account-api.zapimoveis.com.br Open in urlscan Pro
34.237.240.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account-api.zapimoveis.com.br/
Submission: On January 13 via api (January 13th 2024, 3:29:54 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 34.237.240.60, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is account-api.zapimoveis.com.br.
TLS certificate: Issued by R3 on January 10th 2024. Valid for: 3 months.

This is the only time account-api.zapimoveis.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	34.237.240.60 34.237.240.60	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2606:4700:440... 2606:4700:4400::6812:27e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.231.225.193 54.231.225.193	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	54.173.161.206 54.173.161.206	14618 (AMAZON-AES) (AMAZON-AES)
15	5

8 34.237.240.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-240-60.compute-1.amazonaws.com

account-api.zapimoveis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::6812:27e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gzuis.grupozap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.225.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

zap-site.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.161.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-161-206.compute-1.amazonaws.com

tracking.vivareal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	zapimoveis.com.br account-api.zapimoveis.com.br	217 KB
5	grupozap.com 1 redirects gzuis.grupozap.com — Cisco Umbrella Rank: 714116	6 KB
1	vivareal.com tracking.vivareal.com — Cisco Umbrella Rank: 801291	349 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	55 KB
1	amazonaws.com zap-site.s3.amazonaws.com	179 KB
15	5

	Domain	Requested by
8	account-api.zapimoveis.com.br	account-api.zapimoveis.com.br
5	gzuis.grupozap.com	1 redirects account-api.zapimoveis.com.br gzuis.grupozap.com
1	tracking.vivareal.com	account-api.zapimoveis.com.br
1	www.googletagmanager.com	account-api.zapimoveis.com.br
1	zap-site.s3.amazonaws.com	account-api.zapimoveis.com.br
15	5

This site contains links to these domains. Also see Links.

Domain
www.grupozap.com

Subject Issuer	Validity	Valid
account-api.zapimoveis.com.br R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
grupozap.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tracking.olx.com.br Amazon RSA 2048 M03	`2023-12-06` - `2025-01-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://account-api.zapimoveis.com.br/
Frame ID: 5A1CF3A4149B27990DA528399E3D7D21
Requests: 11 HTTP requests in this frame

Frame: https://gzuis.grupozap.com/
Frame ID: C7D7CABE68434F79A2F51058203CFD46
Requests: 2 HTTP requests in this frame

Frame: https://gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: CC7C179E2481F879080D729E6678C9CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viva Real - Login

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

93 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

456 kB
Transfer

1069 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.grupozap.com/v2/terms.html
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://www.grupozap.com/v2/privacy.html
Title: Política de privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://gzuis.grupozap.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request / Show response
account-api.zapimoveis.com.br/ 2 KB
2 KB 253ms
70ms Document
text/html 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account-api.zapimoveis.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

b9a0906cf9897bba864d7ba30eb4a15bb26e84f12981b35e75a7c641206b64fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Date: Sat, 13 Jan 2024 15:29:49 GMT
Expires: 0
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=15724800
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Application-Context: account-api:copsprod:1
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 styles.css
account-api.zapimoveis.com.br/ 51 KB
6 KB 133ms
132ms Stylesheet
text/css 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account-api.zapimoveis.com.br/styles.css

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

dca61440b798a7d8f3138b266d31759d7d1ee41c6d4f730b4480d124574d3a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 15:29:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Pragma: no-cache
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 app.js Show response
account-api.zapimoveis.com.br/ 544 KB
176 KB 188ms
65ms Script
application/javascript 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account-api.zapimoveis.com.br/app.js

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

78782c10e981aee291d567787bb49cef17bc926c0355dd92305ba2ca8f4e8d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 15:29:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15724800
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Pragma: no-cache
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: 0

GET
H2 200 / Show response
gzuis.grupozap.com/ Frame C7D7 1 KB
1 KB 158ms
49ms Document
text/html 2606:4700:4400::6812:27e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzuis.grupozap.com/
Requested by: Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fdcc9f0b5972903f890b812a498edcff8d0500928f57e0f78a2cbbba805e09

Request headers

Referer: https://account-api.zapimoveis.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 348
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 844ead4b695867cf-MIA
content-encoding: br
content-type: text/html
date: Sat, 13 Jan 2024 15:29:49 GMT
expires: Sat, 13 Jan 2024 19:29:49 GMT
last-modified: Fri, 25 Aug 2023 17:29:43 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 20f0da216a3d7d69d6c7e3cec1f1788e.cloudfront.net (CloudFront)
x-amz-cf-id: Ya8UU8hsqthrNLtihenBbTsd3Ar_aDyU3FfEIFxDRWDqLQlecec1TA==
x-amz-cf-pop: MIA3-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H2 200 main.js Show response
gzuis.grupozap.com/ Frame C7D7 2 KB
981 B 47ms
46ms Script
text/javascript 2606:4700:4400::6812:27e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzuis.grupozap.com/main.js
Requested by: Host: gzuis.grupozap.com
URL: https://gzuis.grupozap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597823ba6d598915364a69d043c9c85eae4ecf37b1fee71a8ae60e57a93f5a92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gzuis.grupozap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:29:49 GMT
via: 1.1 8bacdd433d05837a260a848dd8b0eccc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: MIA3-P5
age: 6453
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 17:29:43 GMT
server: cloudflare
etag: W/"6654899a7c34d8d626cfe275e9e5dcc3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-ray: 844ead4bb9dd67cf-MIA
x-amz-cf-id: 5ajBpwlThqPuRjBH6lYHpgcuEfUYU0RqiAO7l8sBKK-fNJeRFs-ETA==
expires: Sat, 13 Jan 2024 19:29:49 GMT

GET
H3

200

main.js Show response
gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame CC7C
Redirect Chain

https://gzuis.grupozap.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

48ms
47ms

Script
application/javascript

2606:4700:4400::6812:27e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/

Protocol

Server

2606:4700:4400::6812:27e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b762f03b79db720e40687460ec0e8b6d6d731e1b5c5bd7d8d183ee794fff0239

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 844ead4c5e8b8dcd-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 13 Jan 2024 15:29:49 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 844ead4c1a3c67cf-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 844ead4b695867cf Show response
gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CC7C 0
313 B 58ms
57ms XHR
text/plain 2606:4700:4400::6812:27e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gzuis.grupozap.com/cdn-cgi/challenge-platform/h/b/jsd/r/844ead4b695867cf
Requested by: Host: gzuis.grupozap.com
URL: https://gzuis.grupozap.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:27e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 15:29:49 GMT
content-encoding: br
server: cloudflare
cf-ray: 844ead4d987e8dcd-MIA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK prebid7.28.0.js Show response
zap-site.s3.amazonaws.com/ 178 KB
179 KB 230ms
90ms Script
application/javascript 54.231.225.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zap-site.s3.amazonaws.com/prebid7.28.0.js
Requested by: Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.225.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ebcd4461674c46e4cad1a6e93c5920abb8ecec91117f7cfb1c71a1c351471210

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 15:29:50 GMT
x-amz-version-id: EK.j9zmeO07Fh7UnO0nVhUqMFZGZzFFj
Last-Modified: Mon, 03 Jul 2023 15:19:59 GMT
Server: AmazonS3
x-amz-request-id: GCM26ATAVSWBHS27
ETag: "11c0e94059a10c6b0cdede313338abe8"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 182591
x-amz-id-2: FvQd2e60gY3j8hIruf6ZtO5t/9iqe5mf+oZ3jdF6CQJYGoyad3Nq162ORcChkb5h5Cq9wRvA7Tw=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
55 KB 235ms
98ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRGML4R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2261277998e64e8179dcbde995966c2a3e88823a28e12e9ae6aeccfda8eb37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 15:29:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55412
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 15:29:49 GMT

GET
H/1.1 200 logo-vivareal.svg
account-api.zapimoveis.com.br/static/images/ 7 KB
8 KB 167ms
167ms Image
image/svg+xml 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-api.zapimoveis.com.br/static/images/logo-vivareal.svg

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/vivareal/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

b927efa27af6ba72a19a33aaa74e12439832868cd94ae6e4e8145c5d9325bb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/vivareal/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 15:29:49 GMT
Strict-Transport-Security: max-age=15724800
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7634
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Expires: 0

GET
H/1.1 200 facebook.svg
account-api.zapimoveis.com.br/static/images/ 1 KB
2 KB 167ms
166ms Image
image/svg+xml 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-api.zapimoveis.com.br/static/images/facebook.svg

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

5a55adeebef83c09fc1c4000ce7059da9c8c67f4b44fc4e22b32e551648afd23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 15:29:49 GMT
Strict-Transport-Security: max-age=15724800
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1255
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Expires: 0

GET
H/1.1 200 google.svg
account-api.zapimoveis.com.br/static/images/ 2 KB
3 KB 191ms
65ms Image
image/svg+xml 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account-api.zapimoveis.com.br/static/images/google.svg

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

befb8dd5c7828ed6c62bd8e1503655b5b513e570f80e8d6cd3cf178fdb923bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://account-api.zapimoveis.com.br/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 15:29:49 GMT
Strict-Transport-Security: max-age=15724800
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2164
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Expires: 0

GET
H/1.1 200 Open_Sans_400.woff2
account-api.zapimoveis.com.br/static/fonts/ 10 KB
11 KB 186ms
65ms Font
application/font-woff2 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account-api.zapimoveis.com.br/static/fonts/Open_Sans_400.woff2

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account-api.zapimoveis.com.br/styles.css
Origin: https://account-api.zapimoveis.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 15:29:49 GMT
Strict-Transport-Security: max-age=15724800
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 10352
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Pragma: no-cache
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
Vary: Origin
X-Frame-Options: DENY
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://account-api.zapimoveis.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 Open_Sans_600.woff2
account-api.zapimoveis.com.br/static/fonts/ 10 KB
11 KB 188ms
64ms Font
application/font-woff2 34.237.240.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://account-api.zapimoveis.com.br/static/fonts/Open_Sans_600.woff2

Requested by

Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-240-60.compute-1.amazonaws.com

Software

Resource Hash

417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account-api.zapimoveis.com.br/styles.css
Origin: https://account-api.zapimoveis.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 15:29:49 GMT
Strict-Transport-Security: max-age=15724800
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 10328
X-XSS-Protection: 1; mode=block
X-Application-Context: account-api:copsprod:1
Pragma: no-cache
Last-Modified: Thu, 11 Jan 2024 13:03:40 GMT
Vary: Origin
X-Frame-Options: DENY
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://account-api.zapimoveis.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: 0

POST
H2 202 v2 Show response
tracking.vivareal.com/events/ 0
349 B 216ms
59ms XHR
text/html 54.173.161.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.vivareal.com/events/v2
Requested by: Host: account-api.zapimoveis.com.br
URL: https://account-api.zapimoveis.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.173.161.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-161-206.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account-api.zapimoveis.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://account-api.zapimoveis.com.br
date: Sat, 13 Jan 2024 15:29:50 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html;charset=utf-8

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.grupozap.com/	1970-01-20 17:39:21	Name: __cf_bm Value: jnvIs9rxgMQ8IcXDRiHTsHu0clEzhce1b1koGg.dRzk-1705159789-1-AetUhMA43PuIOk956sJ3+WJ6iIdEZDEHLf/G3XNrDPLKfV5n45xdXLh/6Vf3VIp74GO/rcO67hIF/zyu0pKg0fs=
.grupozap.com/	1969-12-31 23:59:59	Name: _cfuvid Value: dKxKDJxy_fEw.GqFmDDW3PYliqnV8ESOrlxIBZHB.0k-1705159789358-0-604800000
gzuis.grupozap.com/	1969-12-31 23:59:59	Name: GZUID Value: NTk1Mzg4ODUyMTk5MDAyMzMxNzA1MTU5Nzg5NDI5MTcwNQ==
.grupozap.com/	1970-01-21 02:24:55	Name: cf_clearance Value: nfs0Jrf_wsAEUgNC355UrTMYjepPZAUkUq7MgYNGKT8-1705159789-1-AbZn1P3J64cjxBvT8TcSofqU2QuxiM89/LAVOZLHtV6DNwcZh7KMbjxYBHDPoAA9/UMXJRUbBRlUFNixYeSjE5w=
.zapimoveis.com.br/	1970-01-20 19:48:55	Name: _xdvc Value: clrc842b700003c71fpxiycyy
.zapimoveis.com.br/	1970-01-20 19:48:55	Name: _xcf Value: 1
.zapimoveis.com.br/	1970-01-20 19:48:55	Name: new_vivareal_user_id_generation_date Value: Sat%20Jan%2013%202024%2005:29:49%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)
.zapimoveis.com.br/	1970-01-20 19:48:55	Name: z_user_id Value: clrc842bc00013c71mrhd89mf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-api.zapimoveis.com.br
gzuis.grupozap.com
tracking.vivareal.com
www.googletagmanager.com
zap-site.s3.amazonaws.com
2606:4700:4400::6812:27e4
2607:f8b0:4006:821::2008
34.237.240.60
54.173.161.206
54.231.225.193
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
45fdcc9f0b5972903f890b812a498edcff8d0500928f57e0f78a2cbbba805e09
597823ba6d598915364a69d043c9c85eae4ecf37b1fee71a8ae60e57a93f5a92
5a55adeebef83c09fc1c4000ce7059da9c8c67f4b44fc4e22b32e551648afd23
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
78782c10e981aee291d567787bb49cef17bc926c0355dd92305ba2ca8f4e8d1b
b2261277998e64e8179dcbde995966c2a3e88823a28e12e9ae6aeccfda8eb37d
b762f03b79db720e40687460ec0e8b6d6d731e1b5c5bd7d8d183ee794fff0239
b927efa27af6ba72a19a33aaa74e12439832868cd94ae6e4e8145c5d9325bb84
b9a0906cf9897bba864d7ba30eb4a15bb26e84f12981b35e75a7c641206b64fc
befb8dd5c7828ed6c62bd8e1503655b5b513e570f80e8d6cd3cf178fdb923bff
dca61440b798a7d8f3138b266d31759d7d1ee41c6d4f730b4480d124574d3a81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcd4461674c46e4cad1a6e93c5920abb8ecec91117f7cfb1c71a1c351471210

account-api.zapimoveis.com.br Open in urlscan Pro 34.237.240.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

1 Countries

456 kBTransfer

1069 kBSize

8 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

account-api.zapimoveis.com.br Open in urlscan Pro
34.237.240.60 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

456 kB
Transfer

1069 kB
Size

8
Cookies

15 HTTP transactions
0 data transactions