lead-form-home-refi.stg.creditas.io Open in urlscan Pro
167.99.242.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lead-form-home-refi.stg.creditas.io/
Effective URL:
https://lead-form-home-refi.stg.creditas.io/home-equity/
Submission: On October 02 via automatic, source certstream-suspicious (October 2nd 2021, 1:02:21 pm UTC) — Scanned from DE

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 167.99.242.112, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is lead-form-home-refi.stg.creditas.io.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.

This is the only time lead-form-home-refi.stg.creditas.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	167.99.242.112 167.99.242.112	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
2	104.18.160.90 104.18.160.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
4	52.1.83.253 52.1.83.253	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
34	9

19 167.99.242.112 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

lead-form-home-refi.stg.creditas.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.160.90 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.creditas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.1.83.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-83-253.compute-1.amazonaws.com

api.stg.creditas.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	creditas.io 1 redirects lead-form-home-refi.stg.creditas.io kong.stg.creditas.io Failed api.stg.creditas.io	367 KB
3	nr-data.net bam.nr-data.net	758 B
2	google-analytics.com www.google-analytics.com	62 KB
2	creditas.com assets.creditas.com	32 KB
1	sentry.io sentry.io	465 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
1	googleoptimize.com www.googleoptimize.com	41 KB
34	8

	Domain	Requested by
19	lead-form-home-refi.stg.creditas.io	1 redirects lead-form-home-refi.stg.creditas.io
4	api.stg.creditas.io	lead-form-home-refi.stg.creditas.io
3	bam.nr-data.net	lead-form-home-refi.stg.creditas.io
2	www.google-analytics.com	lead-form-home-refi.stg.creditas.io
2	assets.creditas.com	lead-form-home-refi.stg.creditas.io
1	sentry.io	lead-form-home-refi.stg.creditas.io
1	js-agent.newrelic.com	lead-form-home-refi.stg.creditas.io
1	www.googletagmanager.com	lead-form-home-refi.stg.creditas.io
1	www.googleoptimize.com	lead-form-home-refi.stg.creditas.io
0	kong.stg.creditas.io Failed	lead-form-home-refi.stg.creditas.io
34	10

This site contains links to these domains. Also see Links.

Domain
staging.creditas.com
ajuda.creditas.com.br

Subject Issuer	Validity	Valid
lead-form-home-refi.stg.creditas.io R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
api.stg.creditas.io Amazon	`2021-02-24` - `2022-03-25`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://lead-form-home-refi.stg.creditas.io/home-equity/
Frame ID: 8706DBDE7D5D569B0A0539098E7DF371
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simule seu empréstimo com garantia de imóvel | Creditas

Page URL History Show full URLs

https://lead-form-home-refi.stg.creditas.io/ HTTP 301
https://lead-form-home-refi.stg.creditas.io/home-equity/ Page URL

Detected technologies

Gatsby (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

<div id="___gatsby">

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

572 kB
Transfer

1702 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://staging.creditas.com/

Search URL Search Domain Scan URL

URL: https://ajuda.creditas.com.br/hc/pt-br
Title: Ajuda

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lead-form-home-refi.stg.creditas.io/ HTTP 301
https://lead-form-home-refi.stg.creditas.io/home-equity/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lead-form-home-refi.stg.creditas.io/home-equity/
Redirect Chain

https://lead-form-home-refi.stg.creditas.io/
https://lead-form-home-refi.stg.creditas.io/home-equity/

65 KB
21 KB

167ms
167ms

Document
text/html

167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

2644ae185ba93c7d0851b0cfdf78555103a78569489c3430e8fec5380e5abc8f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lead-form-home-refi.stg.creditas.io
:scheme: https
:path: /home-equity/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-type: text/html; charset=UTF-8
date: Sat, 02 Oct 2021 13:02:16 GMT
etag: "a10e391826a90a79a0253ca29f6b4234-ssl-df"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
content-encoding: br
x-nf-request-id: 01FH0HJ6JT699M9RB22DW0ZCFN
cache-control: max-age=0,no-cache,no-store,must-revalidate
server: Netlify
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
age: 0

Redirect headers

content-length: 29
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-type: text/plain; charset=utf-8
date: Sat, 02 Oct 2021 13:02:16 GMT
x-xss-protection: 1; mode=block
x-nf-request-id: 01FH0HJ6E33H98Y1K19YDDBTR7
location: /home-equity/
cache-control: max-age=0,no-cache,no-store,must-revalidate
x-content-type-options: nosniff
x-frame-options: DENY
age: 0
server: Netlify

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
41 KB 97ms
41ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MSM5TM9

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

90288eafd92f71c68636f5140d5399779c0f2a809f1a95a9a0f00c0af2d67881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:02:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41634
x-xss-protection: 0
expires: Sat, 02 Oct 2021 13:02:17 GMT

GET
H2 200 webpack-runtime-8254e2d1129e2d680aca.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 3 KB
2 KB 284ms
283ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/webpack-runtime-8254e2d1129e2d680aca.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

1a6b1de48e576351be1df8af34a0cc16093f23361143b6c31f1a96be0003b816

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/webpack-runtime-8254e2d1129e2d680aca.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VRJX3Q084YRA4Q8ER2
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
age: 1
vary: Accept-Encoding
content-length: 1531
x-xss-protection: 1; mode=block
server: Netlify
x-frame-options: DENY
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
etag: "17f7f437544f92be97a1d8c4f4a2a3a7-ssl-df"
accept-ranges: bytes

GET
H2 200 styles-5379f07abcd59a0e64bf.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 118 B
277 B 166ms
163ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/styles-5379f07abcd59a0e64bf.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3c2741df89f131221548eb237c34bd714cbbe76ca0e0e082aea4efaf20a6466b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/styles-5379f07abcd59a0e64bf.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VRCDP4P3EFQTHV2NTA
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 1
etag: "e8ca3d9d9334d098baef2a0cf6886b4c-ssl"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 118
x-xss-protection: 1; mode=block

GET
H2 200 app-9b5cdc0f488082c0e2af.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 446 KB
123 KB 304ms
301ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/app-9b5cdc0f488082c0e2af.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

0b0115ba26de5538d8ab09fb3c0abed1d88bbb76791ff1c0bbc86ec985048612

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/app-9b5cdc0f488082c0e2af.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VSG9J325A92HNP1J8G
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 1
x-frame-options: DENY
etag: "007d89b998120856be535e1ce857796d-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 framework-ec6ebe3a11ad92d00b85.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 130 KB
38 KB 179ms
176ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/framework-ec6ebe3a11ad92d00b85.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8231c3394da90a1130daa0f6e199815e75ae8a20f3a9b0a2c573b6f02a469549

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/framework-ec6ebe3a11ad92d00b85.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VV4PFQCEMQSM9EG3Z1
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 1
x-frame-options: DENY
etag: "e1c01be7e65b35bac8fcf0c8b9213eee-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 commons-dfb79edf9b71af24e460.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 40 KB
16 KB 223ms
220ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/commons-dfb79edf9b71af24e460.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6d8de191affc1e8a9598f5e5ac68076002bef80029484c8b9e1dd42227790d7c

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/commons-dfb79edf9b71af24e460.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VVVZC25D2E224FHP60
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 1
x-frame-options: DENY
etag: "85d51b2bdf3eea188c7645f1a322e1d8-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 ada022e2260d29d6c8b7eabc743eace572163a3d-867fe50577efdf26f7f0.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 291 KB
76 KB 344ms
342ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/ada022e2260d29d6c8b7eabc743eace572163a3d-867fe50577efdf26f7f0.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

972e9587a12873f9002463885dfdd5aaae87db5845c17fa1226ebacd117a60ef

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/ada022e2260d29d6c8b7eabc743eace572163a3d-867fe50577efdf26f7f0.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VVPRGKX3XRKYFSNYSK
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 1
x-frame-options: DENY
etag: "51dd563505afe713e26c8b92f5f76a6b-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 component---src-layouts-personal-info-personal-info-container-js-2040a61a712f0af27e55.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 16 KB
6 KB 370ms
369ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/component---src-layouts-personal-info-personal-info-container-js-2040a61a712f0af27e55.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

a7fb7092589912661ef9dfcdd7200df254b94156586698fc0872b8732e7dc6b1

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/component---src-layouts-personal-info-personal-info-container-js-2040a61a712f0af27e55.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VVXK7B8QDJPEMP1H6E
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 1
x-frame-options: DENY
etag: "090bb8f81e5fb13ac6fdb8ba6e4778a7-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
lead-form-home-refi.stg.creditas.io/home-equity/page-data/index/ 151 B
265 B 204ms
203ms Other
application/json 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/page-data/index/page-data.json

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

89180419517136886b8d553fe0cd6dca3924f4875771d5acae21c9f9fa6dafce

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/page-data/index/page-data.json
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VW5QB82G80H6CKYNKB
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 1
etag: "e1fea53a2499fd330f01b78de9942ad4-ssl"
x-frame-options: DENY
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 151
x-xss-protection: 1; mode=block

GET
H2 200 app-data.json
lead-form-home-refi.stg.creditas.io/home-equity/page-data/ 50 B
152 B 435ms
434ms Other
application/json 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/page-data/app-data.json

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7ba27ce53ade15990cb9812cd3fcb8df611e9067d96529bc7e165f8324024a52

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/page-data/app-data.json
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ6VWE6KA4TPCGX4HSEKA
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 1
etag: "fe1f762a31905c52a94b4431d36bb212-ssl"
x-frame-options: DENY
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed3e330a039a795ea9b041eda0ac0b4655279912970a0136eb9f056ab6af823a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46f1899200f6d0dc49503701ec111e22671a02cf3bfe8caf36fd0e6657f047c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 trust-lib.js Show response
assets.creditas.com/trust-lib-assets/ 3 KB
2 KB 98ms
57ms Script
application/javascript 104.18.160.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.creditas.com/trust-lib-assets/trust-lib.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9074282cd5c1ec48300b6d929c9ec294e31949d4f076802ac70fe81d0611fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 6D993HNSWQCNE2D6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: SU78W4kEYevYNZsh9P/chTVMiFBqqXoP5+EsCk4GbXCM6VQREZNx2/v0xYQhfqzWjVx/EAphQ3g=
last-modified: Wed, 19 May 2021 19:27:54 GMT
server: cloudflare
etag: W/"ece03adde285e98b931ac552e2ec074d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 697e1fd3de23876a-DUS
expires: Sun, 02 Oct 2022 13:02:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
55 KB 108ms
52ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSFBCCL

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b2daa3e47a6a7070133df5648a9879d4e18fc55d300420e2cd7e6c0373cf168c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:02:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55756
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:02:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 24ms
23ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 618
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET session
kong.stg.creditas.io/trust/devices/ 0
0

GET
H2 200 b64c0a1fb503a9c3f1bdd91277863928065b3659-22b24989bf700943e7b4.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 9 KB
3 KB 248ms
248ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/b64c0a1fb503a9c3f1bdd91277863928065b3659-22b24989bf700943e7b4.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

fb05e9d0ef5a3e0670e4bd8b9d77151d2f8324246a21926d53a56475f4c11517

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/b64c0a1fb503a9c3f1bdd91277863928065b3659-22b24989bf700943e7b4.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ822J6MYF5TC3WWABQWT
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: Accept-Encoding
content-length: 3447
x-xss-protection: 1; mode=block
server: Netlify
x-frame-options: DENY
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
etag: "1518f300fa22bd158435248a0e64b47c-ssl-df"
accept-ranges: bytes

GET
H2 200 14-897fc5f7863cabb6bb70.js Show response
lead-form-home-refi.stg.creditas.io/home-equity/ 65 KB
18 KB 185ms
185ms Script
application/javascript 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/14-897fc5f7863cabb6bb70.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

c662ffb8c5f4f1dce99fe09d78fcf80aac6182d2e04ded070bbd99dfc0f92eb1

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/14-897fc5f7863cabb6bb70.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ8228WA3XZXEW3CSTYPR
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
content-encoding: br
x-content-type-options: nosniff
server: Netlify
age: 0
x-frame-options: DENY
etag: "e7cd3c250e92fa783abdfe8413ebc7b2-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaNowDisplay-Light-subset.woff2
lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/ 16 KB
16 KB 153ms
152ms Font
font/woff2 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/HelveticaNowDisplay-Light-subset.woff2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

45aad62123c59662b4bf4a35a7b701f5453797dfd0951e78e84e310be2cea959

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/fonts/helvetica/HelveticaNowDisplay-Light-subset.woff2
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ83YFX4RHFN4H0EAY97S
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 0
etag: "618397272bfd5a064f9159cb1c0f92b8-ssl"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16032
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaNowDisplay-Regular-subset.woff2
lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/ 15 KB
15 KB 156ms
156ms Font
font/woff2 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/HelveticaNowDisplay-Regular-subset.woff2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

cc5d96ff5ffe65400c6ce8aeaa4302a49dec49ca1194a2c935bf0b26dfb52402

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/fonts/helvetica/HelveticaNowDisplay-Regular-subset.woff2
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ83YQ6C6F21M3F3Z1QQ2
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 0
etag: "6348a2040bafe63d60ec6bc16eb1b871-ssl"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14956
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaNowDisplay-Medium-subset.woff2
lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/ 16 KB
16 KB 156ms
155ms Font
font/woff2 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/HelveticaNowDisplay-Medium-subset.woff2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

21dba2d0f118933ba97c3c8047ec2ef03feb7df15077664e2b2c82ef1943aa8c

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/fonts/helvetica/HelveticaNowDisplay-Medium-subset.woff2
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ83YDK621XWEWBABZGHJ
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 0
etag: "d7348ec337fb102f70541f2593107f18-ssl"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16108
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaNowDisplay-Bold-subset.woff2
lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/ 16 KB
16 KB 167ms
167ms Font
font/woff2 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/fonts/helvetica/HelveticaNowDisplay-Bold-subset.woff2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

ad82688db98dc51351a517c476de5c58bbdfab07a03d3e984ed83d76a9a2349b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/fonts/helvetica/HelveticaNowDisplay-Bold-subset.woff2
pragma: no-cache
origin: https://lead-form-home-refi.stg.creditas.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/
Origin: https://lead-form-home-refi.stg.creditas.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ83YWSD2HV2YH05YK3QH
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 0
etag: "6d21371648efee7d593294ad6e87052a-ssl"
x-frame-options: DENY
content-type: font/woff2
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16236
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 124 KB
43 KB 55ms
54ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KBCVFWQ&cid=1614125383.1633179738

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

762fa55d4c532c1bc827ae22067d240e5b4d3c2728a6878b6f59a5f9b33ea42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:02:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43894
x-xss-protection: 0
expires: Sat, 02 Oct 2021 13:02:18 GMT

GET
H2 200 app-data.json Show response
lead-form-home-refi.stg.creditas.io/home-equity/page-data/ 50 B
151 B 8ms
8ms XHR
application/json 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/page-data/app-data.json

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7ba27ce53ade15990cb9812cd3fcb8df611e9067d96529bc7e165f8324024a52

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/page-data/app-data.json
pragma: no-cache
cookie: _ga=GA1.2.1614125383.1633179738; _gid=GA1.2.280556581.1633179738
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ85J6RS97NNND225ZWGT
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 2
etag: "fe1f762a31905c52a94b4431d36bb212-ssl"
x-frame-options: DENY
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:17 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json Show response
lead-form-home-refi.stg.creditas.io/home-equity/page-data/solicitacao/informacoes-pessoais/ 183 B
285 B 166ms
166ms XHR
application/json 167.99.242.112
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lead-form-home-refi.stg.creditas.io/home-equity/page-data/solicitacao/informacoes-pessoais/page-data.json

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.99.242.112 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3f7e24d4ff6b0ea4bdcf8ba020ac62e700debb7f95306d8ba2825ea5f9705d63

Security Headers

Name	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /home-equity/page-data/solicitacao/informacoes-pessoais/page-data.json
pragma: no-cache
cookie: _ga=GA1.2.1614125383.1633179738; _gid=GA1.2.280556581.1633179738
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: lead-form-home-refi.stg.creditas.io
referer: https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FH0HJ85JFWQ3NF0F65DBE98Q
content-security-policy: report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
x-content-type-options: nosniff
server: Netlify
age: 0
etag: "2d7ea4a2f51d152653588bee7dfd0460-ssl"
x-frame-options: DENY
content-type: application/json
cache-control: max-age=0,no-cache,no-store,must-revalidate
date: Sat, 02 Oct 2021 13:02:18 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 183
x-xss-protection: 1; mode=block

GET
H3 200 sp.js Show response
assets.creditas.com/de-assets/snowplow/2.13.0/ 98 KB
31 KB 57ms
41ms Script
application/javascript 104.18.160.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.creditas.com/de-assets/snowplow/2.13.0/sp.js

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.160.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 15Z8S6BPVHPYMSZP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: HzhHWsj8icssLCVgvVgaBuEKYouTaYjmni0FdOc28srM7+lL+i44s1GFtPYRAtelP5FYlFGVJkg=
last-modified: Mon, 22 Feb 2021 18:53:52 GMT
server: cloudflare
etag: W/"d34ad5a83bfc62211576c2bdcb347936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 697e1fd4bf4cc4a4-DUS
expires: Sun, 02 Oct 2022 13:02:18 GMT

OPTIONS
H2 200 tp2
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 0
0 293ms
94ms Preflight 52.1.83.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2

Protocol

Server

52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-83-253.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lead-form-home-refi.stg.creditas.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 02 Oct 2021 13:02:18 GMT
content-length: 0
vary: Origin
access-control-allow-origin: https://lead-form-home-refi.stg.creditas.io
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,OPTIONS,POST
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-kong-response-latency: 1

POST
H2 200 tp2 Show response
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 2 B
458 B 371ms
180ms XHR
text/plain 52.1.83.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-83-253.compute-1.amazonaws.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lead-form-home-refi.stg.creditas.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Oct 2021 13:02:19 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 49
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://lead-form-home-refi.stg.creditas.io
x-kong-upstream-latency: 37
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain; charset=UTF-8
content-length: 2

GET
H2 200 nr-spa-1130.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 21ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1130.min.js
Requested by: Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "312761e7cd4a61f0ea2e2e6265f5f365"
x-amz-request-id: HPTR64EYJ8RYGQMC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13148
x-amz-id-2: f1B/KgCTxmyBOurkbVwzSnmqJ2Lsf6GxvYJ6rRxz3ue+mdjnA950RpDKL8myN210ccauxXXpFGs=
x-served-by: cache-hhn4068-HHN
last-modified: Tue, 09 Jul 2019 23:52:08 GMT
server: AmazonS3
x-timer: S1633179739.534282,VS0,VE0
date: Sat, 02 Oct 2021 13:02:18 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 952

GET
H/1.1 200
OK 4feaa9ad94 Show response
bam.nr-data.net/1/ 57 B
322 B 425ms
106ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4feaa9ad94?a=274028670&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=2236&ref=https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais&be=647&fe=2209&dc=657&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1633179736307,%22n%22:0,%22r%22:0,%22re%22:355,%22f%22:355,%22dn%22:355,%22dne%22:355,%22c%22:355,%22ce%22:355,%22rq%22:356,%22rp%22:523,%22rpe%22:643,%22dl%22:526,%22di%22:656,%22ds%22:656,%22de%22:656,%22dc%22:2208,%22l%22:2208,%22le%22:2210%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=678&fcp=678&jsonp=NREUM.setToken
Requested by: Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lead-form-home-refi.stg.creditas.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK 4feaa9ad94 Show response
bam.nr-data.net/resources/1/ 36 B
234 B 108ms
108ms XHR
text/plain 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/4feaa9ad94?a=274028670&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=2665&ref=https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais&st=1633179736307
Requested by: Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: bc430e101601303e5837a8303001e63a385e1a7a55dd104b839a7d338afe9c38

Request headers

Referer: https://lead-form-home-refi.stg.creditas.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://lead-form-home-refi.stg.creditas.io
Access-Control-Allow-Credentials: true
Content-Length: 36
Content-Type: text/plain;charset=iso-8859-1

OPTIONS
H2 200 tp2
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 0
0 95ms
95ms Preflight 52.1.83.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2

Protocol

Server

52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-83-253.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://lead-form-home-refi.stg.creditas.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 02 Oct 2021 13:02:19 GMT
content-length: 0
vary: Origin
access-control-allow-origin: https://lead-form-home-refi.stg.creditas.io
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,OPTIONS,POST
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-kong-response-latency: 0

POST
H2 200 tp2 Show response
api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/ 2 B
457 B 149ms
149ms XHR
text/plain 52.1.83.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stg.creditas.io/snowplow-stream-collector/com.snowplowanalytics.snowplow/tp2

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.83.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-83-253.compute-1.amazonaws.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lead-form-home-refi.stg.creditas.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 02 Oct 2021 13:02:19 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 33
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://lead-form-home-refi.stg.creditas.io
x-kong-upstream-latency: 23
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain; charset=UTF-8
content-length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1552178/store/ 41 B
465 B 478ms
119ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1552178/store/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16&sentry_version=7

Requested by

Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

1557e6402dc5d026152944bd0c7b1fdde47b870099bf51c66fa834dae30b09fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lead-form-home-refi.stg.creditas.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 02 Oct 2021 13:02:19 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://lead-form-home-refi.stg.creditas.io
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 41

POST
H/1.1 200
OK 4feaa9ad94 Show response
bam.nr-data.net/events/1/ 24 B
202 B 106ms
106ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4feaa9ad94?a=274028670&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=3030&ref=https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais
Requested by: Host: lead-form-home-refi.stg.creditas.io
URL: https://lead-form-home-refi.stg.creditas.io/home-equity/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://lead-form-home-refi.stg.creditas.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://lead-form-home-refi.stg.creditas.io
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kong.stg.creditas.io
URL: https://kong.stg.creditas.io/trust/devices/session

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.creditas.io/	1970-01-20 15:10:51	Name: _ga Value: GA1.2.1614125383.1633179738
.creditas.io/	1970-01-19 21:41:06	Name: _gid Value: GA1.2.280556581.1633179738
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 439efa9f5ac3ff27
api.stg.creditas.io/	1970-01-20 06:25:15	Name: sp Value: a4c617c2-55bb-41b5-93d5-9bd2230e1cae

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/mySegments/lead-form-home-refi' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://sdk.split.io/api/splitChanges?since=-1' because it violates the document's Content Security Policy.
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/solicitacao/informacoes-pessoais Message: Access to XMLHttpRequest at 'https://kong.stg.creditas.io/trust/devices/session' from origin 'https://lead-form-home-refi.stg.creditas.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kong.stg.creditas.io/trust/devices/session Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the document's Content Security Policy.
security	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the following Content Security Policy directive: "connect-src 'self' https://.bkfonline.com.br https://.creditas.com.br https://.creditas.com http://.creditas.io https://.creditas.io http://.stg.creditas.io https://.stg.creditas.io https://devsnowplow.creditas.com.br:8443 https://.inspectlet.com wss://.inspectlet.com https://.doubleclick.net https://.shoptarget.com.br https://.retargeter.com.br https://.sback.tech https://.shopconvert.com.br https://.shopback.net wss://creditas.zendesk.com https://.zendesk.com wss://.zopim.com https://.zopim.com https://brasilapi.com.br/api/ https://.facebook.com http://.facebook.com https://.fbcdn.net http://.fbcdn.net http://.facebook.net https://.facebook.net https://.akamaihd.net ws://.facebook.com:* http://.akamaihd.net https://ad.zanox.com https://api.soclminer.com.br .voxus.tv .voxus.com.br .ipify.org .loggly.com targeting-version-voxusmidia.netdna-ssl.com https://static.zdassets.com https://ekr.zdassets.com https://.hotjar.com wss://.hotjar.com https://.glassboxdigital.io https://forms.hubspot.com https://heapanalytics.com https://.outbrain.com https://.taboola.com https://rs.fullstory.com https://.nr-data.net https://.tailtarget.com https://creditas-personal-loan-staging.herokuapp.com https://d33wubrfki0l68.cloudfront.net https://sentry.io https://www.google-analytics.com https://trk.indoleads.com https://h.online-metrix.net/".
javascript	error	URL: https://lead-form-home-refi.stg.creditas.io/home-equity/(Line 1) Message: Refused to connect to 'https://auth.split.io/api/auth?users=lead-form-home-refi' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri https://o274735.ingest.sentry.io/api/1552178/security/?sentry_key=08ae1e91865a4d4286bd551fe2d20f16
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stg.creditas.io
assets.creditas.com
bam.nr-data.net
js-agent.newrelic.com
kong.stg.creditas.io
lead-form-home-refi.stg.creditas.io
sentry.io
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
kong.stg.creditas.io
104.18.160.90
142.250.186.46
142.250.74.200
151.101.130.137
162.247.242.19
167.99.242.112
35.188.42.15
52.1.83.253
0b0115ba26de5538d8ab09fb3c0abed1d88bbb76791ff1c0bbc86ec985048612
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1557e6402dc5d026152944bd0c7b1fdde47b870099bf51c66fa834dae30b09fc
1a6b1de48e576351be1df8af34a0cc16093f23361143b6c31f1a96be0003b816
21dba2d0f118933ba97c3c8047ec2ef03feb7df15077664e2b2c82ef1943aa8c
2644ae185ba93c7d0851b0cfdf78555103a78569489c3430e8fec5380e5abc8f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c2741df89f131221548eb237c34bd714cbbe76ca0e0e082aea4efaf20a6466b
3f7e24d4ff6b0ea4bdcf8ba020ac62e700debb7f95306d8ba2825ea5f9705d63
45aad62123c59662b4bf4a35a7b701f5453797dfd0951e78e84e310be2cea959
46f1899200f6d0dc49503701ec111e22671a02cf3bfe8caf36fd0e6657f047c3
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
6d8de191affc1e8a9598f5e5ac68076002bef80029484c8b9e1dd42227790d7c
762fa55d4c532c1bc827ae22067d240e5b4d3c2728a6878b6f59a5f9b33ea42b
7ba27ce53ade15990cb9812cd3fcb8df611e9067d96529bc7e165f8324024a52
8231c3394da90a1130daa0f6e199815e75ae8a20f3a9b0a2c573b6f02a469549
89180419517136886b8d553fe0cd6dca3924f4875771d5acae21c9f9fa6dafce
90288eafd92f71c68636f5140d5399779c0f2a809f1a95a9a0f00c0af2d67881
972e9587a12873f9002463885dfdd5aaae87db5845c17fa1226ebacd117a60ef
a7fb7092589912661ef9dfcdd7200df254b94156586698fc0872b8732e7dc6b1
ad82688db98dc51351a517c476de5c58bbdfab07a03d3e984ed83d76a9a2349b
b2daa3e47a6a7070133df5648a9879d4e18fc55d300420e2cd7e6c0373cf168c
bc430e101601303e5837a8303001e63a385e1a7a55dd104b839a7d338afe9c38
c662ffb8c5f4f1dce99fe09d78fcf80aac6182d2e04ded070bbd99dfc0f92eb1
cc5d96ff5ffe65400c6ce8aeaa4302a49dec49ca1194a2c935bf0b26dfb52402
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d9074282cd5c1ec48300b6d929c9ec294e31949d4f076802ac70fe81d0611fb3
ed3e330a039a795ea9b041eda0ac0b4655279912970a0136eb9f056ab6af823a
fb05e9d0ef5a3e0670e4bd8b9d77151d2f8324246a21926d53a56475f4c11517
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

lead-form-home-refi.stg.creditas.io Open in urlscan Pro 167.99.242.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

572 kBTransfer

1702 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lead-form-home-refi.stg.creditas.io Open in urlscan Pro
167.99.242.112 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

572 kB
Transfer

1702 kB
Size

4
Cookies

34 HTTP transactions
2 data transactions