m.itauparavocesempre.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://velip1674086962.lt.emlnk.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmltZWQubWUlMkZjOWR5OWg=&a=%7C%7C612481966%7C%...
Effective URL:
https://m.itauparavocesempre.com/
Submission: On September 08 via manual (September 8th 2023, 3:43:33 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.itauparavocesempre.com.
TLS certificate: Issued by GTS CA 1P5 on September 5th 2023. Valid for: 3 months.

This is the only time m.itauparavocesempre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.213.189.160 18.213.189.160	14618 (AMAZON-AES) (AMAZON-AES)
8	4.228.206.224 4.228.206.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.78 18.66.112.78	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
7	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	177.126.179.11 177.126.179.11	16397 (EQUINIX B...) (EQUINIX BRASIL)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb22:a614:c899:2a12:8042	16509 (AMAZON-02) (AMAZON-02)
1	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	12

1 18.213.189.160 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-160.compute-1.amazonaws.com

velip1674086962.lt.emlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 4.228.206.224 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

unimed.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.unimed.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-78.fra56.r.cloudfront.net

usrwy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 177.126.179.11 (Brazil)

ASN16397 (EQUINIX BRASIL, BR)
PTR: 11.179.126.177.static.sp2.alog.com.br

www.unimed.coop.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb22:a614:c899:2a12:8042 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

m.itauparavocesempre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	userway.org cdn.userway.org — Cisco Umbrella Rank: 5055 api.userway.org — Cisco Umbrella Rank: 4892	94 KB
8	unimed.me unimed.me api.unimed.me	242 KB
4	itauparavocesempre.com m.itauparavocesempre.com	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	131 KB
1	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 789
1	google.de www.google.de — Cisco Umbrella Rank: 5643	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	241 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2541	250 B
1	unimed.coop.br www.unimed.coop.br	2 KB
1	usrwy.com usrwy.com — Cisco Umbrella Rank: 113055	2 KB
1	emlnk.com 1 redirects velip1674086962.lt.emlnk.com	207 B
33	11

	Domain	Requested by
7	cdn.userway.org	usrwy.com cdn.userway.org
7	unimed.me	unimed.me
4	m.itauparavocesempre.com	unimed.me m.itauparavocesempre.com
2	www.googletagmanager.com	unimed.me www.googletagmanager.com
1	dc.services.visualstudio.com	unimed.me
1	api.unimed.me	unimed.me
1	api.userway.org	cdn.userway.org
1	www.google.de	unimed.me
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.unimed.coop.br	www.googletagmanager.com
1	usrwy.com	unimed.me
1	velip1674086962.lt.emlnk.com	1 redirects
33	13

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.unimed.me Sectigo RSA Organization Validation Secure Server CA	`2023-07-14` - `2024-07-14`	a year	crt.sh
usrwy.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-04`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.unimed.coop.br Sectigo RSA Organization Validation Secure Server CA	`2023-08-10` - `2024-08-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2023-09-02` - `2024-08-27`	a year	crt.sh
itauparavocesempre.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://m.itauparavocesempre.com/
Frame ID: E6C4411A0BDC8808DF873560C167AD3A
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

https://velip1674086962.lt.emlnk.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmltZWQubWUlMkZjOWR5OWg=&a... HTTP 302
https://unimed.me/c9dy9h Page URL
https://m.itauparavocesempre.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

33
Requests

85 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

482 kB
Transfer

1452 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://velip1674086962.lt.emlnk.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmltZWQubWUlMkZjOWR5OWg=&a=%7C%7C612481966%7C%7C&account=velip1674086962.activehosted.com&email=0ZhYVZPVb9Z7pwDfFbxMHvosYdWqmOjVO5k7siCgPLYtFAVUYQ==:NZ6HRs9mAwSUqhlU/BngeijByGnvOZKV&s=e3cd6b6aa6917f0757422320d0ffeff1&i=6A26A8A25&sig=2p9FkXUT1tJDbuWUJno3CbYePMkmKYJLT2GsDM4EMy6g&iat=1694180073 HTTP 302
https://unimed.me/c9dy9h Page URL
https://m.itauparavocesempre.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://velip1674086962.lt.emlnk.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmltZWQubWUlMkZjOWR5OWg=&a=%7C%7C612481966%7C%7C&account=velip1674086962.activehosted.com&email=0ZhYVZPVb9Z7pwDfFbxMHvosYdWqmOjVO5k7siCgPLYtFAVUYQ==:NZ6HRs9mAwSUqhlU/BngeijByGnvOZKV&s=e3cd6b6aa6917f0757422320d0ffeff1&i=6A26A8A25&sig=2p9FkXUT1tJDbuWUJno3CbYePMkmKYJLT2GsDM4EMy6g&iat=1694180073 HTTP 302
https://unimed.me/c9dy9h

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

c9dy9h Show response
unimed.me/
Redirect Chain

https://velip1674086962.lt.emlnk.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmltZWQubWUlMkZjOWR5OWg=&a=%7C%7C612481966%7C%7C&account=velip1674086962.activehosted.com&email=0ZhYVZPVb9Z7pw...
https://unimed.me/c9dy9h

49 KB
8 KB

854ms
263ms

Document
text/html

4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c38a06eb5d2fd74757510700df2c0efc0b0ac1580a0fc779c60565b2caa2cdef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: none
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Sep 2023 15:43:22 GMT
ETag: "c518-3PDbN7HKdBhsuzAywORaXSNJc8c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
request-context: appId=cid-v1:

Redirect headers

content-length: 0
content-type: application/json
date: Fri, 08 Sep 2023 15:43:21 GMT
location: https://unimed.me/c9dy9h
x-amz-apigw-id: K8ccFHWiIAMEePA=
x-amzn-requestid: 7bbd512f-58ef-4b17-b91e-9fb65b043ff5
x-amzn-trace-id: Root=1-64fb4119-3ed8e0af47470a492ce36622;Sampled=0;lineage=12ce62b2:0

GET
H2 200 widget.js Show response
usrwy.com/ 2 KB
2 KB 154ms
39ms Script
application/javascript 18.66.112.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usrwy.com/widget.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-78.fra56.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: c2bdaf76201828bd0f57f2728197751d867d0ad8ce5ae77f9ff13a812982bfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:39:53 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront), 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1, FRA56-P5
age: 337
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 2754
x-accel-date: 1694153581
x-77-nzt: AZySIYgU6Fj/wgoAAA
last-modified: Wed, 06 Sep 2023 21:56:28 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d2ed9a4682fc6fa6488934216
etag: W/"e3e761ca178072c5dd657e9f5fb35998"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: fNvbRGPP1TGdh-Fcfv048Q3Wc6QGPwP-YgFYF7zBf73j_YO9EDfErg==

GET
H/1.1 200
OK 7fc0d28.js Show response
unimed.me/_nuxt/ 2 KB
2 KB 257ms
256ms Script
application/javascript 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/7fc0d28.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 28c600afb54efc6d7b1d2bcfe185f994ff01abbe9cd5357d14689b66c6d9362d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/c9dy9h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:17:00 GMT
ETag: W/"99b-189e1f42060"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H/1.1 200
OK 67a34f4.js Show response
unimed.me/_nuxt/ 236 KB
82 KB 500ms
499ms Script
application/javascript 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/67a34f4.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9f408b2178acb72df4b593d0c5abcb2b6ccec8939bb146a6adffc0c00249fae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/c9dy9h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:16:59 GMT
ETag: W/"3b0a7-189e1f41c78"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H/1.1 200
OK 007f01d.js Show response
unimed.me/_nuxt/ 280 KB
87 KB 964ms
512ms Script
application/javascript 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/007f01d.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 03a0b336467615e95a74a4b560ae9bb90b9d354e0adf5c2079aeb544c35dd115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/c9dy9h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:17:00 GMT
ETag: W/"45ebe-189e1f42060"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H/1.1 200
OK d7a6812.js Show response
unimed.me/_nuxt/ 113 KB
31 KB 973ms
522ms Script
application/javascript 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/d7a6812.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 13e8acaa35bfa67428a5c48522e7e30a2471cb854d13ead39d32e9f50cb1d06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/c9dy9h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:16:59 GMT
ETag: W/"1c2d9-189e1f41c78"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H/1.1 200
OK ab8b6db.js Show response
unimed.me/_nuxt/ 8 KB
4 KB 720ms
268ms Script
application/javascript 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/ab8b6db.js
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f934c797029f58ef4f8757aa026ab74a4ef5b7dfc305b0a2b34acc6b2ee81cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/c9dy9h
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:16:59 GMT
ETag: W/"1e74-189e1f41c78"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
46 KB 141ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6Z5CRZ

Requested by

Host: unimed.me
URL: https://unimed.me/c9dy9h

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

620bc1862d3e93b0d106810c9f959f83e719ec7c3d9382a8f91ab05c80c02848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:43:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46274
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Sep 2023 15:43:22 GMT

GET
H/1.1 200
OK unimedsans-regular-webfont.14c4094.ttf
unimed.me/_nuxt/fonts/ 49 KB
27 KB 446ms
237ms Font
font/ttf 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://unimed.me/_nuxt/fonts/unimedsans-regular-webfont.14c4094.ttf
Requested by: Host: unimed.me
URL: https://unimed.me/c9dy9h
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fedd98648be5e92f4820495b040f0825fb80ee368a94d609257f940226e555e1

Request headers

Referer: https://unimed.me/c9dy9h
Origin: https://unimed.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2023 00:16:59 GMT
ETag: W/"c268-189e1f41c78"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/ttf
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
request-context: appId=cid-v1:

GET
H2 200 widget_app_base_1694037133536.js Show response
cdn.userway.org/widgetapp/2023-09-06/ 135 KB
40 KB 182ms
39ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Requested by: Host: usrwy.com
URL: https://usrwy.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7a90ae61f4ee50c2b980751fd6480af4038e5d28acc50028e6f9ec64e0a3d40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:23 GMT
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 149559
x-accel-date: 1694038244
x-77-nzt: AZySIYtAC7n/N0gCAA
x-accel-expires: @1719958244
last-modified: Wed, 06 Sep 2023 21:56:22 GMT
server: CDN77-Turbo
etag: W/"cf651711301c437082a0b3a76239018b"
x-77-nzt-ray: cf8787277a091ac91b41fb64e87af208
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: tOxmxzOAnyqnIVy_EoUTIOv9C9POHwocb_marKZpJ_hMmsanbKUlrQ==

GET
H/1.1 200 cookieLgpd.js Show response
www.unimed.coop.br/site/o/sites-theme/js/ 5 KB
2 KB 1016ms
232ms Script
application/javascript 177.126.179.11
EQUINIX BRASIL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unimed.coop.br/site/o/sites-theme/js/cookieLgpd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6Z5CRZ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

177.126.179.11 , Brazil, ASN16397 (EQUINIX BRASIL, BR),

Reverse DNS

11.179.126.177.static.sp2.alog.com.br

Software

Resource Hash

752f5eadc701244ea79924208e843f8ab269abbe33b88969298424c07089bdb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 15:43:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 03 Jul 2023 17:33:20 GMT
ETag: "10246225"
ntCoent-Length: 5436
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 1722
X-XSS-Protection: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HPSTHYCSCL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6Z5CRZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69ff6205a3f129153cd3841df1cfff57f1eb3868bcefe84be08298195745ad6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:43:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Sep 2023 15:43:23 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HPSTHYCSCL&gtm=45je3960&_p=1107417886&_gaz=1&cid=106087611.1694187803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694187803&sct=1&seg=0&dl=https%3A%2F%2Funimed.me%2Fc9dy9h&dt=Unimed.Me&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPSTHYCSCL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 15:43:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://unimed.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 152ms
54ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HPSTHYCSCL&cid=106087611.1694187803&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPSTHYCSCL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 15:43:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://unimed.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 165ms
78ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HPSTHYCSCL&cid=106087611.1694187803&gtm=45je3960&aip=1&z=1264939550

Requested by

Host: unimed.me
URL: https://unimed.me/c9dy9h

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 15:43:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 aUdWlgoSZh Show response
api.userway.org/api/tunings/ 702 B
1 KB 601ms
194ms XHR
application/json 2600:1f14:5db:eb22:a614:c899:2a12:8042
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/aUdWlgoSZh
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:a614:c899:2a12:8042 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e2b8561e61b7b4b25e110ea2af79deaf77cf9c33c60d893a82195a6d4b167e8a

Request headers

Referer: https://unimed.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Sep 2023 15:43:23 GMT
etag: W/"2be-OBy4Tn1UAl7UeP4w9A3IhEBzvvw"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrfa3450dce9ca403
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 702
x-service-version: uw-pr

GET
H2 200 pt-BR.json Show response
cdn.userway.org/widgetapp/2023-09-06-21-52-13/locales/ 553 B
948 B 118ms
39ms XHR
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-09-06-21-52-13/locales/pt-BR.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d45503205044258636a684fe0d5dd96b9cb70f4b4f932aa604beaa673ca884d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:23 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 810
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 148600
x-accel-date: 1694039203
x-77-nzt: AZySIYuo7nf/eEQCAA
x-accel-expires: @1719959203
last-modified: Wed, 06 Sep 2023 21:56:22 GMT
server: CDN77-Turbo
etag: W/"7db740c238bd7e03fbe43227ba5f1dc9"
x-77-nzt-ray: cf8787279301e4db1b41fb646d67d138
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: F--t9AR58AXApPio4o7FNTSFYclB81rTKl8QH75RTwioZw3kRvGgKA==

GET
H/1.1 200
OK c9dy9h
api.unimed.me/v1/shortener/url/ 76 B
600 B 979ms
363ms XHR
application/json 4.228.206.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.unimed.me/v1/shortener/url/c9dy9h
Requested by: Host: unimed.me
URL: https://unimed.me/_nuxt/007f01d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.228.206.224 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://unimed.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 08 Sep 2023 15:43:24 GMT
Connection: keep-alive
Content-Length: 76
Content-Type: application/json

GET
H2 200 udf.css
cdn.userway.org/widgetapp/bundles/udf/ 728 B
851 B 39ms
39ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/bundles/udf/udf.css
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2b69ec94d6645bc12a52d0a4d6885afabaf7f40ff99283681d8d25d900e29b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:24 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 263
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 7368916
x-accel-date: 1686818888
x-77-nzt: AZySIYs+DEX/1HBwAA
x-accel-expires: @1712738888
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"ae6f0dd6012e39fbb4ba57061e5c4f18"
x-77-nzt-ray: cf8787277a091ac91c41fb642c589016
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: RORwaooFsTcqnPfeavmULI-7gJTF48KhYaienVSfoRfNCqeIAtiwcA==

GET
H2 200 widget_app_lazy_1694037133536.js Show response
cdn.userway.org/widgetapp/2023-09-06/ 138 KB
37 KB 52ms
51ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_lazy_1694037133536.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1f257999abb77e5b02f02203ed6b84e05515e1a96186f31de6bb718a46341fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:24 GMT
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 83
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 149369
x-accel-date: 1694038435
x-77-nzt: AZySIYv9eB7/eUcCAA
x-accel-expires: @1719958435
last-modified: Wed, 06 Sep 2023 21:56:22 GMT
server: CDN77-Turbo
etag: W/"f826aec24dde336a327217ba77567944"
x-77-nzt-ray: cf8787277a091ac91c41fb648bd59616
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: RoOcgYxcar2NkVgaEL49fCZtGxHJmZViCCFrezNAT3Xujq7QaVFDMQ==

GET
H2 200 mini-widget.js Show response
cdn.userway.org/mini-widget/ 31 KB
11 KB 45ms
45ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/mini-widget/mini-widget.js?ts=1694037133536
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c5c8f5dbe5e20a38d097e3b45b8ada0376f38b19da97c8b620622b6cbf3a892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:24 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 286
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 149154
x-accel-date: 1694038650
x-77-nzt: AZySIYurUKb/okYCAA
x-accel-expires: @1719958650
last-modified: Wed, 06 Sep 2023 21:56:25 GMT
server: CDN77-Turbo
etag: W/"8aa87dbfa7ca6e2e37d31edc147edad2"
x-77-nzt-ray: cf8787277a091ac91c41fb6445b7b51a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: QfskTMZ04oxVnN822dv27GnrQVh_bwGX7UL8laU1XpJ7Q7Dwu5NBnQ==

GET
H2 200 style.css
cdn.userway.org/mini-widget/ 3 KB
2 KB 45ms
44ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/mini-widget/style.css?ts=1694037133536
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_base_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0b572ebe1eb462c921e3024675d3cb5c739cd1f0ed9886e62e253388fd635ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:24 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 286
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 149154
x-accel-date: 1694038650
x-77-nzt: AZySIYtIze7/okYCAA
x-accel-expires: @1719958650
last-modified: Wed, 06 Sep 2023 21:56:25 GMT
server: CDN77-Turbo
etag: W/"4c8023c9f13d056ce6f6f8b9108174aa"
x-77-nzt-ray: cf8787277a091ac91c41fb640246ca1a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ALg4sjEAaJtm_PbRu7d60PdZIzTNzUu5DIpsNII0R8VwV_q_brU__Q==

GET
H2 200 style.css
cdn.userway.org/mini-widget/ 3 KB
2 KB 39ms
39ms Stylesheet
text/css 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/mini-widget/style.css?ts=1694037133536
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-09-06/widget_app_lazy_1694037133536.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0b572ebe1eb462c921e3024675d3cb5c739cd1f0ed9886e62e253388fd635ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unimed.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 08 Sep 2023 15:43:24 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 286
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 149154
x-accel-date: 1694038650
x-77-nzt: AZySIYvyBY7/okYCAA
x-accel-expires: @1719958650
last-modified: Wed, 06 Sep 2023 21:56:25 GMT
server: CDN77-Turbo
etag: W/"4c8023c9f13d056ce6f6f8b9108174aa"
x-77-nzt-ray: cf8787277a091ac91c41fb64cf9abd1d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: text/css
x-amz-cf-id: ALg4sjEAaJtm_PbRu7d60PdZIzTNzUu5DIpsNII0R8VwV_q_brU__Q==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 323ms
44ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://unimed.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 08 Sep 2023 15:43:24 GMT
x-content-type-options: nosniff

POST track
dc.services.visualstudio.com/v2/ 0
0

GET
H2 403 Primary Request / Show response
m.itauparavocesempre.com/ 4 KB
2 KB 153ms
45ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.itauparavocesempre.com/

Requested by

Host: unimed.me
URL: https://unimed.me/_nuxt/ab8b6db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8aaae9ea6161e2ec0792446a2ba2ddf9558f2136732c05fbfad6583a475d866

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://unimed.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=15
cf-ray: 80384e96aeb5693a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 15:43:25 GMT
expires: Fri, 08 Sep 2023 15:43:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grj5FFIQAHeGunYjN14%2BmdDZueZB3XeT2JlRuvazK4WTfrYgYSmNf1shccJqfEGAckEJO34SN1fcPlXjXCrZPq%2F%2FBXKiieguK7XSimcqW%2FDntO5M0Yvihy%2FQSJeh8CMYuyvic3KVTV%2FaUcVNWiABILGdTf8Bw8E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET logo.0e69ead.png
unimed.me/_nuxt/img/ 0
0

GET unimedslab-bold-webfont.c34e25f.ttf
unimed.me/_nuxt/fonts/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET
H2 200 cf.errors.css
m.itauparavocesempre.com/cdn-cgi/styles/ 24 KB
5 KB 41ms
41ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.itauparavocesempre.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: m.itauparavocesempre.com
URL: https://m.itauparavocesempre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.itauparavocesempre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
server: cloudflare
etag: W/"64f73c7d-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 80384e970f17693a-FRA
expires: Fri, 08 Sep 2023 17:43:25 GMT

GET
H2 200 browser-bar.png
m.itauparavocesempre.com/cdn-cgi/images/ 715 B
804 B 42ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.itauparavocesempre.com/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: m.itauparavocesempre.com
URL: https://m.itauparavocesempre.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.itauparavocesempre.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:43:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
server: cloudflare
etag: "64f73c7d-2cb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 80384e974f69693a-FRA
content-length: 715
expires: Fri, 08 Sep 2023 17:43:25 GMT

GET
H2 200 cf-no-screenshot-error.png
m.itauparavocesempre.com/cdn-cgi/images/ 3 KB
3 KB 42ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.itauparavocesempre.com/cdn-cgi/images/cf-no-screenshot-error.png

Requested by

Host: m.itauparavocesempre.com
URL: https://m.itauparavocesempre.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.itauparavocesempre.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:43:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
server: cloudflare
etag: "64f73c7d-c8d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 80384e974f6d693a-FRA
content-length: 3213
expires: Fri, 08 Sep 2023 17:43:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Domain: unimed.me
URL: https://unimed.me/_nuxt/img/logo.0e69ead.png

Domain: unimed.me
URL: https://unimed.me/_nuxt/fonts/unimedslab-bold-webfont.c34e25f.ttf

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HPSTHYCSCL&gtm=45je3960&_p=1107417886&cid=106087611.1694187803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694187803&sct=1&seg=0&dl=https%3A%2F%2Funimed.me%2Fc9dy9h&dt=Unimed.Me&en=scroll&epn.percent_scrolled=90&_et=23

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HPSTHYCSCL&gtm=45je3960&_p=1107417886&cid=106087611.1694187803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1694187803&sct=1&seg=0&dl=https%3A%2F%2Funimed.me%2Fc9dy9h&dt=Unimed.Me&en=user_engagement&_et=2007

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_translation

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.unimed.me/	1970-01-21 00:12:27	Name: _ga Value: GA1.1.106087611.1694187803
unimed.me/	1970-01-20 23:22:03	Name: ai_user Value: I35k+AzfyWIGUiESoFM+y0\|2023-09-08T15:43:24.085Z
unimed.me/	1970-01-20 14:36:29	Name: ai_session Value: qCcDcU+Fat/VyWu03bopa1\|1694187804092\|1694187804092
.unimed.me/	1970-01-21 00:12:27	Name: _ga_HPSTHYCSCL Value: GS1.1.1694187803.1.0.1694187805.58.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m.itauparavocesempre.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.unimed.me
api.userway.org
cdn.userway.org
dc.services.visualstudio.com
m.itauparavocesempre.com
region1.analytics.google.com
stats.g.doubleclick.net
unimed.me
usrwy.com
velip1674086962.lt.emlnk.com
www.google.de
www.googletagmanager.com
www.unimed.coop.br
dc.services.visualstudio.com
region1.analytics.google.com
unimed.me
13.69.106.217
177.126.179.11
18.213.189.160
18.66.112.78
2001:4860:4802:32::36
2600:1f14:5db:eb22:a614:c899:2a12:8042
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:400c:c00::9d
2a02:6ea0:c700::18
2a06:98c1:3120::3
4.228.206.224
03a0b336467615e95a74a4b560ae9bb90b9d354e0adf5c2079aeb544c35dd115
0b572ebe1eb462c921e3024675d3cb5c739cd1f0ed9886e62e253388fd635ff7
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
13e8acaa35bfa67428a5c48522e7e30a2471cb854d13ead39d32e9f50cb1d06a
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
1f257999abb77e5b02f02203ed6b84e05515e1a96186f31de6bb718a46341fc1
28c600afb54efc6d7b1d2bcfe185f994ff01abbe9cd5357d14689b66c6d9362d
2b69ec94d6645bc12a52d0a4d6885afabaf7f40ff99283681d8d25d900e29b14
5c5c8f5dbe5e20a38d097e3b45b8ada0376f38b19da97c8b620622b6cbf3a892
620bc1862d3e93b0d106810c9f959f83e719ec7c3d9382a8f91ab05c80c02848
69ff6205a3f129153cd3841df1cfff57f1eb3868bcefe84be08298195745ad6a
752f5eadc701244ea79924208e843f8ab269abbe33b88969298424c07089bdb3
7a90ae61f4ee50c2b980751fd6480af4038e5d28acc50028e6f9ec64e0a3d40f
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
9f408b2178acb72df4b593d0c5abcb2b6ccec8939bb146a6adffc0c00249fae8
a8aaae9ea6161e2ec0792446a2ba2ddf9558f2136732c05fbfad6583a475d866
c2bdaf76201828bd0f57f2728197751d867d0ad8ce5ae77f9ff13a812982bfc4
c38a06eb5d2fd74757510700df2c0efc0b0ac1580a0fc779c60565b2caa2cdef
d45503205044258636a684fe0d5dd96b9cb70f4b4f932aa604beaa673ca884d3
e2b8561e61b7b4b25e110ea2af79deaf77cf9c33c60d893a82195a6d4b167e8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f934c797029f58ef4f8757aa026ab74a4ef5b7dfc305b0a2b34acc6b2ee81cb7
fedd98648be5e92f4820495b040f0825fb80ee368a94d609257f940226e555e1

m.itauparavocesempre.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

85 %HTTPS

58 %IPv6

11 Domains

13 Subdomains

12 IPs

5 Countries

482 kBTransfer

1452 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.itauparavocesempre.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

85 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

482 kB
Transfer

1452 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions