urlscan.io logo urlscan.io
SecurityTrails logo

hmg-unifique.hubdevendas.com Open in urlscan Pro
2600:1f18:de8:2400:182:a48:4799:a7a6  Public Scan

Go To Rescan Add Verdict Report
URL: https://hmg-unifique.hubdevendas.com/
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 32 HTTP transactions. The main IP is 2600:1f18:de8:2400:182:a48:4799:a7a6, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hmg-unifique.hubdevendas.com.
TLS certificate: Issued by R10 on July 2nd 2024. Valid for: 3 months.
This is the only time hmg-unifique.hubdevendas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2600:1f18:de8... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
32 6
16    2600:1f18:de8:2400:182:a48:4799:a7a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
hmg-unifique.hubdevendas.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 hubdevendas.com
hmg-unifique.hubdevendas.com
982 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
150 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 5714
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
3 KB
0 google.de Failed
www.google.de Failed
32 6
Domain Requested by
16 hmg-unifique.hubdevendas.com hmg-unifique.hubdevendas.com
2 www.googletagmanager.com hmg-unifique.hubdevendas.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 netdna.bootstrapcdn.com hmg-unifique.hubdevendas.com
1 fonts.googleapis.com hmg-unifique.hubdevendas.com
0 www.google.de Failed hmg-unifique.hubdevendas.com
32 6

This site contains no links.

Subject Issuer Validity Valid
hmg.hubdevendas.com
R10		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hmg-unifique.hubdevendas.com/
Frame ID: B8C65F1AD7EF6BCB2E449BC5836FA565
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hub de Vendas - Aplicativo de vendas multicanal

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

66 %
HTTPS

80 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

1188 kB
Transfer

5021 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hmg-unifique.hubdevendas.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c662b53e515bd36b63a933610e7144c193116d05edfa34c8bb5e44532426355a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
hubdevendas.before.com.br *
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Content-Type
text/html
Date
Wed, 03 Jul 2024 02:03:26 GMT
ETag
W/"6684ae64-f3a"
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy
same-origin
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20608da00e30e3f7535c825ef25b55b1df638a6d04053061c07946299834937f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 02:03:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49624
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jul 2024 02:03:26 GMT
css
fonts.googleapis.com/ 		34 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,600,700|Montserrat:400,700,800,900|Inter:400,600,700&display=swap
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c0c11f34b60d7b77b0687441610766c35f7f8701229da414ebaceadcd52a6b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jul 2024 02:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 02:03:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jul 2024 02:03:26 GMT
app.0bb76cba.css
hmg-unifique.hubdevendas.com/css/ 		198 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/css/app.0bb76cba.css
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1c78d87ad7cb56638ad94ebb3f2a2c27b13fe20e1dafce5ef75ecef10fb5a840

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-316c2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
chunk-vendors.bf73d4cf.css
hmg-unifique.hubdevendas.com/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/css/chunk-vendors.bf73d4cf.css
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5369047279e072b7ddb68eac1492abb56f34a1da09e723a0773f340e9303ad60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-5630"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
app.5de124a0.js
hmg-unifique.hubdevendas.com/js/ 		2 MB
542 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
132b488254dd1c07a499cc5c4f5542ff93d19cd8484c89ff21db603319cc6f64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1f14fb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
chunk-vendors.cbb271ad.js
hmg-unifique.hubdevendas.com/js/ 		1 MB
384 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/chunk-vendors.cbb271ad.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b3b670e703f15d988348445920b5249fe9745023c177c491b00fa7e0dddcc00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-148918"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/css/app.0bb76cba.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 02:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1049
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8713099
cdn-cachedat
03/18/2024 13:16:13
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"2d53b06f292dcb355b5e1a39ec065054"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ddb849953c61c1961669be0df45df671
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
89d34c93a90e35e1-FRA
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dad1efa43e2debaeb092e66c8fcdfec76ed878d335a8f1df61beb91fba0db92a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 02:03:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103936
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Jul 2024 02:03:27 GMT
crypto_service_worker.js
hmg-unifique.hubdevendas.com/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/crypto_service_worker.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a0937e5dc42176edb1aff73a7afeced5b136da5d7b6c9338f2333ca1279e6a81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1469"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
ga-audiences
www.google.de/ads/ 		0
0
favicon-32x32.png
hmg-unifique.hubdevendas.com/img/icons/ 		564 B
412 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/icons/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
favicon-16x16.png
hmg-unifique.hubdevendas.com/img/icons/ 		564 B
412 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/icons/favicon-16x16.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
chunk-2d0b2d1c.b3c64b10.js
hmg-unifique.hubdevendas.com/js/ 		2 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/chunk-2d0b2d1c.b3c64b10.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
910f37419b57da3f27d2bb7ff279e9bf2d13544c9241a1e9b409fe71cd7721e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-63c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
hub-login.9eb90b27.css
hmg-unifique.hubdevendas.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/css/hub-login.9eb90b27.css
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f06a8cf0649dd6292372ecf33814e1686682ce7a8b21407eafdfdc4e30e43d79

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1df6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
hub-login.65313fe5.js
hmg-unifique.hubdevendas.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/hub-login.65313fe5.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8df05d2f9cecf41e4cf10d9ac95496b1c62f0231665cab9645e1c2d1c1a819d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1848"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
layout
hmg-unifique.hubdevendas.com/api/v1/provider/7/config/ 		1 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/api/v1/provider/7/config/layout
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8b824618af4d5b3200ce979429a43b22cdd9b420987f404e0653b6a0ed58b4e6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
Security-Key
LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFrekdyRjhJVmkvV0xtY1BsS3dpRApGOWh6N3ZZRDM3OFRjbGE1SmlBTEFLVDlnODBleDFuUUkxN3Bmdlk1LzhBdnhtUWlVM1doVlVYdENBQ045bU9HCllONFptRWMrb3RacFdFZ1M2S0hKQi9NM2hOV1Jnb2Z5UlFNZnVEdDJOL3hVVlRjVXlGWjJxTGFhNmNwNXpHYmgKcFlIRUdLbHdyWGIrbkhSQXF3alBYb1ZkOW5PdzQrKzdwSlBJajNaU1ArcE0rTUI4c0w1cm9HU2xpdStxYVBhUwo0MGEwUGNuRzV6VVR4akdmSEIvMXdUdE1OOVo4NTFNU2pScjBCTUs1cXBvUkRQNk0yRmthS1RqYXpRWGZtQlZvCktaM0xGSmRGclkvOTNBN1ZXZUlPOC9VQnN3bDJTOWE3QWR6Vzl6QnRJdzlVWkV0ZE1GbEQreGhER2JiUUFET1IKU1FJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-RateLimit-Remaining
59
Content-Type
application/json
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-RateLimit-Limit
60
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,600,700|Montserrat:400,700,800,900|Inter:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hmg-unifique.hubdevendas.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 09:37:33 GMT
x-content-type-options
nosniff
age
491154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 09:37:33 GMT
chunk-a9694f0a.32b1afdc.css
hmg-unifique.hubdevendas.com/css/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/css/chunk-a9694f0a.32b1afdc.css
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
39dd04e3300f3ea98d20318d5045f371d16b84df7acd9befcd2a37f54164d2ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-948"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
chunk-a9694f0a.1214cebb.js
hmg-unifique.hubdevendas.com/js/ 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/chunk-a9694f0a.1214cebb.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
116db6084f561243e1434b9f54144793e4033c31c0d7abd9eac5a074dc212441

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-4004"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
hexagon.5977f341.svg
hmg-unifique.hubdevendas.com/img/ 		252 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/hexagon.5977f341.svg
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8421b12c4d2bbd5ea980f9fe353f690a3c369871092efac2da87f84bf42cc180
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Connection
keep-alive
Content-Length
252
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6684ae64-fc"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
dottedCircle.9958eb61.svg
hmg-unifique.hubdevendas.com/img/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/dottedCircle.9958eb61.svg
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f9c12889175ab05027a482a8d97177d8e4a92d5f5dfa1eb242143bbd2d3e96e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1a2c"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
chunk-2d22232a.b2e700fc.js
hmg-unifique.hubdevendas.com/js/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/chunk-2d22232a.b2e700fc.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
46c20e0af5b4bd2ded098dbef10c41958e72b75b23acb92c01efca16f1960abf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-cfe"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
chunk-2d0cb751.142142c1.js
hmg-unifique.hubdevendas.com/js/ 		6 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/js/chunk-2d0cb751.142142c1.js
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
95b7f88d45d4a773c01ea70f979b94950a6be543349d622d239fcb0e95069c47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-19aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
hexagon.5977f341.svg
hmg-unifique.hubdevendas.com/img/ 		252 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/hexagon.5977f341.svg
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8421b12c4d2bbd5ea980f9fe353f690a3c369871092efac2da87f84bf42cc180
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:27 GMT
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
X-Content-Type-Options
nosniff
Content-Length
252
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6684ae64-fc"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
dottedCircle.9958eb61.svg
hmg-unifique.hubdevendas.com/img/ 		7 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/dottedCircle.9958eb61.svg
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/js/app.5de124a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:de8:2400:182:a48:4799:a7a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f9c12889175ab05027a482a8d97177d8e4a92d5f5dfa1eb242143bbd2d3e96e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Jul 2024 02:03:28 GMT
Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
X-Content-Type-Options
nosniff
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-1a2c"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
favicon-32x32.png
hmg-unifique.hubdevendas.com/img/hub/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/hub/favicon-32x32.png
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c7641895ea8790badabec35069a08ccada0bce92e43337ed848e6a6f6c6c500b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:28 GMT
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6684ae64-c9d"
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3229
s6X1pUBh1jW9E7aIURUltj7jToCcPtKJhBwV4MnS.png
hmg-unifique.hubdevendas.com/api/v1/storage/logo/white/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hmg-unifique.hubdevendas.com/api/v1/storage/logo/white/s6X1pUBh1jW9E7aIURUltj7jToCcPtKJhBwV4MnS.png
Requested by
Host: hmg-unifique.hubdevendas.com
URL: https://hmg-unifique.hubdevendas.com/css/hub-login.9eb90b27.css
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1eed04737def4479ee3a9cbfd8868c4132a2b9ab011514af83928f6c71d29a7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/css/hub-login.9eb90b27.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Date
Wed, 03 Jul 2024 02:03:28 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Connection
keep-alive
Content-Length
2527
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:57:02 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
Cache-Control
public
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
X-RateLimit-Limit
60
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
X-RateLimit-Remaining
58
3.92a210a3.png
hmg-unifique.hubdevendas.com/img/ 		858 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hmg-unifique.hubdevendas.com/img/3.92a210a3.png
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e0d33dc9dcef0a744c99eaa090ca9dba6e72ce68da671fc77d3db9d5ee01ac13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:28 GMT
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6684ae64-d68f5"
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
878837
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,600,700|Montserrat:400,700,800,900|Inter:400,600,700&display=swap
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://hmg-unifique.hubdevendas.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:05:35 GMT
x-content-type-options
nosniff
age
464273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:05:35 GMT
clock-remove.8aeecc0a.svg
hmg-unifique.hubdevendas.com/img/ 		807 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hmg-unifique.hubdevendas.com/img/clock-remove.8aeecc0a.svg
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
72116332a5c257de02f1312df8322f976e876beeb5ea20a426714c284606f7e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 03 Jul 2024 02:03:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6684ae64-327"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
hubdevendas.before.com.br, *
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Permissions-Policy
geolocation=(self),midi=(),sync-xhr=(),microphone=(self),camera=(self),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,x-api-key
favicon-16x16.png
hmg-unifique.hubdevendas.com/img/hub/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hmg-unifique.hubdevendas.com/img/hub/favicon-16x16.png
Protocol
HTTP/1.1
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c7641895ea8790badabec35069a08ccada0bce92e43337ed848e6a6f6c6c500b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hmg-unifique.hubdevendas.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 03 Jul 2024 02:03:28 GMT
Last-Modified
Wed, 03 Jul 2024 01:50:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6684ae64-c9d"
Content-Type
image/png
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3229

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1YHRD419EY&cid=164498726.1719972208&gtm=45je4710v9122444414za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=163277181

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| google_tag_manager object| google_tag_data object| dataLayer object| webpackJsonp object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ function| onYouTubeIframeAPIReady object| gaGlobal object| $vue

6 Cookies

Domain/Path Name / Value
hmg-unifique.hubdevendas.com/api/v1/storage/logo/white Name:
Value: HttpOnly
hmg-unifique.hubdevendas.com/api/v1/provider/7/config Name:
Value: HttpOnly
hmg-unifique.hubdevendas.com/img Name:
Value: HttpOnly
hmg-unifique.hubdevendas.com/ Name:
Value: HttpOnly
.hubdevendas.com/ Name: _ga
Value: GA1.1.164498726.1719972208
.hubdevendas.com/ Name: _ga_1YHRD419EY
Value: GS1.1.1719972207.1.0.1719972207.60.0.0

13 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1526&_z=fetch' because it violates the following Content Security Policy directive: "connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1526&_z=fetch' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 204)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1YHRD419EY&cid=164498726.1719972208&gtm=45je4710v9122444414za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0' because it violates the following Content Security Policy directive: "connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com".
security error URL: https://hmg-unifique.hubdevendas.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1YHRD419EY&cid=164498726.1719972208&gtm=45je4710v9122444414za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=163277181' because it violates the following Content Security Policy directive: "img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net".
network error URL: https://hmg-unifique.hubdevendas.com/img/icons/favicon-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://hmg-unifique.hubdevendas.com/img/icons/favicon-16x16.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://hmg-unifique.hubdevendas.com/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://hmg-unifique.hubdevendas.com/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://hmg-unifique.hubdevendas.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6532&_z=fetch' because it violates the following Content Security Policy directive: "connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6532&_z=fetch' because it violates the document's Content Security Policy.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=user_engagement&_et=5123&tfd=6658&_z=fetch' because it violates the following Content Security Policy directive: "connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com".
javascript error URL: https://www.googletagmanager.com/gtag/js?id=G-1YHRD419EY&l=dataLayer&cx=c(Line 205)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1YHRD419EY&gtm=45je4710v9122444414za200&_p=1719972207489&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=164498726.1719972208&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1719972207&sct=1&seg=0&dl=https%3A%2F%2Fhmg-unifique.hubdevendas.com%2F&dt=Hub%20de%20Vendas%20-%20Aplicativo%20de%20vendas%20multicanal&en=user_engagement&_et=5123&tfd=6658&_z=fetch' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *; script-src 'report-sample' 'self' www.google-analytics.com www.google.com/recaptcha/ www.gstatic.com *.cloudfront.net before.tomticket.com www.googletagmanager.com api.tomticket.com chatserver.tomticket.com 'unsafe-eval' 'unsafe-inline' www.google-analytics.com ajax.googleapis.com before.tomticket.com www.googletagmanager.com; style-src 'report-sample' 'self' 'unsafe-inline' fonts.googleapis.com netdna.bootstrapcdn.com *.cloudfront.net www.googletagmanager.com; img-src 'self' blob: data: *.s3.us-east-2.amazonaws.com *.s3.amazonaws.com *.openstreetmap.org *.cloudfront.net www.googletagmanager.com *.hubdevendas.com *.hubdevendas.com.br *.hubdevendas.net; font-src 'self' data: fonts.googleapis.com *.googleapis.com fonts.gstatic.com netdna.bootstrapcdn.com *.cloudfront.net use.typekit.net; connect-src 'self' data: before.tomticket.com www.google-analytics.com analytics.google.com chatserver.tomticket.com; frame-src 'self' www.google.com *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; object-src 'self' *.s3.us-east-2.amazonaws.com https://us-east-2.quicksight.aws.amazon.com; base-uri 'self'; manifest-src 'self' data:; media-src 'self'; worker-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hmg-unifique.hubdevendas.com
netdna.bootstrapcdn.com
www.google.de
www.googletagmanager.com
www.google.de
104.18.11.207
2600:1f18:de8:2400:182:a48:4799:a7a6
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2003
2a00:1450:4001:831::200a
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b3b670e703f15d988348445920b5249fe9745023c177c491b00fa7e0dddcc00
116db6084f561243e1434b9f54144793e4033c31c0d7abd9eac5a074dc212441
132b488254dd1c07a499cc5c4f5542ff93d19cd8484c89ff21db603319cc6f64
1c78d87ad7cb56638ad94ebb3f2a2c27b13fe20e1dafce5ef75ecef10fb5a840
1eed04737def4479ee3a9cbfd8868c4132a2b9ab011514af83928f6c71d29a7e
20608da00e30e3f7535c825ef25b55b1df638a6d04053061c07946299834937f
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
39dd04e3300f3ea98d20318d5045f371d16b84df7acd9befcd2a37f54164d2ea
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
46c20e0af5b4bd2ded098dbef10c41958e72b75b23acb92c01efca16f1960abf
4c0c11f34b60d7b77b0687441610766c35f7f8701229da414ebaceadcd52a6b1
5369047279e072b7ddb68eac1492abb56f34a1da09e723a0773f340e9303ad60
72116332a5c257de02f1312df8322f976e876beeb5ea20a426714c284606f7e2
8421b12c4d2bbd5ea980f9fe353f690a3c369871092efac2da87f84bf42cc180
8b824618af4d5b3200ce979429a43b22cdd9b420987f404e0653b6a0ed58b4e6
8df05d2f9cecf41e4cf10d9ac95496b1c62f0231665cab9645e1c2d1c1a819d2
910f37419b57da3f27d2bb7ff279e9bf2d13544c9241a1e9b409fe71cd7721e6
95b7f88d45d4a773c01ea70f979b94950a6be543349d622d239fcb0e95069c47
a0937e5dc42176edb1aff73a7afeced5b136da5d7b6c9338f2333ca1279e6a81
c662b53e515bd36b63a933610e7144c193116d05edfa34c8bb5e44532426355a
c7641895ea8790badabec35069a08ccada0bce92e43337ed848e6a6f6c6c500b
dad1efa43e2debaeb092e66c8fcdfec76ed878d335a8f1df61beb91fba0db92a
e0d33dc9dcef0a744c99eaa090ca9dba6e72ce68da671fc77d3db9d5ee01ac13
f06a8cf0649dd6292372ecf33814e1686682ce7a8b21407eafdfdc4e30e43d79
f9c12889175ab05027a482a8d97177d8e4a92d5f5dfa1eb242143bbd2d3e96e0