urlscan.io logo urlscan.io
SecurityTrails logo

cartao.itau.com.br Open in urlscan Pro
23.79.138.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u10325728.ct.sendgrid.net/ls/click?upn=AYSg0MfKE83NjWnsH3Z5JaP8eTfB-2BBw8xSbka4ejcklXFZBe3B-2BfecVlT1nOMLlqyB1E4Zx999ilkTs...
Effective URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Submission: On August 26 via manual from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 27 HTTP transactions. The main IP is 23.79.138.115, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is cartao.itau.com.br.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 12th 2021. Valid for: a year.
This is the only time cartao.itau.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u10325728.ct.sendgrid.net
7    23.79.138.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-138-115.deploy.static.akamaitechnologies.com
cartao.itau.com.br
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:2190:4c00:8:9021:1740:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.usebeon.io
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    177.84.203.215 (Brazil)

ASN52735 (FLEX GESTAO DE RELACIONAMENTOS S.A., BR)
cartaoclick.flexcontact.com.br
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
7 cartao.itau.com.br cartao.itau.com.br
5 c.usebeon.io cartao.itau.com.br
c.usebeon.io
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cartao.itau.com.br
3 fonts.googleapis.com cartao.itau.com.br
2 www.facebook.com cartao.itau.com.br
2 cartaoclick.flexcontact.com.br cartao.itau.com.br
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net cartao.itau.com.br
connect.facebook.net
1 www.googletagmanager.com cartao.itau.com.br
1 u10325728.ct.sendgrid.net 1 redirects
27 10

This site contains no links.

Subject Issuer Validity Valid
www.personnalite.com.br
GeoTrust RSA CA 2018		 2021-06-12 -
2022-04-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.usebeon.io
Amazon		 2021-05-21 -
2022-06-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.flexcontact.com.br
AlphaSSL CA - SHA256 - G2		 2020-11-30 -
2022-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cartao.itau.com.br/z1e/30070034C77340744sp
Frame ID: 81ABDCD7D7BD983842EF3C1C847C5577
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Itaú Cartões

Page URL History Show full URLs

  1. https://u10325728.ct.sendgrid.net/ls/click?upn=AYSg0MfKE83NjWnsH3Z5JaP8eTfB-2BBw8xSbka4ejcklXFZBe3B-2BfecVlT1n... HTTP 302
    https://cartao.itau.com.br/z1e/30070034C77340744sp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

27
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

1659 kB
Transfer

4059 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u10325728.ct.sendgrid.net/ls/click?upn=AYSg0MfKE83NjWnsH3Z5JaP8eTfB-2BBw8xSbka4ejcklXFZBe3B-2BfecVlT1nOMLlqyB1E4Zx999ilkTsAXUBNoQ-3D-3D7tfj_QGFlkCHULQmvu28Fmln0HIDhkvlErh97cdQONvGgqYyLDB-2BpE3rwTNIrsZc02FQCKXExQfEKD3j8T319I2pVV8yFGjyZp4gb4a-2F6P51g2slN4P3XtLFAgxiXfv-2B2-2FrhtvKUD3ggIEQvCQU6bxQrFTiddb7NPW25Ewy6bIRW27s9N-2FitPhQvA6QiPKY6kbmDNJwHeJ6xKyjR43AoACZzSDqj1pU5P0ix23lYu7glX1hU-3D HTTP 302
    https://cartao.itau.com.br/z1e/30070034C77340744sp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 30070034C77340744sp
cartao.itau.com.br/z1e/
Redirect Chain
  • https://u10325728.ct.sendgrid.net/ls/click?upn=AYSg0MfKE83NjWnsH3Z5JaP8eTfB-2BBw8xSbka4ejcklXFZBe3B-2BfecVlT1nOMLlqyB1E4Zx999ilkTsAXUBNoQ-3D-3D7tfj_QGFlkCHULQmvu28Fmln0HIDhkvlErh97cdQONvGgqYyLDB-2B...
  • https://cartao.itau.com.br/z1e/30070034C77340744sp
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf4e558b36b78b7ca28118e2168c0f2fb010be6cb4cdd8f1360d53ed8b06a0b4

Request headers

:method
GET
:authority
cartao.itau.com.br
:scheme
https
:path
/z1e/30070034C77340744sp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html
last-modified
Wed, 25 Aug 2021 22:17:37 GMT
accept-ranges
bytes
etag
"408e9c2ff99d71:0"
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-encoding
gzip
date
Thu, 26 Aug 2021 12:59:09 GMT
content-length
2367

Redirect headers

Server
nginx
Date
Thu, 26 Aug 2021 12:59:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
73
Connection
keep-alive
Location
https://cartao.itau.com.br/z1e/30070034C77340744sp
X-Robots-Tag
noindex, nofollow
icon
fonts.googleapis.com/ 		568 B
365 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 12:59:09 GMT
server
ESF
date
Thu, 26 Aug 2021 12:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 12:59:09 GMT
main.9f890096.chunk.css
cartao.itau.com.br/static/css/ 		491 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cartao.itau.com.br/static/css/main.9f890096.chunk.css
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
500ca8a774e4ddb3fb3935180e6540241dc8a5fcca5ab263cb34ab0044e7b001

Request headers

:path
/static/css/main.9f890096.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:17:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2a8e952ff99d71:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=78056
accept-ranges
bytes
content-length
54891
expires
Fri, 27 Aug 2021 10:40:05 GMT
2.a5ecc109.chunk.js
cartao.itau.com.br/static/js/ 		530 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartao.itau.com.br/static/js/2.a5ecc109.chunk.js
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2cadb4ca6c35a7700d577fae5b91eaa99e8ea796aa253606597a8590742d496c

Request headers

:path
/static/js/2.a5ecc109.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:17:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5c72982ff99d71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=77965
accept-ranges
bytes
content-length
155623
expires
Fri, 27 Aug 2021 10:38:34 GMT
main.6edbabc4.chunk.js
cartao.itau.com.br/static/js/ 		1 MB
339 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cartao.itau.com.br/static/js/main.6edbabc4.chunk.js
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e70c0bed71db22490abb7c58b70f7e044b091d5d0c742b37746a731804dbc68a

Request headers

:path
/static/js/main.6edbabc4.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:17:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5c72982ff99d71:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=77926
accept-ranges
bytes
content-length
346358
expires
Fri, 27 Aug 2021 10:37:55 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-96535900-42
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8195350c35d1223d7396993e9c8854eee161baa8cb631b672a1b1a59b5a1a975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41179
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Aug 2021 12:59:09 GMT
v4.js
c.usebeon.io/loader/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.usebeon.io/loader/v4.js
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:8:9021:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a5426edaca15edd48bef3953c0fe918e40159e7876cc7bf9a73103cfea29ac4

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 00:07:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 14:30:51 GMT
server
AmazonS3
age
46306
etag
W/"a84a90889c727611464af5b6946eb542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
FvpshHNKFLhCER410P9hr7ObDuiylcBq7EGiQblxPaa4uTyUgOTr9w==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25993
x-xss-protection
0
pragma
public
x-fb-debug
4U1xtZx7kypyTd7mytIGkdOK4h6vX6k2XN2yAHpNOVliPMPUlLU4+fWceutUJ7b60RSY7j0VHE0S8mWt4312JA==
x-fb-trip-id
1718053925
x-frame-options
DENY
date
Thu, 26 Aug 2021 12:59:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/ 		4 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;700&display=swap
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/static/css/main.9f890096.chunk.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ccce3ffe8b089783689410a5318b16a1ca83996a158b9fb8c6f12915f9b998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 12:12:36 GMT
server
ESF
date
Thu, 26 Aug 2021 12:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 12:59:09 GMT
css2
fonts.googleapis.com/ 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/static/css/main.9f890096.chunk.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 11:57:46 GMT
server
ESF
date
Thu, 26 Aug 2021 12:59:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 12:59:09 GMT
574555376844760
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/574555376844760?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ca85413f616eba496186148aeff2c5b49062ee41416129a1874fa5f833b46ab
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
go2zSeGG/E+LisvqEphiC58ZGFXxxrZxlOyLJ3a35dtC0yoHMa0uQW2K0D0b+Jd8fAtM/15MjHRRqLat/7ugFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 26 Aug 2021 12:59:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner.7025b99b.png
cartao.itau.com.br/static/media/ 		710 KB
711 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartao.itau.com.br/static/media/banner.7025b99b.png
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7def42a8942d209a7648a589071e49acbb4c78e6cc78e4f51bf54c6b17333a23

Request headers

:path
/static/media/banner.7025b99b.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
last-modified
Tue, 17 Aug 2021 11:20:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"c18878e65993d71:0"
content-type
image/png
cache-control
max-age=33488
accept-ranges
bytes
content-length
726592
expires
Thu, 26 Aug 2021 22:17:17 GMT
cartao-credicard-zero-chip.4391889e.png
cartao.itau.com.br/static/media/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartao.itau.com.br/static/media/cartao-credicard-zero-chip.4391889e.png
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e61370668897f4ba3515a1b9155636a1e4cf53b5dd6ab5c76dd8a2c7fbead781

Request headers

:path
/static/media/cartao-credicard-zero-chip.4391889e.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
last-modified
Tue, 24 Aug 2021 23:09:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5994b1163d99d71:0"
content-type
image/png
cache-control
max-age=568029
accept-ranges
bytes
content-length
94256
expires
Thu, 02 Sep 2021 02:46:18 GMT
cartao-credicard-zero-mobile.7dc483d6.png
cartao.itau.com.br/static/media/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cartao.itau.com.br/static/media/cartao-credicard-zero-mobile.7dc483d6.png
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.138.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-138-115.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88747bd4b8b1ec26510b9cfd6f4a8eb9bb3b60d27ddfb3bf03aa3f3e7d1ddd72

Request headers

:path
/static/media/cartao-credicard-zero-mobile.7dc483d6.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
cartao.itau.com.br
referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cartao.itau.com.br/z1e/30070034C77340744sp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:09 GMT
last-modified
Tue, 24 Aug 2021 23:09:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"b0aab7163d99d71:0"
content-type
image/png
cache-control
max-age=568017
accept-ranges
bytes
content-length
57071
expires
Thu, 02 Sep 2021 02:46:06 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
222bd50fc266228adfafae30bf06e29a1944f90ac4cea74c6f0cdb267bf0c122

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5669c44f2df4df3b707dfb35699d3737104787c4ec836e975efc80588dbf3582

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeb1f5a1b9dcaf9db0720b6a138a5288b6ef7d7d1bc6b359b186edca30a539c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb7ad6b1da330b4705c38f84af1323562b6549c6b4d9b800aab77364db0a1e93

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cartao.itau.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 06:10:48 GMT
x-content-type-options
nosniff
age
197301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23868
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:06:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:10:48 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cartao.itau.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 06:23:59 GMT
x-content-type-options
nosniff
age
23710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22748
x-xss-protection
0
last-modified
Thu, 01 Apr 2021 22:05:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Aug 2022 06:23:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96535900-42
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4958
date
Thu, 26 Aug 2021 11:36:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 26 Aug 2021 13:36:31 GMT
getMailing
cartaoclick.flexcontact.com.br/api/mailing/ 		443 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartaoclick.flexcontact.com.br/api/mailing/getMailing?url=/z1e/30070034C77340744sp
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/static/js/2.a5ecc109.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.84.203.215 , Brazil, ASN52735 (FLEX GESTAO DE RELACIONAMENTOS S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a914a330285a3445dde71a3d365a6b3c0d2d26451adc5cf2ae6d3ab93460f10e

Request headers

Accept
application/json, text/plain, */*
Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 12:59:11 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
443
expires
-1
sliders.js
c.usebeon.io/core/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.usebeon.io/core/js/sliders.js
Requested by
Host: c.usebeon.io
URL: https://c.usebeon.io/loader/v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:8:9021:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
101bc0eaadb772b949619c54d55cd82c4ee8ef76091ee988f111fb9d7b64fb6d

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 05:03:02 GMT
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 17:00:41 GMT
server
AmazonS3
age
28567
etag
W/"5a59f918229850bfc3fd2fb57480878f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
lfMq9g6aNrxZm7GjliPagUAW5cI2sLuxxKpkd3koZ83lhabhbfQ5Nw==
custom.js
c.usebeon.io/beonCredicard/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.usebeon.io/beonCredicard/js/custom.js
Requested by
Host: c.usebeon.io
URL: https://c.usebeon.io/loader/v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:8:9021:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
beon.css
c.usebeon.io/beonCredicard/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.usebeon.io/beonCredicard/css/beon.css
Requested by
Host: c.usebeon.io
URL: https://c.usebeon.io/loader/v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:8:9021:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
default.css
c.usebeon.io/core/css/ 		61 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.usebeon.io/core/css/default.css
Requested by
Host: c.usebeon.io
URL: https://c.usebeon.io/loader/v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:8:9021:1740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b7dbb2751d1aec6d09b86c2105b55c7cfffaa7f1eb51c9fcd95402d968fa559

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 01:45:44 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2020 19:26:08 GMT
server
AmazonS3
age
40406
etag
W/"0741bb56c4e976e26f7d9627b4a82206"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
mjDV80exe7RCyFjDAzju_mPzFZ2bm7bS-uJwgf-XQF0OGKvgUKo04A==
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=574555376844760&ev=PageView&dl=https%3A%2F%2Fcartao.itau.com.br%2Fz1e%2F30070034C77340744sp&rl=&if=false&ts=1629982750028&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.2.1629982750026.1548470666&it=1629982749839&coo=false&rqm=GET
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 26 Aug 2021 12:59:10 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=498728258&t=pageview&_s=1&dl=https%3A%2F%2Fcartao.itau.com.br%2Fz1e%2F30070034C77340744sp&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Cart%C3%B5es&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1028539657&gjid=1473162734&cid=347639810.1629982750&tid=UA-96535900-42&_gid=672021485.1629982750&_r=1&gtm=2ou8n0&z=2100310643
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 12:59:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cartao.itau.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=498728258&t=event&_s=2&dl=https%3A%2F%2Fcartao.itau.com.br%2Fz1e%2F30070034C77340744sp&ul=en-us&de=UTF-8&dt=Ita%C3%BA%20Cart%C3%B5es&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main&ea=Acesso&el=Acesso%20URL&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=347639810.1629982750&tid=UA-96535900-42&_gid=672021485.1629982750&gtm=2ou8n0&z=1315517077
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/z1e/30070034C77340744sp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 00:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45189
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=574555376844760&ev=Microdata&dl=https%3A%2F%2Fcartao.itau.com.br%2Fz1e%2F30070034C77340744sp&rl=&if=false&ts=1629982751532&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ita%C3%BA%20Cart%C3%B5es%22%2C%22meta%3Adescription%22%3A%22Conhe%C3%A7a%20todas%20as%20vantagens%20dos%20cart%C3%B5es%20Itaucard.%20Solicite%20agora%20mesmo%20o%20seu%20e%20aproveite%20benef%C3%ADcios%20exclusivos.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.2.1629982751531.482584442&it=1629982749839&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:59:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 26 Aug 2021 12:59:11 GMT
updateLPState
cartaoclick.flexcontact.com.br/api/mailing/ 		31 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cartaoclick.flexcontact.com.br/api/mailing/updateLPState?url=/z1e/30070034C77340744sp&idMailing=30070034
Requested by
Host: cartao.itau.com.br
URL: https://cartao.itau.com.br/static/js/2.a5ecc109.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.84.203.215 , Brazil, ASN52735 (FLEX GESTAO DE RELACIONAMENTOS S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75149a914cc81724528421d4983d39429ccdf08851fb47a196e5419e211c174e

Request headers

Accept
application/json, text/plain, */*
Referer
https://cartao.itau.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Aug 2021 12:59:12 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
31
expires
-1

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| findVariante function| setCodigos function| gtag object| dataLayer string| beonobject function| beon function| fbq function| _fbq object| webpackJsonpfrontend object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| BeonNotificationInitializer function| BeonClockInitializer function| BeonMagicFlagInitializer object| beone string| beon_pageview_id object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.cartao.itau.com.br/ Name: beon-session-id
Value: sess_bbe4547e-5985-4cdd-81ec-bf17b38388f1
.itau.com.br/ Name: _gid
Value: GA1.3.672021485.1629982750
.itau.com.br/ Name: _ga
Value: GA1.3.347639810.1629982750
.itau.com.br/ Name: _gat_gtag_UA_96535900_42
Value: 1
.itau.com.br/ Name: _fbp
Value: fb.2.1629982750026.1548470666
.cartao.itau.com.br/ Name: beon-customer-id
Value: anon_d8efe315-bb32-41dc-92d2-a7ab177fd254

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.usebeon.io
cartao.itau.com.br
cartaoclick.flexcontact.com.br
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
u10325728.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
167.89.118.28
177.84.203.215
23.79.138.115
2600:9000:2190:4c00:8:9021:1740:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
101bc0eaadb772b949619c54d55cd82c4ee8ef76091ee988f111fb9d7b64fb6d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b7dbb2751d1aec6d09b86c2105b55c7cfffaa7f1eb51c9fcd95402d968fa559
222bd50fc266228adfafae30bf06e29a1944f90ac4cea74c6f0cdb267bf0c122
2cadb4ca6c35a7700d577fae5b91eaa99e8ea796aa253606597a8590742d496c
3ca85413f616eba496186148aeff2c5b49062ee41416129a1874fa5f833b46ab
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
4a5426edaca15edd48bef3953c0fe918e40159e7876cc7bf9a73103cfea29ac4
500ca8a774e4ddb3fb3935180e6540241dc8a5fcca5ab263cb34ab0044e7b001
5669c44f2df4df3b707dfb35699d3737104787c4ec836e975efc80588dbf3582
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75149a914cc81724528421d4983d39429ccdf08851fb47a196e5419e211c174e
7def42a8942d209a7648a589071e49acbb4c78e6cc78e4f51bf54c6b17333a23
8195350c35d1223d7396993e9c8854eee161baa8cb631b672a1b1a59b5a1a975
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ccce3ffe8b089783689410a5318b16a1ca83996a158b9fb8c6f12915f9b998
88747bd4b8b1ec26510b9cfd6f4a8eb9bb3b60d27ddfb3bf03aa3f3e7d1ddd72
99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a914a330285a3445dde71a3d365a6b3c0d2d26451adc5cf2ae6d3ab93460f10e
aeb1f5a1b9dcaf9db0720b6a138a5288b6ef7d7d1bc6b359b186edca30a539c3
cf4e558b36b78b7ca28118e2168c0f2fb010be6cb4cdd8f1360d53ed8b06a0b4
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e61370668897f4ba3515a1b9155636a1e4cf53b5dd6ab5c76dd8a2c7fbead781
e70c0bed71db22490abb7c58b70f7e044b091d5d0c742b37746a731804dbc68a
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
fb7ad6b1da330b4705c38f84af1323562b6549c6b4d9b800aab77364db0a1e93
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62