urlscan.io logo urlscan.io
SecurityTrails logo

cotarsimularsaude.com.br Open in urlscan Pro
134.119.213.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Submission: On August 08 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 28 HTTP transactions. The main IP is 134.119.213.86, located in Strasbourg, France and belongs to VELIANET-AS velia.net Internetdienste GmbH, DE. The main domain is cotarsimularsaude.com.br.
TLS certificate: Issued by R10 on June 20th 2024. Valid for: 3 months.
This is the only time cotarsimularsaude.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 134.119.213.86 29066 (VELIANET-...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 1 2400:52e0:1e0... 60068 (CDN77 _)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 172.67.139.119 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
2 34.151.213.219 396982 (GOOGLE-CL...)
28 12
9    134.119.213.86 (Strasbourg, France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: mail.simularconvenio.com.br
cotarsimularsaude.com.br
buscaplanosnet.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)
cdn.rawgit.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6812:133e (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2606:4700:20::ac43:4b3d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.leadster.com.br
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700:20::681a:bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
app.leadster.com.br
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    34.151.213.219 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.213.151.34.bc.googleusercontent.com
leadster.com.br
Apex Domain
Subdomains		 Transfer
7 cotarsimularsaude.com.br
cotarsimularsaude.com.br
383 KB
6 leadster.com.br
cdn.leadster.com.br — Cisco Umbrella Rank: 722729
app.leadster.com.br — Cisco Umbrella Rank: 679218
leadster.com.br — Cisco Umbrella Rank: 556873
154 KB
4 gstatic.com
fonts.gstatic.com
96 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
109 KB
2 buscaplanosnet.com
buscaplanosnet.com
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
101 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
2 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 21759
869 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
27 KB
28 10
Domain Requested by
7 cotarsimularsaude.com.br cotarsimularsaude.com.br
4 fonts.gstatic.com buscaplanosnet.com
3 app.leadster.com.br cdn.leadster.com.br
3 ka-f.fontawesome.com kit.fontawesome.com
cotarsimularsaude.com.br
2 leadster.com.br
2 buscaplanosnet.com cotarsimularsaude.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com cdn.leadster.com.br
1 cdn.leadster.com.br cotarsimularsaude.com.br
1 kit.fontawesome.com cotarsimularsaude.com.br
1 cdn.jsdelivr.net cotarsimularsaude.com.br
1 cdn.rawgit.com 1 redirects
1 cdnjs.cloudflare.com cotarsimularsaude.com.br
28 13

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
Subject Issuer Validity Valid
cotarsimularsaude.com.br
R10		 2024-06-20 -
2024-09-18		 3 months crt.sh
buscaplanosnet.com
R10		 2024-06-08 -
2024-09-06		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
leadster.com.br
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Frame ID: CC397C94C316AFDB7A8543EB6B529836
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Busca Planos - Cotação Porto Seguro

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

28
Requests

93 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

875 kB
Transfer

1674 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn.rawgit.com/lagden/vanilla-masker/lagden/build/vanilla-masker.min.js HTTP 301
  • https://cdn.jsdelivr.net/gh/lagden/vanilla-masker@lagden/build/vanilla-masker.min.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cotarsimularsaude.com.br/portoseguro/cotacao/ 		16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
ca9c9dcd41a3f890db12c77921db3d1660f84d8f867f8c4202d27241cead516b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
16853
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Aug 2024 19:08:45 GMT
ETag
"41d5-61987041f5b58"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 28 May 2024 17:32:20 GMT
Server
Apache
4d95740d6e.js
cotarsimularsaude.com.br/portoseguro/teste02/kit.fontawesome.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cotarsimularsaude.com.br/portoseguro/teste02/kit.fontawesome.com/4d95740d6e.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
251
Content-Type
text/html; charset=iso-8859-1
main.min.css
cotarsimularsaude.com.br/portoseguro/cotacao/assets/lpsaude/styles/ 		57 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cotarsimularsaude.com.br/portoseguro/cotacao/assets/lpsaude/styles/main.min.css
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
09669fc92380473b4f7462fa72c79a783ead0b30c4a1930d3a09242283117776

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:45 GMT
Last-Modified
Mon, 06 May 2024 13:49:14 GMT
Server
Apache
ETag
"e2a7-617c955b4d6f7"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
58023
cssa67e.css
buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/cssa67e.css?family=Roboto:400,500,500i,700&display=swap
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
174301b72ce01d69303fb489e6a21063f2113a32ad6dd76f597300f4d0719fcb

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:46 GMT
Last-Modified
Sat, 14 Oct 2023 02:30:39 GMT
Server
Apache
ETag
"3f2-607a3f577dab5"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1010
css20b9.css
buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/css20b9.css?family=Montserrat:300,500,600,700&display=swap
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
49c878d90ff63b300dc8b68df300ccfb3ee43c1c7eb0b32035eea0a7f4d21050

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:46 GMT
Last-Modified
Sat, 14 Oct 2023 02:30:37 GMT
Server
Apache
ETag
"446-607a3f55c1192"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1094
sulamerica-logo.png
cotarsimularsaude.com.br/portoseguro/cotacao/assets/cdn/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cotarsimularsaude.com.br/portoseguro/cotacao/assets/cdn/sulamerica-logo.png
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
f743b7f5db5b209b8ff121550b5ac0c8e4b652045d6a4dfc829fab3e648c3067

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:45 GMT
Last-Modified
Sat, 23 Dec 2023 17:12:08 GMT
Server
Apache
ETag
"1234-60d306ec67391"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4660
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5609410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlPwT9WzwH2ApqQzlUyS%2F1mSnGwIcBzCsQsz4tYtuiI0dom3H8kxyLsqOGc%2F8%2BrgaD%2Fms1iSWAUQB359DvgU%2F9WK%2Fbb0YEU2N1izkUDreoPwzIx0xr2jAu4%2BlSKGYrpq9env8PCc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b01cc0248a69ea1-CDG
expires
Tue, 29 Jul 2025 19:08:45 GMT
vanilla-masker.min.js
cdn.jsdelivr.net/gh/lagden/vanilla-masker@lagden/build/
Redirect Chain
  • https://cdn.rawgit.com/lagden/vanilla-masker/lagden/build/vanilla-masker.min.js
  • https://cdn.jsdelivr.net/gh/lagden/vanilla-masker@lagden/build/vanilla-masker.min.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/lagden/vanilla-masker@lagden/build/vanilla-masker.min.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c934b865ce536309066804ccbed7e58b23f1d001431268b6e7e18557fa5c379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 08 Aug 2024 19:08:46 GMT
x-content-type-options
nosniff
content-encoding
br
age
40450
x-jsd-version
lagden
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1492
x-served-by
cache-fra-eddf8230114-FRA, cache-lcy-eglc8600030-LCY
x-jsd-version-type
branch
etag
W/"e81-/JfWXZjQ9FgEUxalMQfQJhVr17E"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Thu, 08 Aug 2024 19:08:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1079
age
14812
x-cache
MISS, HIT
cdn-cachedat
08/08/2024 19:08:46
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
118
x-served-by
cache-fra-eddf8230084-FRA, cache-chi-kigq8000104-CHI
server
BunnyCDN-DE1-1082
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/lagden/vanilla-masker@lagden/build/vanilla-masker.min.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
3fbd1347a1c6a87df47b01579a6ea801
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
301
cdn-requestpullsuccess
True
4d95740d6e.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/4d95740d6e.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53462ce47e3c1c3198de870b633a7e439cc8d34672af689043d00a73eada98c4

Request headers

Referer
https://cotarsimularsaude.com.br/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:46 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8b01cc02dc339e6d-CDG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-nWc_RUX51CdnFHm9Yh
mask-tel.js
cotarsimularsaude.com.br/portoseguro/cotacao/assets/js/ 		330 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cotarsimularsaude.com.br/portoseguro/cotacao/assets/js/mask-tel.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
12beb2870d8016d7fe6f2c7f83bed2dcead07b4041a0323c37506a9242618ea9

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:45 GMT
Last-Modified
Mon, 06 May 2024 13:53:44 GMT
Server
Apache
ETag
"14a-617c965d23683"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
330
group-of-people-working-out-business-plan-in-an-office.jpg
cotarsimularsaude.com.br/portoseguro/cotacao/4b13c4cd7e5b6a862a0a01429/images/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cotarsimularsaude.com.br/portoseguro/cotacao/4b13c4cd7e5b6a862a0a01429/images/group-of-people-working-out-business-plan-in-an-office.jpg
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/assets/lpsaude/styles/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
90d4c68eee4d2f6795773e27e4a3527c02b48f60caf66072ecacce606664af0b

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/assets/lpsaude/styles/main.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:46 GMT
Last-Modified
Thu, 11 Jan 2024 10:51:27 GMT
Server
Apache
ETag
"4816b-60ea9545d72b7"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
295275
JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		46 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
Requested by
Host: buscaplanosnet.com
URL: https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/css20b9.css?family=Montserrat:300,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buscaplanosnet.com/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 05:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24632
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:47:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 05:23:01 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_cJD3gnD-w.ttf
Requested by
Host: buscaplanosnet.com
URL: https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/css20b9.css?family=Montserrat:300,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bc64d22ed497c4ac28e62cde9f81b81d8e2a381c1ebfbea2c99373fc5eecfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buscaplanosnet.com/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 16:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24012
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Aug 2025 16:59:08 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		46 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
Requested by
Host: buscaplanosnet.com
URL: https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/css20b9.css?family=Montserrat:300,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buscaplanosnet.com/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 22:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24405
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 22:10:20 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v14/ 		45 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD-w.ttf
Requested by
Host: buscaplanosnet.com
URL: https://buscaplanosnet.com/portoseguro/cotacao/fonts.googleapis.com/css20b9.css?family=Montserrat:300,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buscaplanosnet.com/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 13:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24295
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 03:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 13:24:21 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4d95740d6e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4d95740d6e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:46 GMT
content-encoding
gzip
via
1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjxZ1o3zHofGTF3l2s1jjRyXcXT1lJRx3aYYWL%2F9b48hClCJdkZxQuGTMO0UZgs%2Fq2m2VhCwuVj5XUY8vCduCmQbj5O3h0b5lWcEZ%2F67ux89GTdZpe8FLnYqGtKML8Atp0u%2Fc50ufg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8b01cc07e9c06f81-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
luDYtOVyN1QbdB37dUi4USbJIuJLRI4vz4pixSN-EUnCWAQLF4HzhQ==
neurolead.min.js
cdn.leadster.com.br/neurolead/ 		510 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.leadster.com.br/neurolead/neurolead.min.js
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6b22af224ebb732de7b0b93211218780f39b426bc9556b9efa8b35fda893de

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
236
x-guploader-uploadid
AHxI1nOpyTbBDZ0qzqDfi7UeiKWT96IpDv2teLhbnSznF0qUB8nA7IC-NHkdKuKvy_hmSMYXphLxyHZCjQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 31 Jul 2024 12:46:41 GMT
server
cloudflare
etag
W/"644dde720fe9fda46f46f483e1d70a41"
vary
Accept-Encoding
x-goog-generation
1722430001339515
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ZU7osw==, md5=ZE3ecg/p/aRvRvSD4dcKQQ==
access-control-expose-headers
*
cache-control
public, max-age=43200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2F0LDo1pICFZ20Ievk%2Ff%2FCSq0jt%2BN0OY38vUIJgFLZ95RPerqGDlij3lg9NxZz%2BLVCQnBFD%2Fx6kIDk2UfhZvxtTPI3N0TWXMFWNEPWJH0ffi9ZsSSXI5BvRS45PMvhOM8pKjmAxdx8SwaRiaGxiddTI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
522418
cf-ray
8b01cc087dcc9e9f-CDG
expires
Thu, 08 Aug 2024 19:34:58 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://cotarsimularsaude.com.br/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:46 GMT
via
1.1 b474cf5c401bab2aebbb30cbe885dad0.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23Ev%2B2UekrAstXHJ2oyZqqYZdJC0fRmTk1drbYaag1zz3BSTW57XI%2F3wXjCNNvYqu%2BuH7Mo1fxeFohDaqBTVmIgG5if0SODNHMbPByt5iDvJI7GOvHYcmj4FoUmJ7uMaB7OlVgDW6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8b01cc087a456f81-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
iVTTLl5HvBk3w3Tv2lf7kINZeCfc4VclXOVwPmvjwEHyKaueDFAUTw==
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: cotarsimularsaude.com.br
URL: https://cotarsimularsaude.com.br/portoseguro/cotacao/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer
https://cotarsimularsaude.com.br/
Origin
https://cotarsimularsaude.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:46 GMT
via
1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkXUcfk7LAjPgSXIR5HfuagpLwreQ1yCWnuEiiiQqpkj86lK2tkXcSnoJzdkYRjTuvxtMr2jrrRMT4FdXqnwx%2FJZP2mi0XQXmlUqbVsaMoNOJ2y%2B1yT7TgBUlZy%2FjkmgZFQ6aQZWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8b01cc087a4a6f81-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
FtaNu3sc71c61CTQUcTRLqxSVCKikHyQmOWNomVbG8Y-iAzyQw1d9g==
js
www.googletagmanager.com/gtag/ 		303 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-43W2WYML5H
Requested by
Host: cdn.leadster.com.br
URL: https://cdn.leadster.com.br/neurolead/neurolead.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
230f7ca7bbbc757c67acbe39baa2760a153590ae01c12ff7d8940f513ce89bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103299
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Aug 2024 19:08:47 GMT
search
app.leadster.com.br/api/chatbot/scripts/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.leadster.com.br/api/chatbot/scripts/search?company=ZsqQIZoDrywDfAtlSkyHJ4lOb&session=null&path=%2Fportoseguro%2Fcotacao%2F&time=1723144126&host=cotarsimularsaude.com.br&query=&platform=desktop
Requested by
Host: cdn.leadster.com.br
URL: https://cdn.leadster.com.br/neurolead/neurolead.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / cloud66, cloud66
Resource Hash
bdf33b96aa28b5c6c98cbc30d780893d66abd329fe43da9916716e93d883edcb

Request headers

Accept
application/json, text/plain, */*
Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 19:08:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
cloud66, cloud66
status
200 OK
x-request-id
b1bda83a-bddb-4245-975d-8fd87a8b7342
x-runtime
0.038552
server
cloudflare
etag
W/"bdf33b96aa28b5c6c98cbc30d780893d"
vary
Origin
access-control-max-age
1728000
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST, OPTIONS
access-control-expose-headers
Cors-Token
cache-control
max-age=0, private, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOgw8bcEjh4DRHSoA0rQhHICfYl6oOF%2FOVgUpsydUU19DU3nL5TqJbiBCBkijkkz7kwf6JFmtdkTN21Y0cwHt5UCqhpfnDqPp9qMnD9rvJFavx9AAMQiE5Oh1SgJ8lhP0lSgL3yN%2B6lelLQBINM1vpg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8b01cc0aa9622a0f-CDG
cors-token
eyJhbGciOiJIUzI1NiJ9.eyJyYW5kb20iOiJhNDVjNzQxODAwZjZlYWVhNzkxNDkwZWNmZWJlMGM3OSIsImRhdGEiOnsic2NyaXB0X2lkIjoxNTU1NTksImhvc3QiOiJodHRwczovL2NvdGFyc2ltdWxhcnNhdWRlLmNvbS5iciIsInNraXBfdmFsaWRhdGlvbiI6ZmFsc2V9LCJleHAiOjE3MjMxNTg1MjcsInRpbWVzdGFtcCI6MTcyMzE0NDEyN30.odaPvwT0XprZb_44UyZ4wKxwq2Pgz3W44QjHQD-BzU0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a4916959189f128eccf44d8bab40df8b105dd2cf3e6bd80b0cceded99465090

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
cotarsimularsaude.com.br/cotacao/4b13c4cd7e5b6a862a0a01429/images/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cotarsimularsaude.com.br/cotacao/4b13c4cd7e5b6a862a0a01429/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.119.213.86 Strasbourg, France, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
mail.simularconvenio.com.br
Software
Apache /
Resource Hash
113f1834152eccd1575070beb388cbf8d45263e337ef9bc0869fb754437e37a3

Request headers

Referer
https://cotarsimularsaude.com.br/portoseguro/cotacao/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:47 GMT
Last-Modified
Sat, 23 Dec 2023 17:06:46 GMT
Server
Apache
ETag
"3aee-60d305b9c075c"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
15086
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-43W2WYML5H&gtm=45je4851v9102762299za200&_p=1723144126969&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=828987599.1723144127&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723144127&sct=1&seg=0&dl=https%3A%2F%2Fcotarsimularsaude.com.br%2Fportoseguro%2Fcotacao%2F&dt=Busca%20Planos%20-%20Cota%C3%A7%C3%A3o%20Porto%20Seguro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2776
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43W2WYML5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2024 19:08:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cotarsimularsaude.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
app.leadster.com.br/api/chatbot/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.leadster.com.br/api/chatbot/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / cloud66 cloud66
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,cors-token
Access-Control-Request-Method
POST
Origin
https://cotarsimularsaude.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,cors-token
access-control-allow-methods
GET, PUT, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
8b01cc0c8b982a0f-CDG
content-length
0
date
Thu, 08 Aug 2024 19:08:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wrlUqFIemupd0H6Cwi5j6hZI%2FYCKymNk4DOI5QobvB5I1C2p6jqbYLT07ThEyrXsTw75sIpi7mk71zt0vNVbb2CIfswGfvjekHy%2BEKjnoLYo%2FLNQCWlCa66ZalH%2B3NFG05zQLhhzkiElIMMR9t86Kw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
via
1.1 google
x-powered-by
cloud66 cloud66
events
app.leadster.com.br/api/chatbot/ 		2 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.leadster.com.br/api/chatbot/events
Requested by
Host: cdn.leadster.com.br
URL: https://cdn.leadster.com.br/neurolead/neurolead.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / cloud66, cloud66
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Cors-Token
eyJhbGciOiJIUzI1NiJ9.eyJyYW5kb20iOiJhNDVjNzQxODAwZjZlYWVhNzkxNDkwZWNmZWJlMGM3OSIsImRhdGEiOnsic2NyaXB0X2lkIjoxNTU1NTksImhvc3QiOiJodHRwczovL2NvdGFyc2ltdWxhcnNhdWRlLmNvbS5iciIsInNraXBfdmFsaWRhdGlvbiI6ZmFsc2V9LCJleHAiOjE3MjMxNTg1MjcsInRpbWVzdGFtcCI6MTcyMzE0NDEyN30.odaPvwT0XprZb_44UyZ4wKxwq2Pgz3W44QjHQD-BzU0
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 08 Aug 2024 19:08:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
cloud66, cloud66
status
200 OK
x-request-id
57ce96d2-6375-4564-9a09-d573ce0c1c42
x-runtime
0.024089
server
cloudflare
etag
W/"44136fa355b3678a1146ad16f7e8649e"
vary
Origin
access-control-max-age
1728000
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahRn9ht70UYIG%2BRmlwrKB2EUaKAVshqWv%2FoY7HRQThg6D7pN%2FbYicvzAVz3oIs4enBC2m%2BYS2mW%2B1jd7MIXPzvI0pcBNOXKW1UKq%2BJ1kl3Eqn2Xz5wqk9lx66LGi0p1uJCDAV%2BJgPaK1Js4be6bgsJc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8b01cc0e0ce52a0f-CDG
avatar4.png
leadster.com.br/img/avatar/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadster.com.br/img/avatar/avatar4.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.151.213.219 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.213.151.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c5ed6bf783e53d48e37cf524a3c19526c74ea0f953610f8ac2a8c2763c3fed7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:48 GMT
Strict-Transport-Security
max-age=63072000
Server
nginx/1.14.0 (Ubuntu)
X-Vercel-Id
gru1::qskr9-1723144127999-9d53c182ed03
Age
561
X-Matched-Path
/img/avatar/avatar4.png
Etag
"73dc73b8da46092ef98309cfe4edf132"
X-Vercel-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0, must-revalidate
Content-Disposition
inline; filename="avatar4.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17776
truncated
/ 		946 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833e99a8d67411f61470a04efa9ffba5ef299c20731b02673aacf34dcb74d04d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
events
app.leadster.com.br/api/chatbot/ 		0
0
truncated
/ 		826 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b7eaed60334b155de805ad0a8c331951a2e32a3b86e36196d3b66dbcb4977b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
avatar4.png
leadster.com.br/img/avatar/ 		17 KB
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadster.com.br/img/avatar/avatar4.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.151.213.219 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.213.151.34.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c5ed6bf783e53d48e37cf524a3c19526c74ea0f953610f8ac2a8c2763c3fed7d

Request headers

Referer
https://cotarsimularsaude.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 08 Aug 2024 19:08:51 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Vercel-Id
gru1::bfzrz-1723144131557-fc2be3b6e2c5
Age
561
X-Matched-Path
/img/avatar/avatar4.png
X-Vercel-Cache
HIT
Etag
"73dc73b8da46092ef98309cfe4edf132"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0, must-revalidate
Content-Disposition
inline; filename="avatar4.png"
Accept-Ranges
bytes
Content-Length
17776

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.leadster.com.br
URL
https://app.leadster.com.br/api/chatbot/events

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| VMasker object| FontAwesomeKitConfig function| inputHandler object| telMask number| neuroleadId object| regeneratorRuntime function| Glider object| dataLayer function| gtag object| neurolead object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| neuroleadLanguage

2 Cookies

Domain/Path Name / Value
.cotarsimularsaude.com.br/ Name: _ga_43W2WYML5H
Value: GS1.1.1723144127.1.0.1723144127.0.0.0
.cotarsimularsaude.com.br/ Name: _ga
Value: GA1.1.828987599.1723144127

1 Console Messages

Source Level URL
Text
network error URL: https://cotarsimularsaude.com.br/portoseguro/teste02/kit.fontawesome.com/4d95740d6e.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.leadster.com.br
buscaplanosnet.com
cdn.jsdelivr.net
cdn.leadster.com.br
cdn.rawgit.com
cdnjs.cloudflare.com
cotarsimularsaude.com.br
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
leadster.com.br
region1.google-analytics.com
www.googletagmanager.com
app.leadster.com.br
104.17.25.14
134.119.213.86
172.67.139.119
2001:4860:4802:34::36
2400:52e0:1e00::1082:1
2606:4700:20::681a:bc7
2606:4700:20::ac43:4b3d
2606:4700::6812:133e
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a04:4e42:400::485
34.151.213.219
09669fc92380473b4f7462fa72c79a783ead0b30c4a1930d3a09242283117776
113f1834152eccd1575070beb388cbf8d45263e337ef9bc0869fb754437e37a3
12beb2870d8016d7fe6f2c7f83bed2dcead07b4041a0323c37506a9242618ea9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
174301b72ce01d69303fb489e6a21063f2113a32ad6dd76f597300f4d0719fcb
230f7ca7bbbc757c67acbe39baa2760a153590ae01c12ff7d8940f513ce89bbc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
49c878d90ff63b300dc8b68df300ccfb3ee43c1c7eb0b32035eea0a7f4d21050
53462ce47e3c1c3198de870b633a7e439cc8d34672af689043d00a73eada98c4
56205168d373cb37b1870db837e74e2675593b7f930d00b2ff85c83bf886b484
5a4916959189f128eccf44d8bab40df8b105dd2cf3e6bd80b0cceded99465090
5c934b865ce536309066804ccbed7e58b23f1d001431268b6e7e18557fa5c379
66bc64d22ed497c4ac28e62cde9f81b81d8e2a381c1ebfbea2c99373fc5eecfe
7c74524e43bc128189a21c18426661e913476b73fce6547029ab412605bb58e7
833e99a8d67411f61470a04efa9ffba5ef299c20731b02673aacf34dcb74d04d
90d4c68eee4d2f6795773e27e4a3527c02b48f60caf66072ecacce606664af0b
a4b0943e5312a5e2b4204d46f33b6f227a7fec6bb36c3ea712f1d99c05c999c2
b3b7eaed60334b155de805ad0a8c331951a2e32a3b86e36196d3b66dbcb4977b
bdf33b96aa28b5c6c98cbc30d780893d66abd329fe43da9916716e93d883edcb
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c5ed6bf783e53d48e37cf524a3c19526c74ea0f953610f8ac2a8c2763c3fed7d
ca9c9dcd41a3f890db12c77921db3d1660f84d8f867f8c4202d27241cead516b
f743b7f5db5b209b8ff121550b5ac0c8e4b652045d6a4dfc829fab3e648c3067
fb6b22af224ebb732de7b0b93211218780f39b426bc9556b9efa8b35fda893de
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda