urlscan.io logo urlscan.io
SecurityTrails logo

identityqa.acesso.io Open in urlscan Pro
35.190.52.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.test.unico.app/
Effective URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%...
Submission: On August 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 48 HTTP transactions. The main IP is 35.190.52.130, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is identityqa.acesso.io.
TLS certificate: Issued by TrustSign BR Certification Authority ... on October 27th 2022. Valid for: a year.
This is the only time identityqa.acesso.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 34.36.143.50 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.238.4.47 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.66.217 54113 (FASTLY)
1 13.225.223.151 16509 (AMAZON-02)
1 13.224.214.90 16509 (AMAZON-02)
2 16 35.190.52.130 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
48 12
15    34.36.143.50 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.143.36.34.bc.googleusercontent.com
admin.test.unico.app
3    2607:f8b0:4006:824::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4006:820::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.238.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-47.phl51.r.cloudfront.net
static.hotjar.com
3    2606:4700:20::ac43:4693 (United States)

ASN13335 (CLOUDFLARENET, US)
static.userguiding.com
metrics.userguiding.com
1    2607:f8b0:4006:80c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net
cdn.segment.com
1    13.224.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-90.phl50.r.cloudfront.net
script.hotjar.com
16    35.190.52.130 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 130.52.190.35.bc.googleusercontent.com
identityqa.acesso.io
1    2607:f8b0:4006:824::2010 (Stony Point, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
16 acesso.io
identityqa.acesso.io
235 KB
15 unico.app
admin.test.unico.app
2 MB
4 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1208
893 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
storage.googleapis.com — Cisco Umbrella Rank: 463
8 KB
3 userguiding.com
static.userguiding.com — Cisco Umbrella Rank: 53469
metrics.userguiding.com — Cisco Umbrella Rank: 67404
512 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 781
script.hotjar.com — Cisco Umbrella Rank: 1126
60 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1579
28 KB
1 gstatic.com
fonts.gstatic.com
12 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
21 KB
0 hotjar.io Failed
content.hotjar.io Failed
48 10
Domain Requested by
16 identityqa.acesso.io 2 redirects admin.test.unico.app
identityqa.acesso.io
15 admin.test.unico.app admin.test.unico.app
4 app.launchdarkly.com admin.test.unico.app
3 fonts.googleapis.com admin.test.unico.app
2 static.userguiding.com admin.test.unico.app
1 storage.googleapis.com identityqa.acesso.io
1 metrics.userguiding.com admin.test.unico.app
1 script.hotjar.com static.hotjar.com
1 cdn.segment.com admin.test.unico.app
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com admin.test.unico.app
1 www.google-analytics.com admin.test.unico.app
0 content.hotjar.io Failed admin.test.unico.app
48 13

This site contains links to these domains. Also see Links.

Domain
ajuda.unico.io
Subject Issuer Validity Valid
admin.test.unico.app
GTS CA 1D4		 2023-08-14 -
2023-11-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.acesso.io
TrustSign BR Certification Authority (DV) 2		 2022-10-27 -
2023-10-27		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Frame ID: 6EC2514EA5FD4093A7C82037CA7C36E8
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://admin.test.unico.app/ Page URL
  2. https://identityqa.acesso.io/oauth2/authorize?scope=*&redirect_uri=https://admin.test.unico.app/preauthor... HTTP 302
    https://identityqa.acesso.io/signin HTTP 302
    https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

94 %
HTTPS

45 %
IPv6

10
Domains

13
Subdomains

12
IPs

1
Countries

2792 kB
Transfer

5049 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.test.unico.app/ Page URL
  2. https://identityqa.acesso.io/oauth2/authorize?scope=*&redirect_uri=https://admin.test.unico.app/preauthorize&response_type=code&client_id=8aead3e6-b295-4f77-b314-86b975ee3ae2 HTTP 302
    https://identityqa.acesso.io/signin HTTP 302
    https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
admin.test.unico.app/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy nginx /
Resource Hash
11b9375ec403f16b3f7a9bb036c41dfb3c770de6e2472b16cf2cb98dd3ea70b1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com; img-src 'self' https: https://www.google-analytics.com *.acesso.io *.acessorh.com.br *.acesso.dev *.doubleclick.net data:; script-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *.acesso.io *.acessorh.com.br *.acesso.dev https://fonts.googleapis.com; font-src https://fonts.gstatic.com; frame-src https://acesso-sign-test.appspot.com https://api-dot-acesso-sign-test.appspot.com https: *.acesso.io
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Acesso-Csrf-Token
acesso-request-id
d6291264-c08a-498c-a38b-10d6b1306295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public no-store no-cache
content-length
3501
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com; img-src 'self' https: https://www.google-analytics.com *.acesso.io *.acessorh.com.br *.acesso.dev *.doubleclick.net data:; script-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *.acesso.io *.acessorh.com.br *.acesso.dev https://fonts.googleapis.com; font-src https://fonts.gstatic.com; frame-src https://acesso-sign-test.appspot.com https://api-dot-acesso-sign-test.appspot.com https: *.acesso.io
content-type
text/html
date
Mon, 14 Aug 2023 15:34:02 GMT
etag
"64cbc177-dad"
last-modified
Thu, 03 Aug 2023 15:02:15 GMT
server
Caddy nginx
strict-transport-security
max-age=15768000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1;
userguiding.js
admin.test.unico.app/assets/js/ 		713 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/assets/js/userguiding.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
ae6e82520fa9e7e740fc1f023f80381aaf9d0bc214596618dc6b5e7a0e3c9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:26 GMT
server
Caddy, nginx
acesso-request-id
246bf7d3-f51d-4617-bdb7-392754112419
etag
"64cbc182-2c9"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		2 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@700&display=swap
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 15:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 15:34:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 15:34:02 GMT
css2
fonts.googleapis.com/ 		872 B
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible&display=swap
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 15:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 15:13:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 15:34:02 GMT
css2
fonts.googleapis.com/ 		2 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@500&display=swap
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Aug 2023 15:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 13:51:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Aug 2023 15:34:02 GMT
env5.17c5f0e8b6d0371cfc24.js
admin.test.unico.app/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/assets/js/env5.17c5f0e8b6d0371cfc24.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
b5db145710f50da42cac21fe61cbd96fe1f988420a2aed3f2defdbe0377de7f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Aug 2023 15:21:48 GMT
server
Caddy, nginx
acesso-request-id
575348c5-103a-4747-8175-2db760b9c242
etag
"64da468c-54e"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1358
x-xss-protection
1; mode=block
runtime-es2015.a0d9c000b05da5fae5e4.js
admin.test.unico.app/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
6f43ac8044fada91655517519b2bc6929f59e3a650e4fc13a21f2654110b04cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.test.unico.app/
Origin
https://admin.test.unico.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:02 GMT
x-content-type-options
nosniff
via
1.1 google
acesso-request-id
2431fcf2-66c9-4ca4-8711-70dd8963072c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5521
x-xss-protection
1; mode=block
last-modified
Thu, 03 Aug 2023 15:02:16 GMT
server
Caddy, nginx
etag
"64cbc178-1591"
vary
Origin
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://admin.test.unico.app
access-control-expose-headers
Acesso-Csrf-Token
access-control-allow-credentials
true
accept-ranges
bytes
polyfills-es2015.dde943c5b0d5af6085f4.js
admin.test.unico.app/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/polyfills-es2015.dde943c5b0d5af6085f4.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.test.unico.app/
Origin
https://admin.test.unico.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:02 GMT
x-content-type-options
nosniff
via
1.1 google
acesso-request-id
3a61b1ff-787b-4656-808a-190462fc0d4f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46156
x-xss-protection
1; mode=block
last-modified
Thu, 03 Aug 2023 15:02:16 GMT
server
Caddy, nginx
etag
"64cbc178-b44c"
vary
Origin
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://admin.test.unico.app
access-control-expose-headers
Acesso-Csrf-Token
access-control-allow-credentials
true
accept-ranges
bytes
main-es2015.1910ce6227606893c059.js
admin.test.unico.app/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/main-es2015.1910ce6227606893c059.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://admin.test.unico.app/
Origin
https://admin.test.unico.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:02 GMT
x-content-type-options
nosniff
via
1.1 google
acesso-request-id
70cefb52-a064-42f3-a374-ef14e98d1791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372894
x-xss-protection
1; mode=block
last-modified
Thu, 03 Aug 2023 15:02:15 GMT
server
Caddy, nginx
etag
"64cbc177-14f2de"
vary
Origin
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
https://admin.test.unico.app
access-control-expose-headers
Acesso-Csrf-Token
access-control-allow-credentials
true
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 14:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3187
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 14 Aug 2023 16:40:55 GMT
hotjar-3031290.js
static.hotjar.com/c/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3031290.js?sv=6
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/87c1fd35b08c791b4ca1bebe3aa3512d
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
NqWpSf-mBney5-afVjxHxxrP82KGCFKGzcSodlU7-MSMyT3Ic7KpHg==
user-guiding-072917598ID-embedded.js
static.userguiding.com/media/ 		2 MB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/user-guiding-072917598ID-embedded.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/assets/js/userguiding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:34:02 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Sat, 12 Aug 2023 10:40:17 GMT
server
cloudflare
etag
W/"199c59-189e95521ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWfmexneHFQvmap%2Fak6l4JWBhqal5Xq3k0ouXQ%2BlgyV8kBTtxPsUDQsZ5ZzHHRANOBYZRMnSJTwyfP8gkzrsexAJKLMtYDwtkWvnECAn6Rygwvfpz4J5LTLP2W9tdjFfPFcMNa3UCfDoBdxxjFxzWw6rbAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1692027242638
cache-control
public, max-age=1800
cf-ray
7f6a427a6d8b4bc7-BUF
styles.784af4fae00dfb95524a.css
admin.test.unico.app/ 		0
0
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v40/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v40/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.test.unico.app
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 17:41:21 GMT
x-content-type-options
nosniff
age
510761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11924
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:17:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 17:41:21 GMT
63b870113b5a4212abb0f0fa
app.launchdarkly.com/sdk/goals/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/63b870113b5a4212abb0f0fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://admin.test.unico.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 14 Aug 2023 15:34:03 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4571-YYZ
x-timer
S1692027243.256499,VS0,VE22
63b870113b5a4212abb0f0fa
app.launchdarkly.com/sdk/goals/ 		2 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/63b870113b5a4212abb0f0fa
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/polyfills-es2015.dde943c5b0d5af6085f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://admin.test.unico.app/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Mon, 14 Aug 2023 15:34:03 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
MISS
content-length
26
x-served-by
cache-yyz4571-YYZ
x-timer
S1692027243.314762,VS0,VE122
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBOYW1lIjoiZGFzaGJvYXJkIn0sImtleSI6ImZmMWVkMTYwLTNhYjctMTFlZS1iYjFlLTNiMWJjOTM4NGM2NyJ9
app.launchdarkly.com/sdk/evalx/63b870113b5a4212abb0f0fa/contexts/ 		2 KB
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/63b870113b5a4212abb0f0fa/contexts/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBOYW1lIjoiZGFzaGJvYXJkIn0sImtleSI6ImZmMWVkMTYwLTNhYjctMTFlZS1iYjFlLTNiMWJjOTM4NGM2NyJ9
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/polyfills-es2015.dde943c5b0d5af6085f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://admin.test.unico.app/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:34:03 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
353
x-served-by
cache-yyz4531-YYZ, cache-yyz4571-YYZ
x-timer
S1692027243.360391,VS0,VE176
etag
"1569dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBOYW1lIjoiZGFzaGJvYXJkIn0sImtleSI6ImZmMWVkMTYwLTNhYjctMTFlZS1iYjFlLTNiMWJjOTM4NGM2NyJ9
app.launchdarkly.com/sdk/evalx/63b870113b5a4212abb0f0fa/contexts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/63b870113b5a4212abb0f0fa/contexts/eyJhbm9ueW1vdXMiOnRydWUsImN1c3RvbSI6eyJhcHBOYW1lIjoiZGFzaGJvYXJkIn0sImtleSI6ImZmMWVkMTYwLTNhYjctMTFlZS1iYjFlLTNiMWJjOTM4NGM2NyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://admin.test.unico.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 14 Aug 2023 15:34:03 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4571-YYZ
x-timer
S1692027243.256482,VS0,VE83
sdk-072917598ID.json
static.userguiding.com/media/ 		845 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/sdk-072917598ID.json
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/polyfills-es2015.dde943c5b0d5af6085f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.test.unico.app/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:34:03 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Mon, 14 Aug 2023 14:02:30 GMT
server
cloudflare
etag
W/"d35ea-189f45afaa3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFRbrVmc8HwIsEMaPImtdC%2BPHMPYD1IzUlW5VoNmsJMxxZHmBn3fzlyL59iqDYb70xB%2BCxYSsL5Ubuae8zk9rkraNgqXkT6tgOJaCz3OKLv5TP6%2FMJFA6BVc7%2BGzQBOK2FdgVn0AiiNgSIVhidZL6LnFkCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1692027243134
cache-control
public, max-age=0
cf-ray
7f6a427d79ea4bc9-BUF
analytics.min.js
cdn.segment.com/analytics.js/v1/aJSx6ITwDTBcFEq6je022Y0UrC52Khm1/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/aJSx6ITwDTBcFEq6je022Y0UrC52Khm1/analytics.min.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/main-es2015.1910ce6227606893c059.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
GmKH1O4cNsvdkO0uTds6Yqi9ZdO_uIbK
content-encoding
br
via
1.1 d3ab4cd494305c2d222c92f599e3c7c6.cloudfront.net (CloudFront)
date
Mon, 14 Aug 2023 15:34:05 GMT
x-amz-cf-pop
JFK51-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 09 Jun 2023 11:26:39 GMT
server
AmazonS3
etag
W/"b4da1ce061d4bd4ff601430548819552"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
obrMr_FvDOuC_Fo4sNbYDjA0nHL7ZbNJw6d8Zn3-TLV0GQE7TgkY_g==
2177-es2015.2ef13b7d028f367acce0.js
admin.test.unico.app/ 		106 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/2177-es2015.2ef13b7d028f367acce0.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:06 GMT
server
Caddy, nginx
acesso-request-id
cf71dd0e-bd7c-4bd2-85ab-33a816b5100b
etag
"64cbc16e-1a7f2"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108530
x-xss-protection
1; mode=block
9535-es2015.6fd294f95d59c23d95d9.js
admin.test.unico.app/ 		80 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/9535-es2015.6fd294f95d59c23d95d9.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:14 GMT
server
Caddy, nginx
acesso-request-id
a9d989ee-9d44-4667-858c-d946acf3844d
etag
"64cbc176-1404e"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81998
x-xss-protection
1; mode=block
9269-es2015.516057208d98dd6e1e9b.js
admin.test.unico.app/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/9269-es2015.516057208d98dd6e1e9b.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:14 GMT
server
Caddy, nginx
acesso-request-id
e3f4fa94-b17e-4c07-bb4a-75c911517bdc
etag
"64cbc176-4267"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16999
x-xss-protection
1; mode=block
7422-es2015.585f3c53a09bfdbd7736.js
admin.test.unico.app/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/7422-es2015.585f3c53a09bfdbd7736.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:12 GMT
server
Caddy, nginx
acesso-request-id
c602ec67-0d63-438c-b805-62a1813acdd0
etag
"64cbc174-3bb4"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15284
x-xss-protection
1; mode=block
7532-es2015.74b6fba4d688f4cc1bb3.js
admin.test.unico.app/ 		131 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/7532-es2015.74b6fba4d688f4cc1bb3.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:12 GMT
server
Caddy, nginx
acesso-request-id
003a4ecc-2ffa-4714-b782-f4fa2a8534a4
etag
"64cbc174-20c44"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134212
x-xss-protection
1; mode=block
3988-es2015.2bd0e7aafc22434b9ae3.js
admin.test.unico.app/ 		72 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/3988-es2015.2bd0e7aafc22434b9ae3.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:08 GMT
server
Caddy, nginx
acesso-request-id
f202a2d3-9101-4042-97f1-c9e71a43bba9
etag
"64cbc170-1213c"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74044
x-xss-protection
1; mode=block
9887-es2015.9ad2c99b08e913f069fe.js
admin.test.unico.app/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/9887-es2015.9ad2c99b08e913f069fe.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:14 GMT
server
Caddy, nginx
acesso-request-id
6f3042d9-73e4-4ca9-b903-83e36d018fb6
etag
"64cbc176-8da3"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36259
x-xss-protection
1; mode=block
3975-es2015.08841c4c3c322c634afd.js
admin.test.unico.app/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/3975-es2015.08841c4c3c322c634afd.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:08 GMT
server
Caddy, nginx
acesso-request-id
d9893e61-096f-481a-8c8c-d5aed827488a
etag
"64cbc170-4437"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17463
x-xss-protection
1; mode=block
7627-es2015.f769c1315de61c2dd63c.js
admin.test.unico.app/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.test.unico.app/7627-es2015.f769c1315de61c2dd63c.js
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/runtime-es2015.a0d9c000b05da5fae5e4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.143.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.143.36.34.bc.googleusercontent.com
Software
Caddy, nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
date
Mon, 14 Aug 2023 15:34:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Aug 2023 15:02:13 GMT
server
Caddy, nginx
acesso-request-id
c0de86cf-79f0-4bd2-83c3-87a358139434
etag
"64cbc175-ab54"
x-frame-options
DENY
content-type
application/javascript
access-control-expose-headers
Acesso-Csrf-Token
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43860
x-xss-protection
1; mode=block
modules.308cbc5043a6046d8664.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.308cbc5043a6046d8664.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3031290.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://admin.test.unico.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 13:04:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 aa68d5eaf078dffca4154e55039dbb84.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
8998
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55626
last-modified
Mon, 14 Aug 2023 13:03:42 GMT
etag
"d4e78dbdf0d0ca53852434fec94bd7ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
-J9rPK3bWdoMyvL1pdpZJgOt4mMnUA-puAAEh_qnEAI8roQXgawyvg==
29175
metrics.userguiding.com/sdk/ping/ 		16 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.userguiding.com/sdk/ping/29175
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/polyfills-es2015.dde943c5b0d5af6085f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4693 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.test.unico.app/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:34:03 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Cookie
content-type
application/json
access-control-allow-origin
https://admin.test.unico.app
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M2J5r2I5kz%2FxM8w4k9YIQwzP1bIQvzYAGofWxEhk%2BbbQPK9q9Yyf80DQdY0NyyiOlHqkV%2Bf4fHgqJfOrTBgOnxNgrifR9zMdSKc%2FuzfBTE86LcVX3BphhhOxOiSNtfXQwfIavHcC2eZrZBaxJJFNgpxEFGo"}],"group":"cf-nel","max_age":604800}
allow
GET, OPTIONS
access-control-allow-credentials
true
cf-ray
7f6a42821a314bc9-BUF
content-length
16
Primary Request signin
identityqa.acesso.io/
Redirect Chain
  • https://identityqa.acesso.io/oauth2/authorize?scope=*&redirect_uri=https://admin.test.unico.app/preauthorize&response_type=code&client_id=8aead3e6-b295-4f77-b314-86b975ee3ae2
  • https://identityqa.acesso.io/signin
  • https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Requested by
Host: admin.test.unico.app
URL: https://admin.test.unico.app/main-es2015.1910ce6227606893c059.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f8aea0cdddd9695d0bfb3e87d6008f5f9fb77715f5fc9e932a7cd3e551b08270
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://admin.test.unico.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
3875
content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 14 Aug 2023 15:34:04 GMT
expires
0
origin-agent-cluster
?1
server
istio-envoy
strict-transport-security
max-age=15778476000; includeSubDomains
surrogate-control
no-store
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
4
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
274
content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 14 Aug 2023 15:34:04 GMT
expires
0
location
/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
origin-agent-cluster
?1
server
istio-envoy
strict-transport-security
max-age=15778476000; includeSubDomains
surrogate-control
no-store
vary
Accept
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
5
x-xss-protection
0
/
content.hotjar.io/ 		0
0
settings
cdn.segment.com/v1/projects/aJSx6ITwDTBcFEq6je022Y0UrC52Khm1/ 		0
0
atkinson-hyperlegible.css
identityqa.acesso.io/libs/fonts-google/atkinson-hyperlegible/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/fonts-google/atkinson-hyperlegible/atkinson-hyperlegible.css?v=1.0.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
8b80e40e08280fa7c80985d350da3a5232c03df03178d0583f45abe9b1031936
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
3
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1991
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"7c7-189d572d908"
x-download-options
noopen
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
material-icons.min.css
identityqa.acesso.io/libs/material-icons/iconfont/ 		667 B
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/material-icons/iconfont/material-icons.min.css?v=0.2.1
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
67cf798d07a9a785d2b4398a035cc4bfb501c612061ee8f6224a9d82448b6d94
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
3
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
667
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"29b-189d572d908"
x-download-options
noopen
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
font-awesome.min.css
identityqa.acesso.io/libs/font-awesome/css/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/font-awesome/css/font-awesome.min.css?v=4.7.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
2
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31000
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"7918-189d572d908"
x-download-options
noopen
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
styles.css
identityqa.acesso.io/owner/layout/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/owner/layout/styles.css?v=1.6.7
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f9e3a8de9c0f83b75bc909a7073fed92c90ad50d66e08f1425b69b36ee9783fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
1
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6760
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"1a68-189d572d908"
x-download-options
noopen
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
logo-unico.svg
storage.googleapis.com/acesso-institucional-prod-cdn-nam4-bucket/public/Identity_assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/acesso-institucional-prod-cdn-nam4-bucket/public/Identity_assets/logo-unico.svg
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2010 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1319f14dd30ddb34a48349cfc70720e33510918515e4ec26f1b99d48eaecacce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 15:31:39 GMT
age
145
x-guploader-uploadid
ADPycdsIPNTU1ya-e7yT25nRoj3DFxX3dLorGhW8OJhej48oplx9EcHM8R-u2FTxlFU03ednQ2nCMD3BCF00fvUlKWMcDXrRSniQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5983
last-modified
Mon, 31 Oct 2022 19:07:59 GMT
server
UploadServer
etag
"3e60608198f2b2bdc0acf675950c6b7c"
x-goog-generation
1667243279737364
x-goog-hash
crc32c=N0bufA==, md5=PmBggZjysr3ArPZ1lQxrfA==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
5983
accept-ranges
bytes
expires
Mon, 14 Aug 2023 16:31:39 GMT
icon_people.svg
identityqa.acesso.io/owner/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identityqa.acesso.io/owner/images/icon_people.svg?v=1.0.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f75c47549a68d5a8d453e5bfc0d73f3635eafc0d2a2e1a7d5224e42896c40a1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
1
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1036
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"40c-189d572d908"
x-download-options
noopen
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
icon_check.svg
identityqa.acesso.io/owner/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identityqa.acesso.io/owner/images/icon_check.svg?v=1.0.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
1fee635c402168018cb5e963395c7b9aaa781c74c3088d2e9fc13386f305c8ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
1
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1995
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"7cb-189d572d908"
x-download-options
noopen
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
icon_sign.svg
identityqa.acesso.io/owner/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identityqa.acesso.io/owner/images/icon_sign.svg?v=2.0.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3976ff7c39c98b2dff873bc0e9c33297e89e1db10148077b6e885cb770f9b990
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
3
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2259
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"8d3-189d572d908"
x-download-options
noopen
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
jquery.min.js
identityqa.acesso.io/libs/jquery/ 		87 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/jquery/jquery.min.js?v=3.6.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
2
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89501
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"15d9d-189d572d908"
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
main.js
identityqa.acesso.io/owner/main/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/owner/main/main.js?v=1.1.1
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
95480e3e4d8326a5c05f0d1766dc7c56bce56abea9f16eaeda1eee7ca3c8fe9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
3
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10877
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"2a7d-189d572d908"
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
jquery.mask.min.js
identityqa.acesso.io/libs/jquery-mask-plugin/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/jquery-mask-plugin/jquery.mask.min.js?v=1.14.16
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
2
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8327
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"2087-189d572d908"
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
jquery.cpfcnpj.min.js
identityqa.acesso.io/libs/jquery-cpfcnpj/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/jquery-cpfcnpj/jquery.cpfcnpj.min.js?v=v1.1.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
7323ab2f368bfe4170a396c8f0f77792aa624482c7a9eb06b68961a89bee2cc4
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/signin?service=8aead3e6-b295-4f77-b314-86b975ee3ae2&continue=https%3A%2F%2Fadmin.test.unico.app%2Fpreauthorize
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
1
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1982
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"7be-189d572d908"
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
helpdesk.css
identityqa.acesso.io/owner/helpdesk/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/owner/helpdesk/helpdesk.css?v=1.0.2
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/owner/layout/styles.css?v=1.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
f8f460def032dd5238794f97eaa7708fd2d80eb4d0a8594bd641c01ea1ce1851
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://identityqa.acesso.io/owner/layout/styles.css?v=1.6.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
3
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1547
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"60b-189d572d908"
x-download-options
noopen
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes
fontawesome-webfont.woff2
identityqa.acesso.io/libs/font-awesome/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://identityqa.acesso.io/libs/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: identityqa.acesso.io
URL: https://identityqa.acesso.io/libs/font-awesome/css/font-awesome.min.css?v=4.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.130 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.52.190.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
Strict-Transport-Security max-age=15778476000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://identityqa.acesso.io/libs/font-awesome/css/font-awesome.min.css?v=4.7.0
Origin
https://identityqa.acesso.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src 'self' www.google.com https://storage.googleapis.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com;object-src 'none';img-src * 'self' data: https:;frame-ancestors admin.rh.qa.acesso.dev;upgrade-insecure-requests
strict-transport-security
max-age=15778476000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 14 Aug 2023 15:34:04 GMT
via
1.1 google
x-envoy-upstream-service-time
1
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77160
x-xss-protection
0
last-modified
Tue, 08 Aug 2023 14:00:21 GMT
server
istio-envoy
cross-origin-opener-policy
same-origin
etag
W/"12d68-189d572d908"
x-download-options
noopen
content-type
font/woff2
origin-agent-cluster
?1
cache-control
public, max-age=86400
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
admin.test.unico.app
URL
https://admin.test.unico.app/styles.784af4fae00dfb95524a.css
Domain
content.hotjar.io
URL
https://content.hotjar.io/?gzip=1
Domain
cdn.segment.com
URL
https://cdn.segment.com/v1/projects/aJSx6ITwDTBcFEq6je022Y0UrC52Khm1/settings

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| validateEmail function| isAndroid function| isChrome function| isIOS function| isSafari object| navigatorInfo string| Name string| Version function| browserSuport function| passwordStrength object| $jscomp

8 Cookies

Domain/Path Name / Value
.unico.app/ Name: _ga
Value: GA1.2.500655237.1692027243
.unico.app/ Name: _gid
Value: GA1.2.356843231.1692027243
.unico.app/ Name: _hjSessionUser_3031290
Value: eyJpZCI6IjE1MmI2NTcwLTVjYjMtNWQ5MC1iNWJiLTJmMTExZmQyYzQ1MyIsImNyZWF0ZWQiOjE2OTIwMjcyNDQyMzUsImV4aXN0aW5nIjpmYWxzZX0=
.unico.app/ Name: _hjFirstSeen
Value: 1
.unico.app/ Name: _hjIncludedInSessionSample_3031290
Value: 1
.unico.app/ Name: _hjSession_3031290
Value: eyJpZCI6IjFmMmUzMDk1LTNkMTAtNDg0Yi05ZTkxLTI0OTQ3Mjk2MjBkMCIsImNyZWF0ZWQiOjE2OTIwMjcyNDQyNTYsImluU2FtcGxlIjp0cnVlfQ==
.unico.app/ Name: _hjAbsoluteSessionInProgress
Value: 0
identityqa.acesso.io/ Name: _session_idp
Value: s%3Ais6QCytCv0wodKYjKEIDybXClxqnJljX.WVRn45t36Eg4LyXqFfMXUPFF7Nxy6jPotu68OqIU4Js

3 Console Messages

Source Level URL
Text
security error URL: https://admin.test.unico.app/(Line 31)
Message:
Refused to load the stylesheet 'https://admin.test.unico.app/styles.784af4fae00dfb95524a.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' *.acesso.io *.acessorh.com.br *.acesso.dev https://fonts.googleapis.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://admin.test.unico.app/main-es2015.1910ce6227606893c059.js
Message:
Refused to create a worker from 'blob:https://admin.test.unico.app/6dadc91e-1d52-43a4-80ff-449fad225bff' because it violates the following Content Security Policy directive: "script-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com 'unsafe-inline' 'unsafe-eval'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://script.hotjar.com/modules.308cbc5043a6046d8664.js(Line 1)
Message:
Refused to connect to 'wss://ws.hotjar.com/api/v2/client/ws' because it violates the following Content Security Policy directive: "connect-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com; img-src 'self' https: https://www.google-analytics.com *.acesso.io *.acessorh.com.br *.acesso.dev *.doubleclick.net data:; script-src 'self' https: *.acesso.io *.acessorh.com.br *.acesso.dev https://google-analytics.com 'unsafe-inline' 'unsafe-eval'; style-src 'unsafe-inline' *.acesso.io *.acessorh.com.br *.acesso.dev https://fonts.googleapis.com; font-src https://fonts.gstatic.com; frame-src https://acesso-sign-test.appspot.com https://api-dot-acesso-sign-test.appspot.com https: *.acesso.io
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.test.unico.app
app.launchdarkly.com
cdn.segment.com
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
identityqa.acesso.io
metrics.userguiding.com
script.hotjar.com
static.hotjar.com
static.userguiding.com
storage.googleapis.com
www.google-analytics.com
admin.test.unico.app
cdn.segment.com
content.hotjar.io
13.224.214.90
13.225.223.151
151.101.66.217
18.238.4.47
2606:4700:20::ac43:4693
2607:f8b0:4006:80c::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:824::200a
2607:f8b0:4006:824::2010
34.36.143.50
35.190.52.130
11b9375ec403f16b3f7a9bb036c41dfb3c770de6e2472b16cf2cb98dd3ea70b1
1319f14dd30ddb34a48349cfc70720e33510918515e4ec26f1b99d48eaecacce
1fee635c402168018cb5e963395c7b9aaa781c74c3088d2e9fc13386f305c8ff
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3976ff7c39c98b2dff873bc0e9c33297e89e1db10148077b6e885cb770f9b990
67cf798d07a9a785d2b4398a035cc4bfb501c612061ee8f6224a9d82448b6d94
6f43ac8044fada91655517519b2bc6929f59e3a650e4fc13a21f2654110b04cd
7323ab2f368bfe4170a396c8f0f77792aa624482c7a9eb06b68961a89bee2cc4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8b80e40e08280fa7c80985d350da3a5232c03df03178d0583f45abe9b1031936
95480e3e4d8326a5c05f0d1766dc7c56bce56abea9f16eaeda1eee7ca3c8fe9a
ae6e82520fa9e7e740fc1f023f80381aaf9d0bc214596618dc6b5e7a0e3c9962
b5db145710f50da42cac21fe61cbd96fe1f988420a2aed3f2defdbe0377de7f9
f75c47549a68d5a8d453e5bfc0d73f3635eafc0d2a2e1a7d5224e42896c40a1f
f8aea0cdddd9695d0bfb3e87d6008f5f9fb77715f5fc9e932a7cd3e551b08270
f8f460def032dd5238794f97eaa7708fd2d80eb4d0a8594bd641c01ea1ce1851
f9e3a8de9c0f83b75bc909a7073fed92c90ad50d66e08f1425b69b36ee9783fd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e