urlscan.io logo urlscan.io
SecurityTrails logo

admin-areadocliente.pre-prod.planosempre.com.br Open in urlscan Pro
44.202.41.155  Public Scan

Go To Rescan Add Verdict Report
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 09 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 29 HTTP transactions. The main IP is 44.202.41.155, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin-areadocliente.pre-prod.planosempre.com.br.
TLS certificate: Issued by E6 on November 9th 2024. Valid for: 3 months.
This is the only time admin-areadocliente.pre-prod.planosempre.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 44.202.41.155 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.67.70.191 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
3 4.153.72.49 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
6 177.69.6.74 16735 (ALGAR TEL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
29 8
11    44.202.41.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-41-155.compute-1.amazonaws.com
admin-areadocliente.pre-prod.planosempre.com.br
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    172.67.70.191 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.goadopt.io
disclaimer-api.goadopt.io
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
6    177.69.6.74 (Belo Horizonte, Brazil)

ASN16735 (ALGAR TELECOM SA, BR)
PTR: 177-069-006-074.static.ctbctelecom.com.br
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br
1    2606:4700:20::681a:ccc (United States)

ASN13335 (CLOUDFLARENET, US)
api.iconify.design
Apex Domain
Subdomains		 Transfer
17 planosempre.com.br
admin-areadocliente.pre-prod.planosempre.com.br
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br
3 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
i.clarity.ms — Cisco Umbrella Rank: 15648
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
4 goadopt.io
tag.goadopt.io — Cisco Umbrella Rank: 123467
disclaimer-api.goadopt.io — Cisco Umbrella Rank: 142811
219 KB
1 iconify.design
api.iconify.design — Cisco Umbrella Rank: 12736
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
772 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1004 B
29 6
Domain Requested by
11 admin-areadocliente.pre-prod.planosempre.com.br admin-areadocliente.pre-prod.planosempre.com.br
6 api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br admin-areadocliente.pre-prod.planosempre.com.br
3 disclaimer-api.goadopt.io admin-areadocliente.pre-prod.planosempre.com.br
3 i.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms admin-areadocliente.pre-prod.planosempre.com.br
www.clarity.ms
1 api.iconify.design admin-areadocliente.pre-prod.planosempre.com.br
1 c.bing.com 1 redirects
1 tag.goadopt.io admin-areadocliente.pre-prod.planosempre.com.br
1 fonts.googleapis.com admin-areadocliente.pre-prod.planosempre.com.br
29 10

This site contains links to these domains. Also see Links.

Domain
goadopt.io
hub.goadopt.io
dash.goadopt.io
Subject Issuer Validity Valid
admin-areadocliente.pre-prod.planosempre.com.br
E6		 2024-11-09 -
2025-02-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
goadopt.io
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br
E5		 2024-10-17 -
2025-01-15		 3 months crt.sh
iconify.design
WE1		 2024-10-10 -
2025-01-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://admin-areadocliente.pre-prod.planosempre.com.br/
Frame ID: 1E46A66CCF1A74A3A4A616A727E85C5D
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sempre - Portal admin

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

97 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

8
IPs

4
Countries

3659 kB
Transfer

4916 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&RedC=c.clarity.ms&MXFR=08CB619B460B6A3B3AF374A9420B64B3 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&MUID=2AEB2F20340F625225B33A1235A163EB

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
admin-areadocliente.pre-prod.planosempre.com.br/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
6f2a890e63c53d4828c253c1b0192190a78b665e5bb8778eac5be0b82d94ae48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length
1510
content-type
text/html
date
Sat, 09 Nov 2024 18:39:53 GMT
etag
"2af15853e88fa8bd311316c8a61a32f9"
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
Gj8DZfyXpUCWZavl5aZj57DnP8eOC0avJYkeToxJ0aG2rdzfqIKH4AU1JKnkIciWiLSxwNEhGgk=
x-amz-request-id
2G0TZDTM1G8AD148
x-amz-version-id
_ZomdTgvZg8oWtMlnb.sPfFO1w0yseSK
x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
css2
fonts.googleapis.com/ 		5 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Public+Sans:wght@400;500;600;700&display=swap
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b4e96d7f810a9384d96d413c1fc5ed032eb7db19fd45483bd36bd605daf813f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 18:39:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 18:39:53 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 09 Nov 2024 18:00:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index.css
admin-areadocliente.pre-prod.planosempre.com.br/fonts/ 		494 B
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/fonts/index.css
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
d53edfdffc17c6a894fb75ca02a17e7fd00e62290de25fd3306c41679c16bd8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
Fx46_w_9YW61BBVUBmudBfiCDtgafhyp
etag
"8711e169f3dc54f34d839f18d7acef21"
x-amz-request-id
2G0X60B0QZ5C6TGZ
content-length
494
date
Sat, 09 Nov 2024 18:39:53 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
G/iDoaHkV+Du/cKKjAt0VYIcImvuLuOzOkhoqWHQcZAtpRXQWFUyjrdS06Ya3SMtXWAVAzdgGhg=
injector.js
tag.goadopt.io/ 		428 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.goadopt.io/injector.js?website_code=bb875347-3324-4a34-9e6f-cb5187499a39
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b81b496a05de5b51fb0eb0213a2fc65ef9c33062da6f67bdc954f0122b068d90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKR2Avy6888HrbGjCOOxCGNK3pdriOe85FdvjYERNbk9MdcmlLK56KvjOTTf7SP%2FT3QGrpRIWRBAgGkVS7ON2hWeUOs8PNlvd7CCh%2B7ly2CHEtqQDR3kt2XHs93yJ1ku"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=117551&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4267&recv_bytes=4450&delivery_rate=197&cwnd=12000&unsent_bytes=0&cid=0441a1148123b119&ts=799&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:39:54 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
last-modified
Sat, 09 Nov 2024 18:39:54 GMT
priority
u=1,i=?0
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
request-context
appId=cid-v1:
cf-ray
8dffed99efb41681-MRS
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
main.da013444.js
admin-areadocliente.pre-prod.planosempre.com.br/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
ed1db5498db331ecb417623c03e9eb227bf0faaae9be7a513519caa525555e57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
G_PMGDg2jp856XZ47b_BOuHvoJYhfH46
etag
"5869119f77cbc10c0bf17c829d8c7b6a"
x-amz-request-id
MZ2XM8CY4H8P1FWX
content-length
3282548
date
Sat, 09 Nov 2024 18:39:54 GMT
content-type
text/javascript
last-modified
Thu, 31 Oct 2024 17:44:09 GMT
server
openresty
x-amz-id-2
pH4VNAv0UMmayxbvZc/uNo7GbOG7gJ/EoadwJpCLh/wVA5uxWPDZsipT1ZI6fpGICnyIER2YgYg=
main.c5e6826e.css
admin-areadocliente.pre-prod.planosempre.com.br/static/css/ 		103 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/static/css/main.c5e6826e.css
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
3b223e5f2014fd3d2c4a68ca76ab81d4182215c4463a624db90009c5a40d679b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
Iwd9F1b7YT82yWIVP7bEew6.vqYHQIDl
etag
"c669f02ec09e2e77f12b035922ded8f1"
x-amz-request-id
2G0SSG7X8T6SFA75
content-length
105824
date
Sat, 09 Nov 2024 18:39:53 GMT
content-type
text/css
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
AxF9edfr5J4Wjxa0Wg9way653BQt0jcf6wd6lKj5oDMI9kQvWHgCYuVikOx59BikZPc4TCBtGvArOHcvDSl5hOgnFBebaQRXXzaVC13/m60=
fc8390yxxs
www.clarity.ms/tag/ 		707 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fc8390yxxs
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3081ead42453920ff77b48ad014a7d04722709171e999500d382cb7e4b7852e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
707
date
Sat, 09 Nov 2024 18:39:55 GMT
content-type
application/x-javascript
x-azure-ref
20241109T183955Z-17b78558cc555nzfhC1MILtxs800000001b0000000002hzs
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fc8390yxxs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-azure-ref
20241109T183955Z-17b78558cc555nzfhC1MILtxs800000001b0000000002k02
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
1789ecf8-001e-0079-6678-2fd2ff000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 09 Nov 2024 18:39:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
collect
i.clarity.ms/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Date
Sat, 09 Nov 2024 18:39:56 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
vendor-list.json
disclaimer-api.goadopt.io/api/iab/ 		640 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disclaimer-api.goadopt.io/api/iab/vendor-list.json
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dbf347498202482e63947e41568bd79274ac9d6758a04af883d70f3d9b71662d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

access-control-max-age
5
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a0024-5fCUCTRs+Gj74XWqZlysxnebqYY"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AabucPY3rp%2FgQvZ5lcezEcNo8Sqh2mA8MVGZYVhPYkAupBrlEFOEWtEECRUymRAqbvpCXEmVsc%2BafkVQJS%2BHVoieP6TjftdeQLyitLAwgE4yHXrZHPpYWPt8DLEYMN8hA8sXnzcHxnLcIJE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=43680&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4241&recv_bytes=4473&delivery_rate=454&cwnd=12000&unsent_bytes=0&cid=9609a9e32dea4236&ts=926&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:40:17 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
priority
u=1,i
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
request-context
appId=cid-v1:
cf-ray
8dffee2918a1e219-MRS
access-control-allow-origin
https://admin-areadocliente.pre-prod.planosempre.com.br
x-powered-by
Express
server
cloudflare
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&RedC=c.clarity.ms&MXFR=08CB619B460B6A3B3AF374A9420B64B3
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&MUID=2AEB2F20340F625225B33A1235A163EB
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&MUID=2AEB2F20340F625225B33A1235A163EB
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Sat, 09 Nov 2024 18:40:17 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E9EAE28AE7DD4852A1772C04DAC8D2C1&MUID=2AEB2F20340F625225B33A1235A163EB
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3E82CD69E25A49A48CA01CA5FDADD6C6 Ref B: BCN30EDGE0510 Ref C: 2024-11-09T18:40:17Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Sat, 09 Nov 2024 18:40:17 GMT
x-powered-by
ASP.NET
562.e1e45f55.chunk.js
admin-areadocliente.pre-prod.planosempre.com.br/static/js/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/562.e1e45f55.chunk.js
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
12b7780ea015aca184934e95ea424bb434cfcbebd5c9eb37339f24228a528a13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
vBTigmhb3hfzjsvc8ari6I2eLEdTNfYP
etag
"a71c5cc47b8fd2f00a1270870a43484a"
x-amz-request-id
AMK7SA82NF4D1WYK
content-length
38536
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
text/javascript
last-modified
Thu, 31 Oct 2024 17:44:09 GMT
server
openresty
x-amz-id-2
FMYMmpFg6Pdl2x9RoEwrQJAG1/Y4oLHhZ02845VIyS+yfaMnC7T8UJdj5uGzQpK3LlG6SjS9krE=
705.5231e57f.chunk.js
admin-areadocliente.pre-prod.planosempre.com.br/static/js/ 		160 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/705.5231e57f.chunk.js
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
3fdd59b0aa82943f0dc27111e3007895c9c33afcf200e37a99c51663807926b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
AdERyY3mRzyR0v9aet2.10aKQiJQn3SA
etag
"f2796a2e9f1c111c1700512d520ce25a"
x-amz-request-id
AMK0K01H2V61P0JM
content-length
160
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
text/javascript
last-modified
Thu, 31 Oct 2024 17:44:09 GMT
server
openresty
x-amz-id-2
GFLlic6RBbUqycf7ysVzPxtuhg2cqLyF8v/gptLdDdHVztM1W06Bg3A8BajaizyLr0pAlWeTbWuxAKynCaO2HFcGfuss5V04L+aTM3cNjrs=
categories
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/faq/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/faq/categories?filter=&search=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:17 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
get-sms-logs
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/get-sms-logs?page=0&size=10&phone=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:17 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
employees
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/employees?search=&filter=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:17 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
list
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/leads/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/leads/list?filter=&search=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:17 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
employees
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/employees?search=&filter=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:18 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
admin
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/ 		69 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin?search=&city=&state=&initial_range=&final_range=
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
177.69.6.74 Belo Horizonte, Brazil, ASN16735 (ALGAR TELECOM SA, BR),
Reverse DNS
177-069-006-074.static.ctbctelecom.com.br
Software
openresty / Express
Resource Hash
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Strict-Transport-Security
max-age=63072000; preload
ETag
W/"45-T7Txzr/IRLfQ4TEPfbVWLpgje4Q"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Content-Length
69
Date
Sat, 09 Nov 2024 18:40:17 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Server
openresty
Vary
Origin
logo_sempre.svg
admin-areadocliente.pre-prod.planosempre.com.br/logo/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/logo/logo_sempre.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
8982812e6224f6e14e25dab95fd79b66bb818ebd62ea900df49963c6bf3dce07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
Cn2SIA_TriZkPY5SQ4bHzibGmeNbkU.0
etag
"f8b60c6de0f84df8c63133a6df82e94f"
x-amz-request-id
AMKAS77SQ8KW6EDR
content-length
6532
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
image/svg+xml
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
ffrq+NAvBFaeejUjqJ/o3RHyenlhj1aY52SUTV6QGDwoPZ+NoCrnhSfk+mFvkqca7CepfIHPIb8=
marca-sempre-conceito_Prancheta.png
admin-areadocliente.pre-prod.planosempre.com.br/logo/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/logo/marca-sempre-conceito_Prancheta.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
c16727c28d8420f9f1cd0cf522786067c87e4663d4fb83e7840f91597fb29a4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
1GyWJZZYVKIchjVi0wYs_umYZ66L7SrU
etag
"ea7c2cce14efe02f4bb53eed51c4764d"
x-amz-request-id
AMK7VTWAQKEV621C
content-length
37404
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
image/png
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
XFiMsLbIluakfWWV/6dM4pGCiIR8Pda/88/tAg+dLi1vVWl5YWoUs8gxfzUPOzt7vyEbzOuALDI=
logo_sempre.png
admin-areadocliente.pre-prod.planosempre.com.br/logo/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/logo/logo_sempre.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
aeefd2d80518979db9d323d840573af06f8a153ec1d749585f60488e0d7a72ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
bMvYIl6pBeoa9gHpHgeOvP4NWwaBc5Pj
etag
"51b5216e654010e50e14ea9ae4f1555f"
x-amz-request-id
AMK06C34M9TJ68FG
content-length
6719
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
image/png
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
rELJz4AhWR7xH6+zFER1uOMca2C4zhnmtsLr2tOg4aNcuxf1Ub4YyDylFvfrgCQm9lYahFbhTZk=
Banner_PortalCliente_Sempre.png
admin-areadocliente.pre-prod.planosempre.com.br/assets/illustrations/ 		372 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/assets/illustrations/Banner_PortalCliente_Sempre.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
qYUBeiks.I1hxIgh5uHLuX97UgBG.zCn
etag
"abc907cfa760ab6ead9022cac347bccc"
x-amz-request-id
AMKAE2JS4AW3NZY9
content-length
879485
date
Sat, 09 Nov 2024 18:40:17 GMT
content-type
image/png
last-modified
Thu, 31 Oct 2024 17:44:07 GMT
server
openresty
x-amz-id-2
t3isedUnfhvzCo1dycLDxolpcahrrTHRZ58pu124FTiEP+KPzMuUzNhO6xIZFFs/OnBQvVVuwQ8=
eva.json
api.iconify.design/ 		762 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.iconify.design/eva.json?icons=eye-off-fill
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/static/js/main.da013444.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e7c584bb2d2c4fbc2b49a23d52260e3ffe92d66daab1f1c70cd3f7b765f5ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

access-control-max-age
86400
cache-control
public, max-age=604800, min-refresh=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
cross-origin-resource-policy
cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrvmLgqLF7mQ2KPaK6H3S7xOYrvv6mzcdyqmTzXAxfTqk6ZkObISQiKj9sf3aHTIqJqsYFlcEa7T6Gw8MIvoI9g8mXUC%2BL5Yd9u3GxIjsAmd9IeSYQlt8%2FFg7g0FEnHZlV9ilCBhefhIy34QbKueqA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8dffee2a1e17be63-ZRH
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=35840&sent=6&recv=12&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2265&delivery_rate=103407&cwnd=253&unsent_bytes=0&cid=e91ecde9f3112a57&ts=131&x=0"
date
Sat, 09 Nov 2024 18:40:17 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
logo_sempre.png
admin-areadocliente.pre-prod.planosempre.com.br/logo/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://admin-areadocliente.pre-prod.planosempre.com.br/logo/logo_sempre.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.202.41.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-202-41-155.compute-1.amazonaws.com
Software
openresty /
Resource Hash
aeefd2d80518979db9d323d840573af06f8a153ec1d749585f60488e0d7a72ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

x-served-by
admin-areadocliente.pre-prod.planosempre.com.br
x-amz-version-id
bMvYIl6pBeoa9gHpHgeOvP4NWwaBc5Pj
etag
"51b5216e654010e50e14ea9ae4f1555f"
x-amz-request-id
AMK06C34M9TJ68FG
content-length
6719
date
Sat, 09 Nov 2024 18:40:16 GMT
content-type
image/png
last-modified
Thu, 31 Oct 2024 17:44:08 GMT
server
openresty
x-amz-id-2
rELJz4AhWR7xH6+zFER1uOMca2C4zhnmtsLr2tOg4aNcuxf1Ub4YyDylFvfrgCQm9lYahFbhTZk=
collect
i.clarity.ms/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Date
Sat, 09 Nov 2024 18:40:18 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
get-consent
disclaimer-api.goadopt.io/api/tag/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://disclaimer-api.goadopt.io/api/tag/get-consent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://admin-areadocliente.pre-prod.planosempre.com.br
access-control-max-age
5
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dffee2f9bfbe219-MRS
content-length
0
date
Sat, 09 Nov 2024 18:40:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FjMjCHiF5mYt3lFb36nt35o6XOKGt9LQNNqkeO0i8t2Huf6R3oRaSizP6ZEyRaRGi0bmhbixpf8GxBhiEb%2BWffoxpq5yw2gMks1n1boNDxCNyZtLcUvloJHZN%2BQgAFr3WJN4pYGOS19oZLA%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=43616&sent=82&recv=45&lost=0&retrans=0&sent_bytes=86894&recv_bytes=6325&delivery_rate=1055921&cwnd=48000&unsent_bytes=0&cid=9609a9e32dea4236&ts=1310&x=1" cfExtPri cfHdrFlush;dur=0
vary
Origin
x-powered-by
Express
get-consent
disclaimer-api.goadopt.io/api/tag/ 		200 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by
Host: admin-areadocliente.pre-prod.planosempre.com.br
URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8d263037135a8702de29b26c94d728c74657d99e028292197d55f4ea29c12fae

Request headers

Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

access-control-max-age
5
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"c8-TdxpO49Q063332Qu2C2VxdJR+NQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJ3D02ZCb1k%2BmeL5XP43QzhO4sheOTkney3oiCsI2J%2Bdkl6mTH3WFWv9MIagek9QgJNJw5CAifLQIFppXreBbzxpX8qYpKydGoeUVS55cqyClfTVZ1Txz9GaNbZF0BbS8E9QVNSgSv9StTc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38398&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4306&recv_bytes=4753&delivery_rate=469&cwnd=12000&unsent_bytes=0&cid=b6c66b07bf7e0ffb&ts=483&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:40:18 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
priority
u=1,i
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
request-context
appId=cid-v1:
cf-ray
8dffee317cef83a2-MXP
access-control-allow-origin
https://admin-areadocliente.pre-prod.planosempre.com.br
x-powered-by
Express
server
cloudflare
collect
i.clarity.ms/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://admin-areadocliente.pre-prod.planosempre.com.br/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://admin-areadocliente.pre-prod.planosempre.com.br
Date
Sat, 09 Nov 2024 18:40:20 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity object| webpackChunkVilaPortalAdmin object| hljs object| regeneratorRuntime function| imageCompressor string| disclaimerStatus function| sendAdoptCommand function| __tcfapi object| acceptedTags object| dataLayer

13 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 24a77d39428849d1835824ef099ec8e1.20241109.20251109
.planosempre.com.br/ Name: _clck
Value: ewjr34%7C2%7Cfqq%7C0%7C1774
.planosempre.com.br/ Name: _clsk
Value: 12wzj6i%7C1731177596677%7C1%7C1%7Ci.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 2AEB2F20340F625225B33A1235A163EB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2AEB2F20340F625225B33A1235A163EB
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2AEB2F20340F625225B33A1235A163EB
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.goadopt.io/ Name: AdoptVisitorIdTP
Value: c8fa2672-aa26-4925-b7a8-7a5c6e6469a5
.planosempre.com.br/ Name: AdoptConsent
Value: N4Ig7gpgRgzglgFwgSQCIgFwilAHAdgFYBmAFnwFpjiAmUi0gQzIoE4IA2AMwoGMpCARgKlWrZqxAAaEADc48BAHsATsgAmmEL1xdGNDvhoVG+jg1Y1CFKPka4Kdwrw6dSHcYWkglABwTIAHYAKowA5jCYANoAujJ+CADyAK4IoRHRcdpKgTAQgQGaWABeqAAKpADCuN4QsvlpAJ6+EFpguFBwABLFEABy3rw5eQUAahAq8DmYAAwyyb7qjEjqAIIIWjQzdBSCghQzrMHCGKQzGMIAdBw0NABaIAC+QA
.planosempre.com.br/ Name: AdoptVisitorId
Value: MYDgZghgTAbA7FAtBaNEBYCcUCsiBGcEIiROwMApjOjJhDkA

7 Console Messages

Source Level URL
Text
recommendation verbose URL: https://admin-areadocliente.pre-prod.planosempre.com.br/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin?search=&city=&state=&initial_range=&final_range=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/faq/categories?filter=&search=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/leads/list?filter=&search=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/get-sms-logs?page=0&size=10&phone=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/employees?search=&filter=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br/admin/employees?search=&filter=
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin-areadocliente.pre-prod.planosempre.com.br
api-pre-prod-f6umeu97gqvftpvprqswpzylomfe3jcc.planosempre.com.br
api.iconify.design
c.bing.com
c.clarity.ms
disclaimer-api.goadopt.io
fonts.googleapis.com
i.clarity.ms
tag.goadopt.io
www.clarity.ms
13.74.129.1
172.67.70.191
177.69.6.74
204.79.197.237
2606:4700:20::681a:ccc
2620:1ec:bdf::45
2a00:1450:4001:829::200a
4.153.72.49
44.202.41.155
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
12b7780ea015aca184934e95ea424bb434cfcbebd5c9eb37339f24228a528a13
15e7c584bb2d2c4fbc2b49a23d52260e3ffe92d66daab1f1c70cd3f7b765f5ba
2b4e96d7f810a9384d96d413c1fc5ed032eb7db19fd45483bd36bd605daf813f
3081ead42453920ff77b48ad014a7d04722709171e999500d382cb7e4b7852e2
3b223e5f2014fd3d2c4a68ca76ab81d4182215c4463a624db90009c5a40d679b
3fdd59b0aa82943f0dc27111e3007895c9c33afcf200e37a99c51663807926b3
6f2a890e63c53d4828c253c1b0192190a78b665e5bb8778eac5be0b82d94ae48
8982812e6224f6e14e25dab95fd79b66bb818ebd62ea900df49963c6bf3dce07
8d263037135a8702de29b26c94d728c74657d99e028292197d55f4ea29c12fae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a9e402cdb5db5c28adb6a0a314996749bad3563a18ba0b77a23d220a713ef326
aeefd2d80518979db9d323d840573af06f8a153ec1d749585f60488e0d7a72ad
b81b496a05de5b51fb0eb0213a2fc65ef9c33062da6f67bdc954f0122b068d90
c16727c28d8420f9f1cd0cf522786067c87e4663d4fb83e7840f91597fb29a4d
d53edfdffc17c6a894fb75ca02a17e7fd00e62290de25fd3306c41679c16bd8f
dbf347498202482e63947e41568bd79274ac9d6758a04af883d70f3d9b71662d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1db5498db331ecb417623c03e9eb227bf0faaae9be7a513519caa525555e57