paciente.gliconline.com.br Open in urlscan Pro
2606:4700:4400::ac40:91ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paciente.gliconline.com.br/
Effective URL:
https://paciente.gliconline.com.br/usuarios/sign_in
Submission: On October 31 via api (October 31st 2024, 12:01:57 pm UTC) from US — Scanned from CA

Summary HTTP 45 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2606:4700:4400::ac40:91ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is paciente.gliconline.com.br.
TLS certificate: Issued by E6 on September 26th 2024. Valid for: 3 months.

This is the only time paciente.gliconline.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:440... 2606:4700:4400::ac40:91ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
2	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
2	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:9a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	23.218.216.142 23.218.216.142	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:20:... 2606:4700:20::ac43:450a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c19::8a	15169 (GOOGLE) (GOOGLE)
1	23.218.216.151 23.218.216.151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.31.95 142.250.31.95	15169 (GOOGLE) (GOOGLE)
45	10

19 2606:4700:4400::ac40:91ae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paciente.gliconline.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:9a2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w-cdn.huggy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.218.216.142 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-216-142.deploy.static.akamaitechnologies.com

js.huggy.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webfonts.huggy.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:450a (United States)

ASN13335 (CLOUDFLARENET, US)

widget.huggy.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.216.151 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-216-151.deploy.static.akamaitechnologies.com

webfonts.huggy.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gliconline.com.br 1 redirects paciente.gliconline.com.br	264 KB
8	huggy.chat js.huggy.chat — Cisco Umbrella Rank: 718876	283 KB
5	huggy.cloud webfonts.huggy.cloud — Cisco Umbrella Rank: 805230	6 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	177 KB
3	huggy.app widget.huggy.app — Cisco Umbrella Rank: 521781	5 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
1	huggy.io 1 redirects w-cdn.huggy.io	947 B
45	8

	Domain	Requested by
19	paciente.gliconline.com.br	1 redirects paciente.gliconline.com.br
8	js.huggy.chat	paciente.gliconline.com.br w-cdn.huggy.io
5	webfonts.huggy.cloud	client webfonts.huggy.cloud
5	fonts.googleapis.com	paciente.gliconline.com.br client
3	widget.huggy.app	paciente.gliconline.com.br
2	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	paciente.gliconline.com.br
1	www.google-analytics.com	js.huggy.chat
1	w-cdn.huggy.io	1 redirects
45	9

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
gliconline.net
br.linkedin.com
www.instagram.com
www.youtube.com
spotify.link
huggy.io

Subject Issuer	Validity	Valid
gliconline.com.br E6	`2024-09-26` - `2024-12-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
huggy.app E6	`2024-10-30` - `2025-01-28`	3 months	crt.sh
app.huggy.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-22` - `2025-03-12`	8 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://paciente.gliconline.com.br/usuarios/sign_in
Frame ID: 431542EE94567709E6AA6DF39192C4F7
Requests: 38 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:300,400,500
Frame ID: 622A36F931520DD2DBF1F6ED25F01A14
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:300,400,500
Frame ID: C50D5F456BA0532395949C3EA89ACB50
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glic

Page URL History Show full URLs

http://paciente.gliconline.com.br/ HTTP 307
https://paciente.gliconline.com.br/ HTTP 302
https://paciente.gliconline.com.br/usuarios/sign_in Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Page Statistics

45
Requests

96 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

757 kB
Transfer

1867 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/br/app/glic-diabetes-e-glicemia/id1184941726

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.quasar.gliconline&hl=pt_BR&gl=US

Search URL Search Domain Scan URL

URL: https://gliconline.net/
Title: Site Institucional

Search URL Search Domain Scan URL

URL: https://br.linkedin.com/company/quasar-telemedicina
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/glicdiabetes/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@GlicOnLine
Title: Youtube

Search URL Search Domain Scan URL

URL: https://spotify.link/U3WjCaHJbEb
Title: Glicast Spotify

Search URL Search Domain Scan URL

URL: https://huggy.io/pt-br/huggy-chat/?utm_source=huggy-chat&utm_medium=6004&utm_campaign=paciente.gliconline.com.br
Title: Chat By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paciente.gliconline.com.br/ HTTP 307
https://paciente.gliconline.com.br/ HTTP 302
https://paciente.gliconline.com.br/usuarios/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://w-cdn.huggy.io/widget.min.js?v=7.4.2 HTTP 302
https://js.huggy.chat/widget.min.js

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign_in Show response
paciente.gliconline.com.br/usuarios/
Redirect Chain

http://paciente.gliconline.com.br/
https://paciente.gliconline.com.br/
https://paciente.gliconline.com.br/usuarios/sign_in

25 KB
8 KB

71ms
70ms

Document
text/html

2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4875b7fef879bb55057bed1a88eeaeb16a7c62a51d960030c122d6789f9cc21b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cache-control: max-age=0 no-cache
cf-cache-status: DYNAMIC
cf-ray: 8db37e24a901a286-YUL
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-same-origin
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 31 Oct 2024 12:01:50 GMT
expect-ct: max-age=86400, enforce
expires: Thu, 31 Oct 2024 12:01:50 GMT
link: </assets/v2/institucional-a1da55291454e41ce1cc66d49143ae6b8b65fb6f4847aee4e15399992a55b9f4.js>; rel=preload; as=script; nopush,</assets/v2/application-845bc09aaba5a59065223de8aa9773fc5477ab54dbe1ba97d2b6609096045296.css>; rel=preload; as=style; nopush,</assets/tailwind-fc4f54bed2fdc5a729db2a2a82586c427738e1f27b42efbc0388fdc88445f46d.css>; rel=preload; as=style; nopush,</assets/inter-font-1152358a915de8dd7fc0924b91b463c7fcb9b62b87f8b2c19758245306d10136.css>; rel=preload; as=style; nopush,</assets/firebase-1a96aec51bbb18c97cc0517364558323c02a70dbb88d8ca2937e190dbb3e0a63.js>; rel=preload; as=script; nopush,</assets/firebase-1a96aec51bbb18c97cc0517364558323c02a70dbb88d8ca2937e190dbb3e0a63.js>; rel=preload; as=script; nopush,</assets/firebase-1a96aec51bbb18c97cc0517364558323c02a70dbb88d8ca2937e190dbb3e0a63.js>; rel=preload; as=script; nopush,</assets/institucional-c0f03c90eef2e861662d702ce84148d6fd2aa989350d6884387643d5984750c8.js>; rel=preload; as=script; nopush
permissions-policy: gyroscope=(), microphone=(), usb=(), payment=(), geolocation=()
referrer-policy: same-origin
server: cloudflare
server-timing: dtSInfo;desc="0", dtRpid;desc="-1833779355"
strict-transport-security: max-age=631139040; includeSubdomains; preload max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-cache: BYPASS
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-permitted-cross-domain-policies: none
x-request-id: 2c57849e13b0077320b6fc313afedcbd 2c57849e13b0077320b6fc313afedcbd
x-runtime: 0.015847
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
cache-control: max-age=0 no-cache
cf-cache-status: DYNAMIC
cf-ray: 8db37e232f9aa286-YUL
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 12:01:50 GMT
expect-ct: max-age=86400, enforce
expires: Thu, 31 Oct 2024 12:01:50 GMT
location: https://paciente.gliconline.com.br/usuarios/sign_in
referrer-policy: same-origin
server: cloudflare
server-timing: dtSInfo;desc="0", dtRpid;desc="-1181561983"
strict-transport-security: max-age=631139040; includeSubdomains; preload max-age=63072000; includeSubDomains; preload
vary: Origin
x-cache: BYPASS
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-permitted-cross-domain-policies: none
x-request-id: 8d609bcccb8c548ffb246ade6fe4ed23 8d609bcccb8c548ffb246ade6fe4ed23
x-runtime: 0.017458
x-ruxit-js-agent: true
x-xss-protection: 1; mode=block

GET
H2 200 institucional-a1da55291454e41ce1cc66d49143ae6b8b65fb6f4847aee4e15399992a55b9f4.js Show response
paciente.gliconline.com.br/assets/v2/ 1 KB
657 B 132ms
127ms Script
application/javascript 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/v2/institucional-a1da55291454e41ce1cc66d49143ae6b8b65fb6f4847aee4e15399992a55b9f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef17f7acd8d417adc450297c91b6233d598bf8ab595b880ac15dade6b1c30d2b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 6f68608cb6369447449cee15b2c7478f
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:50 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1938934181"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2549a0a286-YUL
accept-ranges: bytes
content-length: 472
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 application-845bc09aaba5a59065223de8aa9773fc5477ab54dbe1ba97d2b6609096045296.css
paciente.gliconline.com.br/assets/v2/ 54 KB
9 KB 206ms
202ms Stylesheet
text/css 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/v2/application-845bc09aaba5a59065223de8aa9773fc5477ab54dbe1ba97d2b6609096045296.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08afdcb8e4acfb9e1c2882bf6f7cf4131e31645edcb9dda0970372f6f5e0208d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: bbdafa6679cdb419b220b854e5e5479e
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1447377919"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e25499da286-YUL
accept-ranges: bytes
content-length: 9478
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 tailwind-fc4f54bed2fdc5a729db2a2a82586c427738e1f27b42efbc0388fdc88445f46d.css
paciente.gliconline.com.br/assets/ 22 KB
6 KB 146ms
143ms Stylesheet
text/css 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/tailwind-fc4f54bed2fdc5a729db2a2a82586c427738e1f27b42efbc0388fdc88445f46d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b541fe5e646994badfa549ed55a25b7156a07976a031f6669c6858bfd27f3b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 1bb78532de8562baa9cf63d761ac1183
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-1776612102"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e25499ea286-YUL
accept-ranges: bytes
content-length: 5478
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inter-font-1152358a915de8dd7fc0924b91b463c7fcb9b62b87f8b2c19758245306d10136.css
paciente.gliconline.com.br/assets/ 9 KB
2 KB 154ms
150ms Stylesheet
text/css 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/inter-font-1152358a915de8dd7fc0924b91b463c7fcb9b62b87f8b2c19758245306d10136.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c90d8f19dfe451a271a61dc98ab9c664a5eb32fbaf49561033bbc6e93722dfa

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: f52570d3ca35c11e0ab307e84a4ad9a1
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-291872392"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e25499fa286-YUL
accept-ranges: bytes
content-length: 1602
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 firebase-1a96aec51bbb18c97cc0517364558323c02a70dbb88d8ca2937e190dbb3e0a63.js Show response
paciente.gliconline.com.br/assets/ 588 B
427 B 151ms
148ms Script
application/javascript 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/firebase-1a96aec51bbb18c97cc0517364558323c02a70dbb88d8ca2937e190dbb3e0a63.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b0b2537d9122f70f50b49d985ef295180b44a51385b1ab8fc20c2372822568

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: c937d4cb01bb7f2f94406477bf5568b7
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-87895226"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2549a2a286-YUL
accept-ranges: bytes
content-length: 287
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 institucional-c0f03c90eef2e861662d702ce84148d6fd2aa989350d6884387643d5984750c8.js Show response
paciente.gliconline.com.br/assets/ 356 KB
105 KB 162ms
159ms Script
application/javascript 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/assets/institucional-c0f03c90eef2e861662d702ce84148d6fd2aa989350d6884387643d5984750c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4566d791455a670ed4f4aca54c58885e97e1350f9e22a0cede0f3e16f08c9852

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 8f1da1f4e4910ef6a56be4e4d5760bff
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="73293482"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2549a3a286-YUL
accept-ranges: bytes
content-length: 106746
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 ruxitagentjs_ICA7NQVfqrux_10301241007103824.js Show response
paciente.gliconline.com.br/ 316 KB
116 KB 110ms
108ms Script
text/javascript 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbb68c55afccfee1821c94f18fbccaf20bab5472650e382449556c2db8fef53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: d1140a3e60e91327e8ec43c1daa40acb
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 12:01:50 GMT
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=31536000, immutable, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e2549a4a286-YUL
accept-ranges: bytes
content-length: 117961
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 112ms
46ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:01:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 12:01:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 download_appstore-d40e50344faa303eec0efd05099c85755d9aa40ac975fc708ef380b946af6c43.svg
paciente.gliconline.com.br/assets/ 15 KB
6 KB 95ms
93ms Image
image/svg+xml 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paciente.gliconline.com.br/assets/download_appstore-d40e50344faa303eec0efd05099c85755d9aa40ac975fc708ef380b946af6c43.svg

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a1fb8569f2a5bc978565b47e34f471a23d1a2a13ef17deedef7d6d8ced6661

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 2c8f812fb6c9161176cfe45c5bb3ae11
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:50 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="2041479270"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:50 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 18:23:17 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2549a6a286-YUL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 download_google_play-24c78e92fa50c74ced6b469f4ce26744d5b1b50cf986a7625764b2f4b648c8f0.svg
paciente.gliconline.com.br/assets/ 9 KB
4 KB 77ms
76ms Image
image/svg+xml 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paciente.gliconline.com.br/assets/download_google_play-24c78e92fa50c74ced6b469f4ce26744d5b1b50cf986a7625764b2f4b648c8f0.svg

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d109fb62c468528ef48253c13988a6a40227f721f3735555252749e312aaf4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 03f83ee2cd382ebb36525e52743e1026
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:50 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-1605832838"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:50 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 18:23:17 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2549a7a286-YUL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.10.0/ 22 KB
7 KB 71ms
36ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 583949
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:49:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 17:49:22 GMT
last-modified: Thu, 19 Aug 2021 20:25:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7003
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.10.0/ 35 KB
11 KB 48ms
31ms Script
text/javascript 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.10.0/firebase-analytics.js

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 581888
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 18:23:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 18:23:43 GMT
last-modified: Thu, 19 Aug 2021 20:25:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10768
x-xss-protection: 0
server: sffe

GET
H2 200 logo-horizontal-rgb2-2e40072043d50ca72f3856140b58b453de13b96811f14f00c9ce8310a0af52ad.svg
paciente.gliconline.com.br/assets/ 6 KB
3 KB 71ms
70ms Image
image/svg+xml 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paciente.gliconline.com.br/assets/logo-horizontal-rgb2-2e40072043d50ca72f3856140b58b453de13b96811f14f00c9ce8310a0af52ad.svg

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7978be585ddc4d478c730d9f6e9eea1864b75f2d5793908cfb2d36ce373d9928

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 452f8eb67644285036f26732fbcf9d3b
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1035496510"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e265a67a286-YUL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 logo_afya_2024-e65e6763d561f89dd15a08d55701adaf1c9fdfe0a69f1e963b2ebb055228686f.svg
paciente.gliconline.com.br/assets/ 3 KB
1 KB 77ms
76ms Image
image/svg+xml 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paciente.gliconline.com.br/assets/logo_afya_2024-e65e6763d561f89dd15a08d55701adaf1c9fdfe0a69f1e963b2ebb055228686f.svg

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f69857043c09b928c1907c9a6f83db61be86c89e81f66fd06dfc72e593f9ff97

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: c7fc6ade31dd27261ac255ed075dee6d
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1744700800"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Oct 2024 18:23:22 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e265a6aa286-YUL
x-xss-protection: 1; mode=block
server: cloudflare

GET ruxitagentjs_D_10301241007103824.js
paciente.gliconline.com.br/ Frame 0
0

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 66ms
31ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://paciente.gliconline.com.br
Referer: https://fonts.googleapis.com/

Response headers

age: 54801
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 20:48:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 20:48:30 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

GET
H2

200

widget.min.js Show response
js.huggy.chat/
Redirect Chain

https://w-cdn.huggy.io/widget.min.js?v=7.4.2
https://js.huggy.chat/widget.min.js

716 KB
176 KB

248ms
42ms

Script
application/javascript

23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/widget.min.js
Requested by: Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/usuarios/sign_in
Protocol: H2
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 529f2fdaba29b56cda3d506f95e63def2dff6acf1c637d9605d94c0d93b33398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: "01e1f5b8a90b0eba68882e5881b4ba5d"
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-id: unzFL6MYzNB3NcwHBkoqMIZByidmRDBzt_zt2rYyx6hMFrMU__BaGw==
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:51 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

Redirect headers

expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnQJPsVO6JCNtkFz3ta9SS26LNdkQYPIzTjPl6FqOGptG6w9yxAaBsR1j%2F8ao8Fh5qdT2MspVMvMIjqU62RfQykpfgD4OO8uv2jDTjRvMdexXjKMidA4ugE1umHfNwDEoCBCHdoJZRYyhyxM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=15613&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4191&recv_bytes=2123&delivery_rate=248182&cwnd=252&unsent_bytes=0&cid=6c3936bd5d764c5a&ts=33&x=0"
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains; preload
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://js.huggy.chat/widget.min.js
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8db37e27c839a26d-YUL
content-length: 143
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 / Show response
widget.huggy.app/chat/configs/ 7 KB
3 KB 299ms
207ms XHR
text/html 2606:4700:20::ac43:450a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.huggy.app/chat/configs/

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:450a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35d300d85320d6f8ed9343bdc58bedeb870872d1d1ef3efe3e29c5c2f9b7333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RqwkjboW13lop1Rtq8FYxq0e7wXJTWANrNOv2VwFGWDv0rV%2ByEkPdjeDBoSNScSLwwnsMiyjqCQEBzOz2Jh%2BfzS0TC5yXJ78ENw4L9PY7Q0UjgEbsYHzJjfx7LObOqXTXX5JwOhKwyRFYgN3T9k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=15750&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3961&recv_bytes=2443&delivery_rate=246219&cwnd=254&unsent_bytes=0&cid=96de01167f2c21b4&ts=219&x=0"
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-pz-route
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
cf-ray: 8db37e2aaa7aa2d6-YUL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 5.94de9729c18345e7c2bf.js
js.huggy.chat/ 0
8 KB 47ms
45ms Other
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/5.94de9729c18345e7c2bf.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "98ff8bf0f82234dee457af80f040905c"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8292
x-amz-cf-id: Bwlt26Pz0i1i2zLRIXNxulHBJduomfELBgU2gAfaKWF8xsAy5rqq5w==
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 14.d52057b443edd5d67290.js
js.huggy.chat/ 0
1 KB 44ms
43ms Other
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/14.d52057b443edd5d67290.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "51bdb55f08badea3defe10606b4effb5"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 748
x-amz-cf-id: 6f8gHrJkH_RfpbiD7S1p_iRyEoStNZ_rWofLyEQtztCzT7KVupCkMA==
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 18.36b7fc3b1622570ce2a2.js
js.huggy.chat/ 0
88 KB 66ms
65ms Other
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/18.36b7fc3b1622570ce2a2.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "a6289f22e3fad99075fdd7aa3dc49e65"
accept-ranges: bytes
access-control-allow-origin: *
x-amz-cf-id: PEboldIuCVYrHGuzGvHmml3lSghInee5_htnMHNMFbOnX7QVWQK8gg==
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.ico
paciente.gliconline.com.br/ 384 B
602 B 69ms
67ms Other
image/vnd.microsoft.icon 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca8c711fcbe71d3c89f4f56494076a084ff34f336ef4dbb6d35a07c0fae2e591

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 2a8bad77d72ce64c05266ba9f88b8a28
content-encoding: gzip
cf-cache-status: MISS
expect-ct: max-age=86400, enforce
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:06:51 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-51634221"
x-cache: BYPASS
date: Thu, 31 Oct 2024 12:01:51 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 29 Oct 2024 18:18:52 GMT
vary: Origin, Accept-Encoding
access-control-allow-headers: Authorization, Content-Type
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631139040; includeSubdomains; preload, max-age=63072000; includeSubDomains; preload
content-security-policy: default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src *; font-src * data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: *; style-src * 'unsafe-inline'; worker-src 'self'
cache-control: max-age=300, no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
x-download-options: noopen
cf-ray: 8db37e2a4d55a286-YUL
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 / Show response
widget.huggy.app/chat/ping/ 336 B
857 B 197ms
196ms XHR
text/html 2606:4700:20::ac43:450a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.huggy.app/chat/ping/

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:450a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b433d5aa92e852bd14035b2bafd652c1728609f0385b85ab51ef26b64b7df6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZk2OVg0vxsU404v4iC1akKygpD5Ra2TKY5aF6VqTXdre90sFU7lT6Ia9uHwLKzhxX7D0URdcjIgTPmoXib7GAXxx2o6SRT3hc%2F5m45li2dtylJgsdomEtUgFkubLerzWvWK2EmYMJIUAjjJhs8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=16623&sent=15&recv=17&lost=0&retrans=0&sent_bytes=7289&recv_bytes=2755&delivery_rate=246219&cwnd=257&unsent_bytes=0&cid=96de01167f2c21b4&ts=421&x=0"
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-pz-route
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
cf-ray: 8db37e2c0c15a2d6-YUL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ 2 KB
834 B 410ms
35ms Stylesheet
text/css 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5459e3ba1515ca0428f82ab8c8589e3acfb53e96b60a84848ccb3640cc761999

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: max-age=604800
content-encoding: gzip
etag: W/"3968290f38ff61625fc1eb63b7fcf2f7"
expires: Thu, 07 Nov 2024 12:01:52 GMT
access-control-allow-origin: *
content-length: 518
x-amz-cf-id: 2nK-YwmLb6mkLyLnpnoA1J6mRKJ6097eBE9G3jbQTXMXEAEmQttlCw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 13:29:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
widget.huggy.app/chat/list/ 87 B
693 B 80ms
78ms XHR
text/html 2606:4700:20::ac43:450a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.huggy.app/chat/list/

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:450a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd24e3e3d8e839c45839329818e9b8db0251ef6098bf8867708b76253b1c4053

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKhs2w2T0U1kVCZlXUBdgBGPkT5Qym0J1vrSN7yYifSGQJzaOHAXGjew7SxO3Kox7J10E9fwjeI6ilNF9uoxq1Ev34oNz9qVSp4JZw3DE6hSI2gopA4aWRnuSXSSek7Kpih2yrB%2Fv6sjBRVRO%2BM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=16552&sent=19&recv=20&lost=0&retrans=0&sent_bytes=8212&recv_bytes=3019&delivery_rate=246219&cwnd=257&unsent_bytes=0&cid=96de01167f2c21b4&ts=520&x=0"
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-pz-route
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
cf-ray: 8db37e2d5e14a2d6-YUL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 12.abba7e55d495a2ad22ce.js Show response
js.huggy.chat/ 9 KB
5 KB 34ms
33ms Script
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/12.abba7e55d495a2ad22ce.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f0fc36ec143fba605ddcf53cd3239220b8fac3b64225633fc5e4054793adb818

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "43aa366b3db1e892fba3df1368cae015"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4441
x-amz-cf-id: pSyoiBW3m84vsG6BJvaarn2Goz3YSVgG-Vopcu8CZM9bFPlLd7uGfA==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ Frame 622A 7 KB
942 B 48ms
47ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea13d99df3dae795be635bdb9dcfa4d4d00762bfcc81faec77e239a9f792fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:01:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 10:59:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ Frame 622A 2 KB
0 365ms
365ms Stylesheet
text/css 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5459e3ba1515ca0428f82ab8c8589e3acfb53e96b60a84848ccb3640cc761999

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: max-age=604800
content-encoding: gzip
etag: W/"3968290f38ff61625fc1eb63b7fcf2f7"
expires: Thu, 07 Nov 2024 12:01:52 GMT
access-control-allow-origin: *
content-length: 518
x-amz-cf-id: 2nK-YwmLb6mkLyLnpnoA1J6mRKJ6097eBE9G3jbQTXMXEAEmQttlCw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 13:29:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ Frame C50D 7 KB
0 41ms
41ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea13d99df3dae795be635bdb9dcfa4d4d00762bfcc81faec77e239a9f792fc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:01:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 10:59:07 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ Frame C50D 2 KB
0 358ms
358ms Stylesheet
text/css 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5459e3ba1515ca0428f82ab8c8589e3acfb53e96b60a84848ccb3640cc761999

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: max-age=604800
content-encoding: gzip
etag: W/"3968290f38ff61625fc1eb63b7fcf2f7"
expires: Thu, 07 Nov 2024 12:01:52 GMT
access-control-allow-origin: *
content-length: 518
x-amz-cf-id: 2nK-YwmLb6mkLyLnpnoA1J6mRKJ6097eBE9G3jbQTXMXEAEmQttlCw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 13:29:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 7 KB
0 39ms
39ms Stylesheet
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea13d99df3dae795be635bdb9dcfa4d4d00762bfcc81faec77e239a9f792fc15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:01:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 10:59:07 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ 2 KB
0 356ms
356ms Stylesheet
text/css 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5459e3ba1515ca0428f82ab8c8589e3acfb53e96b60a84848ccb3640cc761999

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: max-age=604800
content-encoding: gzip
etag: W/"3968290f38ff61625fc1eb63b7fcf2f7"
expires: Thu, 07 Nov 2024 12:01:52 GMT
access-control-allow-origin: *
content-length: 518
x-amz-cf-id: 2nK-YwmLb6mkLyLnpnoA1J6mRKJ6097eBE9G3jbQTXMXEAEmQttlCw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 13:29:13 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C1
x-amz-server-side-encryption: AES256

GET
H2 200 16.c452e903ff2054239a46.js Show response
js.huggy.chat/ 616 B
908 B 45ms
45ms Script
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/16.c452e903ff2054239a46.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0bfc3616a4aeb91d9012bdfd4bcd4338aba20f75ba8a212a353066ff315c6917

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
cache-control: public, max-age=604800
etag: "dc13f0a56524bf162cbbbeba709d3814"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 616
x-amz-cf-id: gWXFEc1IseRzRpLhSc6CDGXnYpI91M99AShcMfzmI5z8RCuGy175fw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 0.502d7d5dbd661d19795a.js Show response
js.huggy.chat/ 3 KB
1 KB 32ms
31ms Script
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/0.502d7d5dbd661d19795a.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 99e3c3a3d8e72b4565aa66483b70589ba4693c673aa0ff3176fae066efa6aeaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "b138e7bcf224885d00dbd2d686596b73"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1221
x-amz-cf-id: LSRBpydr6jMnISJyl8ckl2Dd_bC618QBhuHdCMhPvKMDfrZlVOrJ7g==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 101ms
31ms Script
text/javascript 2607:f8b0:4004:c19::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js.huggy.chat
URL: https://js.huggy.chat/0.502d7d5dbd661d19795a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 5216
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 10:34:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ Frame 622A 35 KB
35 KB 32ms
32ms Font
font/woff2 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://paciente.gliconline.com.br
Referer: https://fonts.googleapis.com/

Response headers

age: 309228
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 27 Oct 2025 22:08:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 22:08:04 GMT
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35448
x-xss-protection: 0
server: sffe

GET
H2 200 2.08ba3a33e0552ebf9b05.js Show response
js.huggy.chat/ 7 KB
2 KB 47ms
47ms Script
application/javascript 23.218.216.142
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/2.08ba3a33e0552ebf9b05.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=7.4.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.142 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4d7e6cd9818d1fe039704eaaf5545f0d62292187827b6e77dec3e170d1ab3d91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-encoding: gzip
etag: "5e6f783203f3877b602f37a2b55399f1"
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2093
x-amz-cf-id: 67UpJiv1vpOqcCYjYGUFDayAc-kVOe009ORcBozkFHYx_QfnGcnxbw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 17:53:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256

GET
H2 200 macke.woff2
webfonts.huggy.cloud/macke/ Frame 622A 5 KB
5 KB 114ms
49ms Font
font/woff2 23.218.216.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.woff2?da5f8de03f9e4823b9607bb27fc2dfbf
Requested by: Host: webfonts.huggy.cloud
URL: https://webfonts.huggy.cloud/macke/macke.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.216.151 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-216-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fae30016b40ca4bc9b85fa8697a2a68cfc58c8ff60d2a640c2219306e5131fc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://paciente.gliconline.com.br
Referer: https://webfonts.huggy.cloud/macke/macke.css

Response headers

content-encoding: gzip
etag: "ba21bad2d0553665b70a003d8d09dc00"
expires: Thu, 07 Nov 2024 12:01:52 GMT
x-amz-cf-id: VgX2ftlzJ0AiEaMUivdiemy7jOfYEEOheFCmhjmLMQbWT7xiXcDFQw==
date: Thu, 31 Oct 2024 12:01:52 GMT
content-type: font/woff2
vary: Accept-Encoding
last-modified: Mon, 12 Jun 2023 13:29:13 GMT
access-control-allow-headers: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5299
x-amz-cf-pop: IAD79-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 rb_bf11945ejl Show response
paciente.gliconline.com.br/ 119 B
360 B 115ms
113ms Fetch
text/plain 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/rb_bf11945ejl?type=js3&sn=v_4_srv_1_sn_D0D7E04BABF28A444A548613AA354E9B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=1&flavor=post&vi=JBKINVPRPPCKIKCFKUFUSGCUSEQLKNUV-0&modifiedSince=1729564248273&rf=https%3A%2F%2Fpaciente.gliconline.com.br%2Fusuarios%2Fsign_in&bp=3&app=ea7c4b59f27d43eb&crc=2562539853&en=ycz2g61p&end=1

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 8eb3a31d59aa9768df9113f9d8df71f2
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 12:01:53 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e32cc40a286-YUL
amp-access-control-allow-source-origin: https://paciente.gliconline.com.br
access-control-allow-origin: https://paciente.gliconline.com.br
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 icon Show response
fonts.googleapis.com/ 569 B
367 B 152ms
151ms XHR
text/css 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 12:01:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 12:01:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 12:01:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 200 rb_bf11945ejl Show response
paciente.gliconline.com.br/ 119 B
262 B 54ms
52ms Fetch
text/plain 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 5479f6c43663c96fc0592f3b87fb38cf
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 12:01:53 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e34de62a286-YUL
amp-access-control-allow-source-origin: https://paciente.gliconline.com.br
access-control-allow-origin: https://paciente.gliconline.com.br
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 rb_bf11945ejl Show response
paciente.gliconline.com.br/ 119 B
250 B 84ms
79ms Fetch
text/plain 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/rb_bf11945ejl?type=js3&sn=v_4_srv_1_sn_D0D7E04BABF28A444A548613AA354E9B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=1&flavor=post&vi=JBKINVPRPPCKIKCFKUFUSGCUSEQLKNUV-0&contentType=srBm&modifiedSince=1729564248273&rf=https%3A%2F%2Fpaciente.gliconline.com.br%2Fusuarios%2Fsign_in&bp=3&app=ea7c4b59f27d43eb&v=10301241007103824&crc=983796681&en=ycz2g61p&end=1

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/octet-stream
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 22f288462a116ecceedae8ae91cb3333
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 12:01:54 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e3a3b0ca286-YUL
amp-access-control-allow-source-origin: https://paciente.gliconline.com.br
access-control-allow-origin: https://paciente.gliconline.com.br
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 rb_bf11945ejl Show response
paciente.gliconline.com.br/ 119 B
228 B 51ms
46ms Fetch
text/plain 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paciente.gliconline.com.br/rb_bf11945ejl?type=js3&sn=v_4_srv_1_sn_D0D7E04BABF28A444A548613AA354E9B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=1&flavor=post&vi=JBKINVPRPPCKIKCFKUFUSGCUSEQLKNUV-0&contentType=srTe&modifiedSince=1729564248273&rf=https%3A%2F%2Fpaciente.gliconline.com.br%2Fusuarios%2Fsign_in&bp=3&app=ea7c4b59f27d43eb&v=10301241007103824&crc=842673966&en=ycz2g61p&end=1

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 964b85c54db49a1a268a3502ef013fe8
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 12:01:54 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e3abb8ba286-YUL
amp-access-control-allow-source-origin: https://paciente.gliconline.com.br
access-control-allow-origin: https://paciente.gliconline.com.br
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 rb_bf11945ejl Show response
paciente.gliconline.com.br/ 119 B
258 B 52ms
51ms Fetch
text/plain 2606:4700:4400::ac40:91ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_ICA7NQVfqrux_10301241007103824.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://paciente.gliconline.com.br/usuarios/sign_in

Response headers

x-request-id: 5f291f3d06156f98a68a66a01e64b86f
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
date: Thu, 31 Oct 2024 12:01:55 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8db37e4188c1a286-YUL
amp-access-control-allow-source-origin: https://paciente.gliconline.com.br
access-control-allow-origin: https://paciente.gliconline.com.br
x-xss-protection: 1; mode=block
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paciente.gliconline.com.br
URL: https://paciente.gliconline.com.br/ruxitagentjs_D_10301241007103824.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paciente.gliconline.com.br/	1969-12-31 23:59:59	Name: _glico-web_session Value: 84359fba99509ad3da53a23bd74fe5b7
.gliconline.com.br/	1969-12-31 23:59:59	Name: dtCookieycz2g61p Value: v_4_srv_1_sn_D0D7E04BABF28A444A548613AA354E9B_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0
.gliconline.com.br/	1970-01-21 00:39:37	Name: __cf_bm Value: GgTgVor6rTVujcgdhS3KsTFrPlD4k2bDTfUEKvxhDZ8-1730376110-1.0.1.1-1iE9xXQqk3iOn_gxMgJdnBvgs6_A8XxokqTPIxiiLKGXeCeAbrMmbzkPxACQyovAG2c3SWYh8hEl2l8Iw2JQuQ
.gliconline.com.br/	1969-12-31 23:59:59	Name: rxVisitorycz2g61p Value: 17303761110565NHSOLF6BSBF3HRC65A26QM4NF1MMKM2
.gliconline.com.br/	1969-12-31 23:59:59	Name: dtSaycz2g61p Value: -
.paciente.gliconline.com.br/	1970-01-21 09:25:12	Name: hgyclh-w6004 Value: 3e39287d0117a10a124adc337fd91782
.gliconline.com.br/	1969-12-31 23:59:59	Name: dtPCycz2g61p Value: 1$576111054_322h-vJBKINVPRPPCKIKCFKUFUSGCUSEQLKNUV-0e0
.gliconline.com.br/	1970-01-21 10:15:36	Name: _ga Value: GA1.3.1704559894.1730376112
.gliconline.com.br/	1970-01-21 00:41:02	Name: _gid Value: GA1.3.892077588.1730376112
.gliconline.com.br/	1969-12-31 23:59:59	Name: rxvtycz2g61p Value: 1730377914258\|1730376111057

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://paciente.gliconline.com.br/usuarios/sign_in Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; child-src 'self' www.youtube.com; connect-src ; font-src data:; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.youtube.com; img-src * data:; manifest-src 'self'; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' blob: ; style-src 'unsafe-inline'; worker-src 'self'
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.huggy.chat
paciente.gliconline.com.br
w-cdn.huggy.io
webfonts.huggy.cloud
widget.huggy.app
www.google-analytics.com
www.gstatic.com
paciente.gliconline.com.br
142.250.31.95
172.253.122.94
172.253.62.94
23.218.216.142
23.218.216.151
2606:4700:20::681a:9a2
2606:4700:20::ac43:450a
2606:4700:4400::ac40:91ae
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c19::8a
08afdcb8e4acfb9e1c2882bf6f7cf4131e31645edcb9dda0970372f6f5e0208d
0bfc3616a4aeb91d9012bdfd4bcd4338aba20f75ba8a212a353066ff315c6917
35b541fe5e646994badfa549ed55a25b7156a07976a031f6669c6858bfd27f3b
35d300d85320d6f8ed9343bdc58bedeb870872d1d1ef3efe3e29c5c2f9b7333f
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4566d791455a670ed4f4aca54c58885e97e1350f9e22a0cede0f3e16f08c9852
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4875b7fef879bb55057bed1a88eeaeb16a7c62a51d960030c122d6789f9cc21b
4c90d8f19dfe451a271a61dc98ab9c664a5eb32fbaf49561033bbc6e93722dfa
4d7e6cd9818d1fe039704eaaf5545f0d62292187827b6e77dec3e170d1ab3d91
529f2fdaba29b56cda3d506f95e63def2dff6acf1c637d9605d94c0d93b33398
5459e3ba1515ca0428f82ab8c8589e3acfb53e96b60a84848ccb3640cc761999
65a1fb8569f2a5bc978565b47e34f471a23d1a2a13ef17deedef7d6d8ced6661
65d109fb62c468528ef48253c13988a6a40227f721f3735555252749e312aaf4
7680181ac21f59159f28a0997d9e1fb3d2ff536a40ccc8bac36b468d90631026
7978be585ddc4d478c730d9f6e9eea1864b75f2d5793908cfb2d36ce373d9928
7dbb68c55afccfee1821c94f18fbccaf20bab5472650e382449556c2db8fef53
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
89b0b2537d9122f70f50b49d985ef295180b44a51385b1ab8fc20c2372822568
99e3c3a3d8e72b4565aa66483b70589ba4693c673aa0ff3176fae066efa6aeaf
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
b433d5aa92e852bd14035b2bafd652c1728609f0385b85ab51ef26b64b7df6a7
ca8c711fcbe71d3c89f4f56494076a084ff34f336ef4dbb6d35a07c0fae2e591
dd24e3e3d8e839c45839329818e9b8db0251ef6098bf8867708b76253b1c4053
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea13d99df3dae795be635bdb9dcfa4d4d00762bfcc81faec77e239a9f792fc15
ef17f7acd8d417adc450297c91b6233d598bf8ab595b880ac15dade6b1c30d2b
f0fc36ec143fba605ddcf53cd3239220b8fac3b64225633fc5e4054793adb818
f114e062db8d6e28b27679e95a074ca452faeb799cc6c04b4189fd04f5dcbe9f
f69857043c09b928c1907c9a6f83db61be86c89e81f66fd06dfc72e593f9ff97
fae30016b40ca4bc9b85fa8697a2a68cfc58c8ff60d2a640c2219306e5131fc7

paciente.gliconline.com.br Open in urlscan Pro 2606:4700:4400::ac40:91ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

50 %IPv6

8 Domains

9 Subdomains

10 IPs

1 Countries

757 kBTransfer

1867 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paciente.gliconline.com.br Open in urlscan Pro
2606:4700:4400::ac40:91ae Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

757 kB
Transfer

1867 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions