portalempresas.fleury.telemedicinaeinstein.com.br Open in urlscan Pro
13.224.214.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Effective URL:
https://portalempresas.fleury.telemedicinaeinstein.com.br/
Submission: On January 13 via api (January 13th 2024, 3:32:45 pm UTC) from US — Scanned from US

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 10 domains to perform 68 HTTP transactions. The main IP is 13.224.214.56, located in United States and belongs to AMAZON-02, US. The main domain is portalempresas.fleury.telemedicinaeinstein.com.br.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: a year.

This is the only time portalempresas.fleury.telemedicinaeinstein.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.224.214.56 13.224.214.56	16509 (AMAZON-02) (AMAZON-02)
10	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e4:... 2606:4700:e4::ac40:a507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.238.4.118 18.238.4.118	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
4	13.32.151.46 13.32.151.46	16509 (AMAZON-02) (AMAZON-02)
3	13.224.214.98 13.224.214.98	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	52.212.115.5 52.212.115.5	16509 (AMAZON-02) (AMAZON-02)
2	52.85.151.11 52.85.151.11	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
2	18.238.4.35 18.238.4.35	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
68	17

8 13.224.214.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-56.phl50.r.cloudfront.net

portalempresas-front-prd.fleury.telemedicinaeinstein.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portalempresas.fleury.telemedicinaeinstein.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a507 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-118.phl51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.151.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-46.iad66.r.cloudfront.net

cdn-pe.telemedicinaeinstein.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.214.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-98.phl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.115.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-115-5.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.151.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-11.iad89.r.cloudfront.net

portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::93 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.4.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-35.phl51.r.cloudfront.net

pe-icons-telemedicina-dev.telemedicinaeinstein.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	telemedicinaeinstein.com.br portalempresas-front-prd.fleury.telemedicinaeinstein.com.br cdn-pe.telemedicinaeinstein.com.br portalempresas.fleury.telemedicinaeinstein.com.br portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br Failed pe-icons-telemedicina-dev.telemedicinaeinstein.com.br	3 MB
10	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	59 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	737 KB
8	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140	46 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	38 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 681 script.hotjar.com — Cisco Umbrella Rank: 996	120 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	291 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	309 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6408 Failed	160 B
68	10

	Domain	Requested by
10	cdn.jsdelivr.net	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br portalempresas.fleury.telemedicinaeinstein.com.br
6	www.gstatic.com	www.google.com www.gstatic.com
6	ka-f.fontawesome.com	kit.fontawesome.com
5	www.google.com	portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br www.gstatic.com www.google.com
4	portalempresas.fleury.telemedicinaeinstein.com.br	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br cdn.jsdelivr.net portalempresas.fleury.telemedicinaeinstein.com.br
4	cdn-pe.telemedicinaeinstein.com.br	cdn.jsdelivr.net
4	www.googletagmanager.com	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br www.googletagmanager.com portalempresas.fleury.telemedicinaeinstein.com.br
4	fonts.googleapis.com	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br portalempresas.fleury.telemedicinaeinstein.com.br
4	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br cdn.jsdelivr.net
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google-analytics.com	www.googletagmanager.com
3	script.hotjar.com	static.hotjar.com script.hotjar.com
2	pe-icons-telemedicina-dev.telemedicinaeinstein.com.br	portalempresas.fleury.telemedicinaeinstein.com.br
2	portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br	cdn.jsdelivr.net portalempresas.fleury.telemedicinaeinstein.com.br
2	static.hotjar.com	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br portalempresas.fleury.telemedicinaeinstein.com.br
2	kit.fontawesome.com	portalempresas-front-prd.fleury.telemedicinaeinstein.com.br portalempresas.fleury.telemedicinaeinstein.com.br
1	content.hotjar.io	script.hotjar.com
68	17

This site contains no links.

Subject Issuer	Validity	Valid
*.fleury.telemedicinaeinstein.com.br Amazon RSA 2048 M01	`2023-02-28` - `2024-03-28`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.telemedicinaeinstein.com.br Amazon RSA 2048 M01	`2023-05-28` - `2024-06-25`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Frame ID: E36E83D52CE79B69C636C63262FA761D
Requests: 58 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns&co=aHR0cHM6Ly9wb3J0YWxlbXByZXNhcy5mbGV1cnkudGVsZW1lZGljaW5hZWluc3RlaW4uY29tLmJyOjQ0Mw..&hl=en&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&badge=bottomright&cb=dcrnfpy6u286
Frame ID: 0E22A6DB1A0F7C22F63C485C22D7ADDE
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns
Frame ID: 8CBDFB1FDE81FBF511ADB5DFA9A44D50
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal Empresas — Grupo Fleury

Page URL History Show full URLs

https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ Page URL
https://portalempresas.fleury.telemedicinaeinstein.com.br/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

96 %
HTTPS

56 %
IPv6

10
Domains

17
Subdomains

17
IPs

2
Countries

4110 kB
Transfer

6334 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ Page URL
https://portalempresas.fleury.telemedicinaeinstein.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ 16 KB
17 KB 335ms
169ms Document
text/html 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 450264e827787c64ecec8ce26f89a3b2a70dd05be5847f24313183df187d5290

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 16679
content-type: text/html
date: Sat, 13 Jan 2024 15:32:38 GMT
etag: "aad19fdb1f5c6737e2724a4d7ced5ff4"
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
vary: Origin
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
x-amz-cf-id: _8uaV9dwuIdM7snfJNCV756EYlihw0hsLHMRtBvMIwNjK9A9wiJlug==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 runtime.min.js Show response
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/ 7 KB
3 KB 88ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/runtime.min.js

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

587bbee639da5a2f097ba99b12ffd33e10a64378b29624945b8ab3a5514d5107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2732259
x-jsd-version: 0.13.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2743
x-served-by: cache-fra-etou8220087-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type: version
etag: W/"1a73-bnmptAFfOvFXhGrxwrCcGHiq7DM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 portalempresas-root-config.js Show response
portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ 539 KB
540 KB 181ms
180ms Script
text/javascript 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/portalempresas-root-config.js
Requested by: Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bb257f30f8bdedc46fbe3e076a5a8b790abdc005f4a49ded90a58fe407d8a9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "8a0d254780d34a65d655945bafa11aed"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 552375
x-amz-cf-id: NcMu49wiyeyHG5uDUrRuAvTknyblDrvzE1hfZt3Hosu1re8PrhKhyg==

GET
H2 200 main-e5cfa0a05942f97ef18e.css
portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ 2 KB
3 KB 157ms
156ms Stylesheet
text/css 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/main-e5cfa0a05942f97ef18e.css
Requested by: Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c837444f78169b4188b5ee55567470ae82ab334231b3ae83ff04b184fa0301f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "e128fc9c3f9ac9130ea12327ee8eb21c"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2433
x-amz-cf-id: JotbqQ-6wFE1lVnsQgnWsoMwxb0WH-DIVNtT1rLR5wW9-pM9crmJjw==

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 169ms
63ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Rubik:wght@400;500;600;700;800&display=swap

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73a1cf597991d75483bf506da45edfa793f0321e167ff707958f4c0e6abc2feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:32:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 15:32:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 167ms
62ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:29:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 15:32:38 GMT

GET
H2 200 de1e775a78.js Show response
kit.fontawesome.com/ 12 KB
5 KB 161ms
102ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/de1e775a78.js
Requested by: Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af53c687cad86819e5b358c7320653e48ab77d10ccaaccf4eb7f25d8a7d5f1c4

Request headers

Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 844eb1696af921c7-MIA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6nx8pBQhMnmRjYbXSUh

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 101ms
42ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
via: 1.1 d7db6b9cdf796f6ea0cdbe5b3a75c84a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNJ8W0ko6YqdWlIiAcvqWD7XcnwBsiVJ%2FgQTHVUjv18vr5YBp2eRQWldt2V%2FcLkkk1dGM9kThnpuqBZd599dQF%2FR8p37naCpR5HiU%2BAWY5XZ1VNX9dwEm9d781wwV65CDxVQJ2u1IEdV3Q0XlDhMmx71yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb16a7f4f742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: v6Fbh2AGLcVzeyHg1e5Oy6ZZEp2lrWjh9Xel-hyvu1kSEj9UMEoDFA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 100ms
41ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
via: 1.1 d63b9ed947b87984f3825316a5ec0b1e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gibms9%2FVKR8HFntqHTOrUk3aP2anSr4rH5JotS5U9dgstXrtn3T22KDyIQxT%2BvXTlNMg4nheezLu7xmMkMrDiJQGRm1Zpk04kw0JK2bxmBoFXx5tKZsNV9t0o85D6CfmbfxZYyVRRUNCInXkm9MVS6cZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb16a7f52742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RAKSeb7A8i_-RPBIcLRjjyXrm7QIwtTHsMF8VyGlBqEPzwnekx-2ow==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 98ms
40ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
via: 1.1 96ec34ce0a0b54341f66006912ddc5d4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n%2B3E0KMV7A0fr%2BXiLj%2B9Ln9RlTgkxTM2DlnmYJ8eQpFEPuCcXQk8InhS%2BmuwdNwFO6tpbvr5mDOvSm3aFWadRhQWwNHnaO3rYNLtFRSff0WzxyRZMPFzifBLRrDTTo7NdjV1%2FfLMED%2Ftoryd%2BXuI4jrXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb16a7f51742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qrneXiDCjM4at2X6g3lEs6aCDjxNmPldZB4gyAytOXVlZmlFzoQQkg==

GET
H3 200 single-spa.min.js Show response
cdn.jsdelivr.net/npm/single-spa@5.9.0/lib/system/ 20 KB
7 KB 61ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/single-spa@5.9.0/lib/system/single-spa.min.js

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7eedd74437ed292c091108cec9e3c9f69c72c59299aa7ded933b6fbdd1ff7c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 889503
x-jsd-version: 5.9.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6739
x-served-by: cache-fra-eddf8230108-FRA, cache-mia-kmia1760083-MIA
x-jsd-version-type: version
etag: W/"4fc6-mRlSM6aBLpNvAuv1hQj2EMUzY8E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 import-map-overrides.js Show response
cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/ 44 KB
13 KB 28ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/import-map-overrides.js

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d1252b23b5ba7cd633182ea88889403fbaa292ba571ff676844e75a512cbb604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 752524
x-jsd-version: 2.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13221
x-served-by: cache-fra-etou8220026-FRA, cache-mia-kmia1760057-MIA
x-jsd-version-type: version
etag: W/"af61-/QXMy/3aRblSUh1Rz5IDzUNVYkI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 system.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 11 KB
5 KB 27ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2732260
x-jsd-version: 6.8.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4684
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 imports-map.json Show response
portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/ 8 KB
9 KB 174ms
173ms Fetch
application/json 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/imports-map.json
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d782448fe8a6210604b5a8740fbf2a74dd85e6c6daa37a6437d2da7da4be0973

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "a08c1304ad856f45d48e24ab8f04cfe5"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 8584
x-amz-cf-id: 0U99qY3wZqoohC1cUGXb5Mo-GerdbuaZjPy3D1RiPimop9biMT6LJA==

GET
H3 200 amd.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 2 KB
1 KB 27ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/amd.min.js

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:38 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2653429
x-jsd-version: 6.8.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 833
x-served-by: cache-fra-etou8220059-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"665-BQHyV2OT0XsgsHcuM1F7Bi7HRVI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hotjar-3042661.js Show response
static.hotjar.com/c/ 9 KB
4 KB 314ms
133ms Script
application/javascript 18.238.4.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3042661.js?sv=6

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-118.phl51.r.cloudfront.net

Software

Resource Hash

ec248e972bef95e3cadfd1a398886ab3f1f6f0e1e434092ae8d03c610330638d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
etag: W/8a6f17047efbe6cce70b8679afcce0bb
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RMIx-zy69YPILrVmAU9oTCDtgJTyaY2JwbNeTnanzSWDfcJIZTQ1xA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 257ms
78ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKH95SJ

Requested by

Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c41b612cd45b4d7ebfccbfb5fd16cbf9f1cdee3b55b9bfb267e9ef5807d09d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61936
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 15:32:38 GMT

GET
H2 200 single-spa@5.9.0.min.js
cdn-pe.telemedicinaeinstein.com.br/ 20 KB
20 KB 543ms
175ms Script
application/javascript 13.32.151.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pe.telemedicinaeinstein.com.br/single-spa@5.9.0.min.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-46.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 14:20:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
etag: "2e8ac896c129d4348902aa3a5743d556"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 20421
x-amz-cf-id: O4YRTz0jFVc7NEzTrIXNBqg4G3czHbiHbF6NiAkbhYseGfOXXz_hSQ==

GET
H2 200 modules.01a61edd76e9459a4476.js Show response
script.hotjar.com/ 219 KB
55 KB 193ms
63ms Script
application/javascript 13.224.214.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3042661.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-98.phl50.r.cloudfront.net

Software

Resource Hash

1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 111691
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55621
last-modified: Fri, 12 Jan 2024 08:30:49 GMT
etag: "c6b381ec2a77add5ff4703aac0792891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3Kc2AmUO-iP8a_IR2rah5b334zb5CNodSuE2j-AxSrFrTtitpfBdkw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 79ms
79ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DSD1ER9J3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKH95SJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03a9e5cf9258436eb1437c9b15302e91905da6fae33db1b16fa0edddad1859cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 15:32:38 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
275 B 109ms
41ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3DSD1ER9J3&gtm=45je41a0v890778851z8868575598&_p=1705159958192&gcd=11l1l1l1l1&dma=0&cid=2087397605.1705159959&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705159958&sct=1&seg=0&dl=https%3A%2F%2Fportalempresas-front-prd.fleury.telemedicinaeinstein.com.br%2F&dt=Portal%20Empresas%20%E2%80%94%20Grupo%20Fleury&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1251
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DSD1ER9J3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 15:32:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js
script.hotjar.com/ 4 KB
2 KB 56ms
55ms Script
application/javascript 13.224.214.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-98.phl50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 10:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 6152911
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Fri, 03 Nov 2023 10:23:46 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: U3FbeXhhoSre5dJRNPpR9madbKVLvjUVH7ElQjm4r_gJrsEScvs-oQ==

POST /
content.hotjar.io/ 0
0

GET
H2 200 Primary Request / Show response
portalempresas.fleury.telemedicinaeinstein.com.br/ 16 KB
17 KB 405ms
110ms Document
text/html 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Requested by: Host: portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/portalempresas-root-config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 450264e827787c64ecec8ce26f89a3b2a70dd05be5847f24313183df187d5290

Request headers

Referer: https://portalempresas-front-prd.fleury.telemedicinaeinstein.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 16679
content-type: text/html
date: Sat, 13 Jan 2024 15:32:40 GMT
etag: "aad19fdb1f5c6737e2724a4d7ced5ff4"
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
vary: Origin
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
x-amz-cf-id: I3PnezACmIE8TvcFiM4PVAUaF7v5hOOWfNLtB48aIFNnCIeO1moy0A==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET portalempresas-authentication.js
portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/ 0
0

POST collect
www.google-analytics.com/g/ 0
0

GET
H3 200 runtime.min.js Show response
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/ 7 KB
3 KB 28ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/runtime.min.js

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

587bbee639da5a2f097ba99b12ffd33e10a64378b29624945b8ab3a5514d5107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2732261
x-jsd-version: 0.13.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2743
x-served-by: cache-fra-etou8220087-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"1a73-bnmptAFfOvFXhGrxwrCcGHiq7DM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 64ms
62ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Rubik:wght@400;500;600;700;800&display=swap

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73a1cf597991d75483bf506da45edfa793f0321e167ff707958f4c0e6abc2feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 15:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:32:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 15:32:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
979 B 70ms
69ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 15:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:26:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 15:32:39 GMT

GET
H2 200 de1e775a78.js Show response
kit.fontawesome.com/ 12 KB
4 KB 89ms
89ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/de1e775a78.js
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af53c687cad86819e5b358c7320653e48ab77d10ccaaccf4eb7f25d8a7d5f1c4

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 844eb1724f9b21c7-MIA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6nx8uQ9NPZTMf-3lj1B

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 45ms
43ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 d7db6b9cdf796f6ea0cdbe5b3a75c84a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoeJ5J9JBtilBPhwl75iVcwohBhl8S%2BpzgvRU6rAYdhLhLpKMPwoxqqJ%2FDWvRTa2kSWzBRY4eg5OidSRVEPPIyNXmhJVa80U5dvMWuIGWbrz%2Fv%2F7aduI9FnfJAXhl9Ln9KYyE763R4umzuzNLB5CN9cOag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb172ed2b742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: dBuB9Qw1gMBZmCvom1aGZeg4slDS7VWb3aivMcKw1503HgQwe6V9uA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 43ms
42ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 d63b9ed947b87984f3825316a5ec0b1e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lufqUIdpjm8r1hqueUdn%2Ba0Ea%2FtqrChNyMY%2FxQDs4lbXGDyPK8nE12kxWkJuTKdRZDbAd55M%2Ftj86BlVzwEE%2BUD3abHb3FeoQRi1NYo%2F8uOjgsd9MrPf07Vv796uin7eafT0z1lbLSyOepC70CIF67N6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb172ed33742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: tEpmh5t-tvLf6-Y01PnCjK0GeI2Jbg9eeUIOUptHnT8s0z7M36f6Vg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 40ms
39ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=de1e775a78
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/de1e775a78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 96ec34ce0a0b54341f66006912ddc5d4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MIA3-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWvym2C7wcaj2a9UDqEiduNMm0j0dvi2w5H%2Fdi%2BGGU8FR%2BJstZ3kyGFH6gGEF4Mtn7RtfoNZZ%2FBHjpwfdMW8MWrUZH7F1MZyRttFyPPDjtBxw1wCtvGtoUO8JVcWvM6LlO8Ml9rO06asGRnlnxIa7prLrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 844eb172ed37742c-MIA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: LMn5-w3ZkyxWpRzjTYIOO4kOA7z3t8WHIdRs1BTgFZpjXgaUp6XT3w==

GET
H3 200 single-spa.min.js Show response
cdn.jsdelivr.net/npm/single-spa@5.9.0/lib/system/ 20 KB
7 KB 27ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/single-spa@5.9.0/lib/system/single-spa.min.js

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7eedd74437ed292c091108cec9e3c9f69c72c59299aa7ded933b6fbdd1ff7c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 889504
x-jsd-version: 5.9.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6739
x-served-by: cache-fra-eddf8230108-FRA, cache-mia-kmia1760083-MIA
x-jsd-version-type: version
etag: W/"4fc6-mRlSM6aBLpNvAuv1hQj2EMUzY8E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 import-map-overrides.js Show response
cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/ 44 KB
13 KB 28ms
28ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/import-map-overrides.js

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d1252b23b5ba7cd633182ea88889403fbaa292ba571ff676844e75a512cbb604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 752526
x-jsd-version: 2.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13221
x-served-by: cache-fra-etou8220026-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"af61-/QXMy/3aRblSUh1Rz5IDzUNVYkI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 system.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 11 KB
5 KB 27ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2732261
x-jsd-version: 6.8.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4684
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 imports-map.json Show response
portalempresas.fleury.telemedicinaeinstein.com.br/ 8 KB
9 KB 131ms
130ms Fetch
application/json 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/imports-map.json
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d782448fe8a6210604b5a8740fbf2a74dd85e6c6daa37a6437d2da7da4be0973

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:40 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "a08c1304ad856f45d48e24ab8f04cfe5"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
accept-ranges: bytes
content-length: 8584
x-amz-cf-id: 8AAks4UUSyi_mJUDMDZF_hfo0qS8hbKSM4soCFrKOgbeHb2zHwgInw==

GET
H3 200 amd.min.js Show response
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 2 KB
1 KB 27ms
27ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/amd.min.js

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Jan 2024 15:32:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2653430
x-jsd-version: 6.8.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 833
x-served-by: cache-fra-etou8220059-FRA, cache-mia-kmia1760065-MIA
x-jsd-version-type: version
etag: W/"665-BQHyV2OT0XsgsHcuM1F7Bi7HRVI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hotjar-3042661.js Show response
static.hotjar.com/c/ 9 KB
4 KB 63ms
62ms Script
application/javascript 18.238.4.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3042661.js?sv=6

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.4.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-4-118.phl51.r.cloudfront.net

Software

Resource Hash

ec248e972bef95e3cadfd1a398886ab3f1f6f0e1e434092ae8d03c610330638d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ccbf01f3e1fbbe27e81779a9bd6e91de.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/8a6f17047efbe6cce70b8679afcce0bb
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: OaNpNO7UXDaePQGML-Dbc_Q5HgBAAAhlXWctr7biTGI-oHsItgluYg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 77ms
76ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KKH95SJ

Requested by

Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f395207d403bb3da96c1a062badcceef199ae66d51af30b09fc9f66b35869dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61937
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 15:32:39 GMT

GET
H2 200 portalempresas-root-config.js Show response
portalempresas.fleury.telemedicinaeinstein.com.br/ 539 KB
540 KB 131ms
131ms Script
text/javascript 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/portalempresas-root-config.js
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bb257f30f8bdedc46fbe3e076a5a8b790abdc005f4a49ded90a58fe407d8a9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:40 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "8a0d254780d34a65d655945bafa11aed"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 552375
x-amz-cf-id: PUuQLIwk1g3sSNSwZfdgaGuWS7zzv2_gLlNv73LbuMEU4LycGgxjYg==

GET
H2 200 main-e5cfa0a05942f97ef18e.css
portalempresas.fleury.telemedicinaeinstein.com.br/ 2 KB
3 KB 114ms
114ms Stylesheet
text/css 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/main-e5cfa0a05942f97ef18e.css
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c837444f78169b4188b5ee55567470ae82ab334231b3ae83ff04b184fa0301f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:40 GMT
via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Mar 2023 19:10:48 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: "e128fc9c3f9ac9130ea12327ee8eb21c"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2433
x-amz-cf-id: R9NquyvOSF3ggnjtysUpfzIPV6jHho2O92rRJTkNrgwroKCNeK3TTg==

GET
H2 200 modules.01a61edd76e9459a4476.js Show response
script.hotjar.com/ 219 KB
55 KB 62ms
61ms Script
application/javascript 13.224.214.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.01a61edd76e9459a4476.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3042661.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-98.phl50.r.cloudfront.net

Software

Resource Hash

1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 08:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 111692
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55621
last-modified: Fri, 12 Jan 2024 08:30:49 GMT
etag: "c6b381ec2a77add5ff4703aac0792891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UjntZfyWcUkc4GDiJxu7QJTEbiFyaVOuRmn5YWUCFrl6_N0lv4o7Fw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 78ms
78ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DSD1ER9J3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKH95SJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c003f5dc6998cfbe18f0b18555f0d9ee942a88afb4f0a9c7de79dbee0eb31382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86597
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 15:32:39 GMT

POST
H2 200 / Show response
content.hotjar.io/ 56 B
160 B 273ms
272ms XHR
application/json 52.212.115.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.01a61edd76e9459a4476.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.115.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-115-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0f4c6906e874b4d872366979c40bdb7c8359f94791ada59c949a9a5e448c6c8a

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 13 Jan 2024 15:32:40 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 single-spa@5.9.0.min.js Show response
cdn-pe.telemedicinaeinstein.com.br/ 20 KB
20 KB 58ms
57ms Script
application/javascript 13.32.151.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pe.telemedicinaeinstein.com.br/single-spa@5.9.0.min.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-46.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95967a53ca1389d627fabff7431c3eba7a8f50eb83b20be33809e39c5ba84715

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:39 GMT
via: 1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 14:20:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 1
etag: "2e8ac896c129d4348902aa3a5743d556"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 20421
x-amz-cf-id: 1j42tZRGwVPMRRmdoWN_UZX0vtg8Z_Akovo53EC67DG9gGbuBEhSPQ==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3DSD1ER9J3&gtm=45je41a0v890778851z8868575598&_p=1705159959647&gcd=11l1l1l1l1&dma=0&cid=2087397605.1705159959&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705159958&sct=1&seg=1&dl=https%3A%2F%2Fportalempresas.fleury.telemedicinaeinstein.com.br%2F&dr=https%3A%2F%2Fportalempresas-front-prd.fleury.telemedicinaeinstein.com.br%2F&dt=Portal%20Empresas%20%E2%80%94%20Grupo%20Fleury&en=page_view&tfd=1005
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DSD1ER9J3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 15:32:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 portalempresas-authentication.js Show response
portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/ 331 KB
332 KB 297ms
189ms Script
text/javascript 52.85.151.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/portalempresas-authentication.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-11.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79b0503a5407659bae14ff18a80a37ba2fe2a44f81cd40c58388e106765be4fe

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 c974a69619205281e0e6b8e73f95e4b4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 339253
last-modified: Wed, 22 Mar 2023 06:49:28 GMT
server: AmazonS3
etag: "12db12c4efb952e78c649e8e009bed92"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: iaW-ixAzYSKMLy04jvK8RqYBmfNWaWpvLTr0e3bgEqvKGYoT-2FZEw==

GET
H2 200 react@17.0.2.production.min.js Show response
cdn-pe.telemedicinaeinstein.com.br/ 11 KB
12 KB 122ms
121ms Script
application/javascript 13.32.151.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pe.telemedicinaeinstein.com.br/react@17.0.2.production.min.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-46.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05970b1797de024bae36367793ab49264b14dfd77a6217d7d16966acf6761b05

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 14:12:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
etag: "d659dd58835c23c90dfccbed80c72474"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 11462
x-amz-cf-id: nlT5UX0pZsl1fwCsL2BbebvYG7TO1mbERmp9M4kHECDSFkj-JsHt5g==

GET
H2 200 react-dom@17.0.2.production.min.js Show response
cdn-pe.telemedicinaeinstein.com.br/ 118 KB
118 KB 170ms
170ms Script
application/javascript 13.32.151.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-pe.telemedicinaeinstein.com.br/react-dom@17.0.2.production.min.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-46.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86d34c8ab6a1f111c1b6e269c73c72e8b634870c40b61bdc1e5515150781ca8a

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 14:10:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
etag: "4f836733de3e13baaa4b2cbc7d478b47"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 120585
x-amz-cf-id: 8_i3NsfmK3CZGm9C6H9atYIBKSOcK9Q8Z_QsNtPW0NZX-4slunkrkA==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 176ms
70ms Script
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/portalempresas-authentication.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e544f6f4980018e9b53195e3ef9ebc17b038687c619ddffe9dc46fa4c2c736c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 15:32:40 GMT

GET
H2 200 logo-fleury-white.png
pe-icons-telemedicina-dev.telemedicinaeinstein.com.br/fleury/ 5 KB
5 KB 269ms
145ms Image
image/png 18.238.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pe-icons-telemedicina-dev.telemedicinaeinstein.com.br/fleury/logo-fleury-white.png
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-35.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7694fbaddc13a2b1e3f47f36cdae731fd7c12eac0cd21918406f0aff93194a01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 06:08:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
etag: "d7dcbb1cf26aa1ea245a585724039d1a"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4654
x-amz-cf-id: ui61e1RRTd20ATeMHh4k_wFPYNTOKHdBpGWJEgiOqhQV2SPahHaP7Q==

GET
H2 200 435e08b64a0fe630db1c.png
portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/ 10 KB
10 KB 237ms
135ms Image
image/png 52.85.151.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/435e08b64a0fe630db1c.png
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-11.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 320c3d9690f0374837375f95e755c976f7e882f7b51608ab8e8b1d1cbdd48ff8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 a4cae74c829bc214e4183c38164a2c0a.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 06:49:28 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
etag: "ba2f7c3b27e739ec9b59d9ecdd79f6cd"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9836
x-amz-cf-id: LLF4JA3Bg0l8BOW7hiz8G2I8ZR_SKaw9WgK79l6fZ9VQE9IpGr2-Kg==

GET
H2 200 background-fleury-1.png
pe-icons-telemedicina-dev.telemedicinaeinstein.com.br/fleury/ 1 MB
1 MB 323ms
200ms Image
image/png 18.238.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pe-icons-telemedicina-dev.telemedicinaeinstein.com.br/fleury/background-fleury-1.png
Requested by: Host: portalempresas.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-35.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bd541ff6daeec40be61af820ca7e7018b803feb51363968fa418648dff597b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 06:21:26 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
etag: "14e9318867fcdbede0532deab3aa200e"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1185659
x-amz-cf-id: xerNDE-Lk2OupkE6x1TR2aMpNiGNJd6KmeVMsjD9UL17s4maeOdOhg==

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 219ms
113ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Rubik:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:27:54 GMT
x-content-type-options: nosniff
age: 158686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:27:54 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 113ms
53ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&family=Rubik:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:27:54 GMT
x-content-type-options: nosniff
age: 158686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:27:54 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 503 KB
202 KB 159ms
52ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 12:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 12:11:46 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0E22 45 KB
28 KB 89ms
88ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns&co=aHR0cHM6Ly9wb3J0YWxlbXByZXNhcy5mbGV1cnkudGVsZW1lZGljaW5hZWluc3RlaW4uY29tLmJyOjQ0Mw..&hl=en&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&badge=bottomright&cb=dcrnfpy6u286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbb310fb49e2f10c872f614b77641cdd3299b4e7364215eeb62a21c6f8de754d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-alvlAcQkX6wtv4BO7Tc-ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-alvlAcQkX6wtv4BO7Tc-ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 15:32:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 0E22 55 KB
24 KB 158ms
53ms Stylesheet
text/css 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns&co=aHR0cHM6Ly9wb3J0YWxlbXByZXNhcy5mbGV1cnkudGVsZW1lZGljaW5hZWluc3RlaW4uY29tLmJyOjQ0Mw..&hl=en&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&badge=bottomright&cb=dcrnfpy6u286

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 08:56:07 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 0E22 503 KB
201 KB 181ms
77ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 12:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 12:11:46 GMT

GET
DATA 200
OK truncated
/ Frame 0E22 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0E22 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0E22 2 KB
2 KB 53ms
52ms Image
image/png 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:12 GMT
x-content-type-options: nosniff
age: 282329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Jan 2024 09:07:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0E22 15 KB
15 KB 53ms
52ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:12:34 GMT
x-content-type-options: nosniff
age: 159607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 19:12:34 GMT

GET
H3 200 mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js Show response
www.google.com/js/bg/ Frame 0E22 17 KB
7 KB 52ms
52ms Script
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns&co=aHR0cHM6Ly9wb3J0YWxlbXByZXNhcy5mbGV1cnkudGVsZW1lZGljaW5hZWluc3RlaW4uY29tLmJyOjQ0Mw..&hl=en&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&badge=bottomright&cb=dcrnfpy6u286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 14:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 14:44:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0E22 102 B
135 B 71ms
70ms Other
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns&co=aHR0cHM6Ly9wb3J0YWxlbXByZXNhcy5mbGV1cnkudGVsZW1lZGljaW5hZWluc3RlaW4uY29tLmJyOjQ0Mw..&hl=en&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&badge=bottomright&cb=dcrnfpy6u286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:32:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 15:32:41 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8CBD 7 KB
1 KB 73ms
72ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

042546ec7306269f732c8e86d304a7bb193aa7e29ebf3d31253888452684f6d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C1bVJv3W11eNOIVlUctYQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-C1bVJv3W11eNOIVlUctYQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 15:32:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 8CBD 55 KB
24 KB 53ms
53ms Stylesheet
text/css 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 08:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 08:56:07 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 8CBD 503 KB
201 KB 56ms
55ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LcIL9QdAAAAAAWc269AZ6Wh-V6BvHc8jWLhq-Ns

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 12:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 12:11:46 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3DSD1ER9J3&gtm=45je41a0v890778851&_p=1705159959647&gcd=11l1l1l1l1&dma=0&cid=2087397605.1705159959&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705159958&sct=1&seg=1&dl=https%3A%2F%2Fportalempresas.fleury.telemedicinaeinstein.com.br%2F&dr=https%3A%2F%2Fportalempresas-front-prd.fleury.telemedicinaeinstein.com.br%2F&dt=Portal%20Empresas%20%E2%80%94%20Grupo%20Fleury&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6006
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DSD1ER9J3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portalempresas.fleury.telemedicinaeinstein.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 15:32:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalempresas.fleury.telemedicinaeinstein.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: content.hotjar.io
URL: https://content.hotjar.io/?gzip=1

Domain: portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br
URL: https://portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br/onboarding/authentication/portalempresas-authentication.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3DSD1ER9J3&gtm=45je41a0v890778851&_p=1705159958192&gcd=11l1l1l1l1&dma=0&cid=2087397605.1705159959&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705159958&sct=1&seg=0&dl=https%3A%2F%2Fportalempresas-front-prd.fleury.telemedicinaeinstein.com.br%2F&dt=Portal%20Empresas%20%E2%80%94%20Grupo%20Fleury&en=scroll&epn.percent_scrolled=90&_et=4&tfd=1887

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telemedicinaeinstein.com.br/	1970-01-21 03:15:19	Name: _ga Value: GA1.1.2087397605.1705159959
.telemedicinaeinstein.com.br/	1970-01-20 17:39:21	Name: _hjFirstSeen Value: 1
.telemedicinaeinstein.com.br/	1970-01-20 17:39:21	Name: _hjIncludedInSessionSample_3042661 Value: 1
.telemedicinaeinstein.com.br/	1970-01-21 02:24:55	Name: _hjSessionUser_3042661 Value: eyJpZCI6ImE4MTRjNzhkLTdkYmQtNWUzOC04YWVkLWIwOGUxYjY4MzI0ZCIsImNyZWF0ZWQiOjE3MDUxNTk5NTg4MDQsImV4aXN0aW5nIjp0cnVlfQ==
.telemedicinaeinstein.com.br/	1970-01-20 17:39:21	Name: _hjAbsoluteSessionInProgress Value: 0
.telemedicinaeinstein.com.br/	1970-01-20 17:39:21	Name: _hjSession_3042661 Value: eyJpZCI6ImE3OTY5NTVmLWJhZDgtNDZhNy05OTllLTg4OThiOGNiMWQ5NCIsImMiOjE3MDUxNTk5NTg4MDUsInMiOjEsInIiOjEsInNiIjoxfQ==
.telemedicinaeinstein.com.br/	1970-01-21 03:15:19	Name: _ga_3DSD1ER9J3 Value: GS1.1.1705159958.1.1.1705159959.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-pe.telemedicinaeinstein.com.br
cdn.jsdelivr.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
pe-icons-telemedicina-dev.telemedicinaeinstein.com.br
portalempresas-front-prd.fleury.telemedicinaeinstein.com.br
portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br
portalempresas.fleury.telemedicinaeinstein.com.br
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
content.hotjar.io
portalempresas-main-mfe-prd.fleury.telemedicinaeinstein.com.br
www.google-analytics.com
13.224.214.56
13.224.214.98
13.32.151.46
18.238.4.118
18.238.4.35
2001:4860:4802:36::178
2606:4700:4400::ac40:93bc
2606:4700:e4::ac40:a507
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::93
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1b::5e
2a04:4e42::485
52.212.115.5
52.85.151.11
03a9e5cf9258436eb1437c9b15302e91905da6fae33db1b16fa0edddad1859cb
042546ec7306269f732c8e86d304a7bb193aa7e29ebf3d31253888452684f6d3
05970b1797de024bae36367793ab49264b14dfd77a6217d7d16966acf6761b05
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9
0f4c6906e874b4d872366979c40bdb7c8359f94791ada59c949a9a5e448c6c8a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fe0a1d0440db1d043d00405be45a6494bef459ddabc0649fcefe29741978345
2074b871b5a0cf7a87e49f1e4af7080145ebebf4e674ffda31643747d223cb30
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
2bd541ff6daeec40be61af820ca7e7018b803feb51363968fa418648dff597b0
320c3d9690f0374837375f95e755c976f7e882f7b51608ab8e8b1d1cbdd48ff8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
450264e827787c64ecec8ce26f89a3b2a70dd05be5847f24313183df187d5290
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
587bbee639da5a2f097ba99b12ffd33e10a64378b29624945b8ab3a5514d5107
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
73a1cf597991d75483bf506da45edfa793f0321e167ff707958f4c0e6abc2feb
7694fbaddc13a2b1e3f47f36cdae731fd7c12eac0cd21918406f0aff93194a01
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79b0503a5407659bae14ff18a80a37ba2fe2a44f81cd40c58388e106765be4fe
7eedd74437ed292c091108cec9e3c9f69c72c59299aa7ded933b6fbdd1ff7c56
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
86d34c8ab6a1f111c1b6e269c73c72e8b634870c40b61bdc1e5515150781ca8a
8c837444f78169b4188b5ee55567470ae82ab334231b3ae83ff04b184fa0301f
95967a53ca1389d627fabff7431c3eba7a8f50eb83b20be33809e39c5ba84715
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
9bb257f30f8bdedc46fbe3e076a5a8b790abdc005f4a49ded90a58fe407d8a9e
af53c687cad86819e5b358c7320653e48ab77d10ccaaccf4eb7f25d8a7d5f1c4
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c003f5dc6998cfbe18f0b18555f0d9ee942a88afb4f0a9c7de79dbee0eb31382
c41b612cd45b4d7ebfccbfb5fd16cbf9f1cdee3b55b9bfb267e9ef5807d09d6b
d1252b23b5ba7cd633182ea88889403fbaa292ba571ff676844e75a512cbb604
d782448fe8a6210604b5a8740fbf2a74dd85e6c6daa37a6437d2da7da4be0973
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e544f6f4980018e9b53195e3ef9ebc17b038687c619ddffe9dc46fa4c2c736c4
ec248e972bef95e3cadfd1a398886ab3f1f6f0e1e434092ae8d03c610330638d
f395207d403bb3da96c1a062badcceef199ae66d51af30b09fc9f66b35869dfd
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
fbb310fb49e2f10c872f614b77641cdd3299b4e7364215eeb62a21c6f8de754d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

portalempresas.fleury.telemedicinaeinstein.com.br Open in urlscan Pro 13.224.214.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

96 %HTTPS

56 %IPv6

10 Domains

17 Subdomains

17 IPs

2 Countries

4110 kBTransfer

6334 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portalempresas.fleury.telemedicinaeinstein.com.br Open in urlscan Pro
13.224.214.56 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

96 %
HTTPS

56 %
IPv6

10
Domains

17
Subdomains

17
IPs

2
Countries

4110 kB
Transfer

6334 kB
Size

7
Cookies

68 HTTP transactions
2 data transactions