02:37:09 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://nubank.mobills.com.br
accept-ranges
bytes
cf-ray
567d18d329e0f437-LHR
content-length
0
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=832889160158475&ev=Microdata&dl=https%3A%2F%2Fnubank.mobills.com.br%2F&rl=&if=false&ts=1582166229002&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mobills%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.2.1582166227429.1952974155&it=1582166227321&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 20 Feb 2020 02:37:09 GMT, Thu, 20 Feb 2020 02:37:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 20 Feb 2020 02:37:09 GMT
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/mobillseducacaofinanceira/namespaces/ 		0
450 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/mobillseducacaofinanceira/namespaces/firebase:fetch?key=AIzaSyBB0x0KsrIUZr5DFPOGQ031_mr2vJZGqqs
Requested by
Host: nubank.mobills.com.br
URL: https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Access-Control-Request-Method
POST
Origin
https://nubank.mobills.com.br
Referer
https://nubank.mobills.com.br/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-encoding,content-type,if-none-match

Response headers

date
Thu, 20 Feb 2020 02:37:09 GMT
vary
origin, referer, x-origin
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
access-control-allow-origin
https://nubank.mobills.com.br
x-frame-options
SAMEORIGIN
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
text/html
status
200
access-control-max-age
3600
x-content-type-options
nosniff
access-control-allow-headers
content-encoding,content-type,if-none-match
content-length
0
x-xss-protection
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/mobillseducacaofinanceira/namespaces/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/mobillseducacaofinanceira/namespaces/firebase:fetch?key=AIzaSyBB0x0KsrIUZr5DFPOGQ031_mr2vJZGqqs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cf17b331322ea0f5adea37e3e7004ae4ca35c482767c84e0f5746b2d8843f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Content-Encoding
gzip
Origin
https://nubank.mobills.com.br
If-None-Match
*
Sec-Fetch-Dest
empty
Referer
https://nubank.mobills.com.br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Feb 2020 02:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
status
200
etag
etag-760064967231-firebase-fetch-541074892
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nubank.mobills.com.br
access-control-expose-headers
etag,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
3658
x-xss-protection
0
chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 73E4 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Sec-Fetch-Dest
audio
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 20 Feb 2020 02:37:09 GMT
cf-cache-status
DYNAMIC
x-amz-request-id
C496EC6307FB87D4
x-amz-server-side-encryption
AES256
cf-ray
567d18d5ccfd3474-LHR
status
206
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LKoYbBMOHxgis7xkD0wDAS9lI1wORGK9pGXxnEZ6stIgw80OWWJ5QSccGe+basb/AsHKL1OyfQI=
Content-Range
bytes 0-19697/19698
last-modified
Tue, 12 Feb 2019 01:07:53 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
x-amz-version-id
7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Wed, 12 Feb 2020 01:07:52 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| fbAsyncInit function| fbq function| _fbq object| FB object| google_tag_manager object| gapi object| ___jsl function| gtag string| GoogleAnalyticsObject function| ga object| div string| texto function| zE function| zEmbed object| zESettings function| hj object| _hjSettings object| webpackJsonpmobills-web-v2 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled boolean| zEACLoaded object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ object| cptable function| JSEncrypt function| createTransport object| PagarMeCheckout boolean| PagarMeCheckoutLoadedRetail object| core undefined| $ undefined| jQuery undefined| easyXDM function| $zopim

7 Cookies

Domain/Path Name / Value
.mobills.com.br/ Name: _ga_YS9WPXT35P
Value: GS1.1.1582166228.1.0.1582166228.0
.mobills.com.br/ Name: _ga
Value: GA1.1.1964212276.1582166228
.mobills.com.br/ Name: _gat
Value: 1
.mobills.com.br/ Name: _hjid
Value: de6264ab-14bc-4aa1-a40e-a6fcaa05c76f
.mobills.com.br/ Name: _fbp
Value: fb.2.1582166227429.1952974155
.mobills.com.br/ Name: _gat_gtag_UA_50130448_11
Value: 1
.mobills.com.br/ Name: _gid
Value: GA1.3.483573648.1582166228

4 Console Messages

Source Level URL
Text
console-api warning URL: https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js(Line 2)
Message:
It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the module builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): CommonJS Modules: const firebase = require('firebase/app'); require('firebase/<PACKAGE>'); ES Modules: import firebase from 'firebase/app'; import 'firebase/<PACKAGE>'; Typescript: import * as firebase from 'firebase/app'; import 'firebase/<PACKAGE>';
console-api log URL: https://nubank.mobills.com.br/static/js/main.2b5d7a11.chunk.js(Line 1)
Message:
1.20.3
console-api error URL: https://nubank.mobills.com.br/static/js/3.28572cd3.chunk.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api info URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.6ea2f52fc2e51de1e202.chunk.js(Line 149)
Message:
Our embeddable contains third-party, open source software and/or libraries. To view them and their license terms, go to http://goto.zendesk.com/embeddable-legal-notices

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
assets.pagar.me
cdnjs.cloudflare.com
connect.facebook.net
ekr.zdassets.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
googleads.g.doubleclick.net
mobills.zendesk.com
nubank.mobills.com.br
script.hotjar.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.52.111
104.18.72.113
147.75.102.13
147.75.102.239
147.75.32.105
151.101.1.195
151.101.65.63
172.217.22.98
2001:4860:4802:34::75
2001:4860:4802:36::75
2606:4700::6811:4004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:815::200a
2a00:1450:4001:81e::200a
2a00:1450:4001:820::200e
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0df8e2a626db4f83a54714934b644adf7e655138b13627a179d9b164ed0b700c
0e27f5f8916e21559e25bfcde9efe81b64651bf47897b879317f260cecd74e01
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138a8779ef5b74adcff724831477cacfcc0417c02b2e39790714e3a2ea63ce6f
1af0b43d62f12b14d6b0bddae4b98d41f5dffbe5da43af1e9ac5dd9aada33b7a
2c9a091912e1429ac42793ae50ba42bf025d4d2a6cd4261fbd0fe546e7fdc04d
3cf17b331322ea0f5adea37e3e7004ae4ca35c482767c84e0f5746b2d8843f97
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9
4f93dc1ac6ec7501209ce8ee52ac594961c9177dbe62a1abeded2596c0c54ca8
540abf67136c912f645ff5d1503cdb2af1688f0849e0d535f9c5931b1bb380e4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
64c85894f290638bb46037663bd1fe57f60cadec351648a43df40019f5ade417
666a9c91a624c656be97cd85d3ead5b3b869d2d9c09915bc384267efd706b24e
6798235c818de4c9a488f3e5c87aa897a18e5dfb331c13837972850e657eb026
758491019d14c859dc59745afdc95054fee1a3b440da6bf2588cced2e91ee096
7d1541e9b0b9a018291ba5924a2850d3fc27022b732913533fa823184a9b014f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839a1b55ca1bc40011453ba517ce8cf0a75699616844a0934cde1b740227d341
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90a2ffc66719c854b9f2816bac7bf87862f7dfbe423d670b91f0a540ca7455f8
911a3eefa5ce2cd63450250bf034234cf73ccc5615773caab1565ef2c7f7a16f
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9b2be39ece20eac062d527e47974dda2c376996628dea396bb53606200011c95
a57637fc93fd32a685096808f801fa0161dc3609682ef7b6e791a07ec4c78ab0
a5a877f56c9b275e8cb38968d8af38c20630f553c70256af3a62b940b3e2aae2
afb3c1655b9f3dc5604e8d2b59bd0db914bff617ae1e1d8b5109f590f6b2511c
b181eee69b38b4fa6bea457693f0db4958f25bb4597d0389b7e0f34a41fdef75
b4c0f1ad74c4c3b0523c7a6a2f325396c993a8ca0cdf3d987ab8f9b2f939bc5e
b5a32cb751bb193335afccb5408b38ae908bca6deb11bcee513e95b0c49faa74
b7998710121f07b527b21d744ba7b194204c6416b0a09bbf8040442dfcc41c4b
bb9883dd554a3b58b0a64113318ac3d836018b73b724a43abac930971f225299
c286e59ff13282eb9f3ce182ac9fc2fd7ac45fab7fae6c0e14a00eb4337074ae
cd28cfa6ef97186eb131e38c62f1d2d1914ca4a062936fb1c020d4b062918001
ceded893d0a1df60c85b8523804bf4493b470d6ada1d60347ae55be7fedea314
d92c6f9737f58c77e51023e0f83b42fdcdd2f5e8c0e1333df2ca1be37f9e6478
dbde9f118c0719e60389144051e97fd6c549c4352613c8bd4645eb8489df5f20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0464b6f48dc6818efd34bfacf5f2e44621b6b8e452fcf960e2b89993024dd71
f11dee59aaf1b00e04f1365af23944c9db8dd84cf31802286e1b285028f7ee7d
f3834ab95f494c1e6b484c696cd069565b31b631ac2696bfe12ff8c97522b356
f73596ad8cf45ce4a6c81cb489728d0673fb509eee7d71699d93a432e4c99af5