pay.unic.br Open in urlscan Pro
3.222.21.177  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request FVCjumh Show response pay.unic.br/	4 KB 4 KB	471ms 111ms	Document text/html	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 7e567bc7c05116a47eb83ea902314c962d43c7d9038fd8915ec115f88a1d7450 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 07 Feb 2022 19:48:39 GMT content-type text/html; charset=utf-8 server Kestrel x-content-type-options nosniff x-xss-protection 1; mode=block content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; strict-transport-security max-age=2592000
GET H2	200	krotonpay-deps.min.css pay.unic.br/css/	187 KB 188 KB	98ms 98ms	Stylesheet text/css	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/css/krotonpay-deps.min.css?v=qlwAwaQbE2kfhFZv_xTQhuSSENr-e0ZRFMJf86L_tOE Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash aa5c00c1a41b13691f84566fff14d086e49210dafe7b465114c25ff3a2ffb4e1 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 19:59:35 GMT server Kestrel etag "1d80337ed7c8642" strict-transport-security max-age=2592000 content-type text/css content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 191426 x-xss-protection 1; mode=block
GET H2	200	krotonpay.min.css pay.unic.br/css/	6 KB 7 KB	193ms 192ms	Stylesheet text/css	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/css/krotonpay.min.css?v=CfVMgNxUzPIkwgMdGxFgU3QF2CP4HmjXL1n3CPUhC4k Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 09f54c80dc54ccf224c2031d1b1160537405d823f81e68d72f59f708f5210b89 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 20:00:19 GMT server Kestrel etag "1d8033807b852e2" strict-transport-security max-age=2592000 content-type text/css content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 6498 x-xss-protection 1; mode=block
GET H2	200	unic.min.css pay.unic.br/css/	2 KB 2 KB	97ms 97ms	Stylesheet text/css	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/css/unic.min.css Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 6aae0a5f7615ebfb7e341760a69da86b4ab33cb88e1a65cffd88f5fb94812d0f Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 20:00:19 GMT server Kestrel etag "1d8033807b84cce" strict-transport-security max-age=2592000 content-type text/css content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 1870 x-xss-protection 1; mode=block
GET H2	200	logo_unic.png pay.unic.br/images/logo/	3 KB 4 KB	287ms 286ms	Image image/png	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pay.unic.br/images/logo/logo_unic.png Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash ed49a24acea2f27e0997d77637f22b8c643cdcc3fe3bd676150c77cd95e402f2 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 19:59:35 GMT server Kestrel etag "1d80337ed7e61f6" strict-transport-security max-age=2592000 content-type image/png content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 3190 x-xss-protection 1; mode=block
GET H2	200	krotonpay-deps.min.js Show response pay.unic.br/js/	273 KB 274 KB	287ms 286ms	Script application/javascript	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/js/krotonpay-deps.min.js?v=NFYXe-usC90ViuE4nah0x8vze7VdA2VVt-MlNmCGf4w Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 3456177bebac0bdd158ae1389da874c7cbf37bb55d036555b7e3253660867f8c Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 19:59:35 GMT server Kestrel etag "1d80337ed7a2800" strict-transport-security max-age=2592000 content-type application/javascript content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 279936 x-xss-protection 1; mode=block
GET H2	200	krotonpay.min.js Show response pay.unic.br/js/	8 KB 8 KB	288ms 287ms	Script application/javascript	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/js/krotonpay.min.js?v=BJqtNvAlEWPdxD-5YL5iLSTuFuFIqR1uT0WtLXIb9Rc Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 049aad36f0251163ddc43fb960be622d24ee16e148a91d6e4f45ad2d721bf517 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 20:00:19 GMT server Kestrel etag "1d8033807b86b9a" strict-transport-security max-age=2592000 content-type application/javascript content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 8218 x-xss-protection 1; mode=block
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 997 B	133ms 48ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d05e0d322ffde0bf08ecb0125349f922b06e44315c7ae72d7b98dca9382d6a71 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 584 x-xss-protection 1; mode=block expires Mon, 07 Feb 2022 19:48:39 GMT
GET H2	200	landing.min.js Show response pay.unic.br/js/	994 B 1 KB	288ms 287ms	Script application/javascript	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/js/landing.min.js?v=bWjyStI4l9cndMXH2DaEJOpTfAFDF_XmDb55M8ZVeBU Requested by Host: pay.unic.br URL: https://pay.unic.br/FVCjumh Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash 6d68f24ad23897d72774c5c7d8368424ea537c014317f5e60dbe7933c6557815 Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/FVCjumh User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 20:00:19 GMT server Kestrel etag "1d8033807b84862" strict-transport-security max-age=2592000 content-type application/javascript content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 994 x-xss-protection 1; mode=block
GET H2	200	fa-solid-900.woff2 pay.unic.br/fonts/	70 KB 71 KB	99ms 98ms	Font font/woff2	3.222.21.177 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pay.unic.br/fonts/fa-solid-900.woff2 Requested by Host: pay.unic.br URL: https://pay.unic.br/css/krotonpay-deps.min.css?v=qlwAwaQbE2kfhFZv_xTQhuSSENr-e0ZRFMJf86L_tOE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.222.21.177 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-21-177.compute-1.amazonaws.com Software Kestrel / Resource Hash a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a Security Headers Name Value Content-Security-Policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pay.unic.br/css/krotonpay-deps.min.css?v=qlwAwaQbE2kfhFZv_xTQhuSSENr-e0ZRFMJf86L_tOE Origin https://pay.unic.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:39 GMT x-content-type-options nosniff last-modified Thu, 06 Jan 2022 19:59:35 GMT server Kestrel etag "1d80337ed7f74c0" strict-transport-security max-age=2592000 content-type font/woff2 content-security-policy script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/; accept-ranges bytes content-length 72000 x-xss-protection 1; mode=block
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/	356 KB 140 KB	124ms 40ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pay.unic.br/ Origin https://pay.unic.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 18:55:34 GMT content-encoding gzip x-content-type-options nosniff age 3186 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143107 x-xss-protection 0 last-modified Mon, 31 Jan 2022 05:04:01 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 07 Feb 2023 18:55:34 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 65A5	40 KB 21 KB	62ms 61ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 665aecdb4d41d9ec99bc22f463626d3af56deb4f846543cb13ddbcf5e70aa2e4 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Si7+ZgsjvEIg6nfbDmbPRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://pay.unic.br/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 07 Feb 2022 19:48:40 GMT content-security-policy script-src 'report-sample' 'nonce-Si7+ZgsjvEIg6nfbDmbPRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21219 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 65A5	51 KB 24 KB	84ms 40ms	Stylesheet text/css	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 14:59:39 GMT content-encoding gzip x-content-type-options nosniff age 17341 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 31 Jan 2022 05:04:01 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 07 Feb 2023 14:59:39 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 65A5	356 KB 140 KB	102ms 58ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 18:55:34 GMT content-encoding gzip x-content-type-options nosniff age 3186 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 143107 x-xss-protection 0 last-modified Mon, 31 Jan 2022 05:04:01 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 07 Feb 2023 18:55:34 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 65A5	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 18:59:48 GMT x-content-type-options nosniff age 521332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 08 Feb 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 65A5	15 KB 16 KB	122ms 36ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 17:06:41 GMT x-content-type-options nosniff age 528119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 01 Feb 2023 17:06:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 65A5	15 KB 15 KB	133ms 46ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 01 Feb 2022 14:17:54 GMT x-content-type-options nosniff age 538246 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 01 Feb 2023 14:17:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 65A5	102 B 134 B	48ms 48ms	Other text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 19:48:40 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Mon, 07 Feb 2022 19:48:40 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 65A5	29 KB 16 KB	84ms 84ms	XHR application/json	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2207beb8711f0d6e39e3e5bf1451c209f19be5eee8dc5c48d9b48b7e7eab2053 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcStb0UAAAAAP1oaaL7X8GYU8g83mVhTnNHrjcl&co=aHR0cHM6Ly9wYXkudW5pYy5icjo0NDM.&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=j7nmhmnlkvte Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/x-protobuffer Response headers date Mon, 07 Feb 2022 19:48:40 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16859 x-xss-protection 1; mode=block expires Mon, 07 Feb 2022 19:48:40 GMT

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| $jscomp boolean| allDependenciesLoaded function| $ function| jQuery function| Popper object| bootstrap object| adyen object| KJUR object| Hex object| Base64 function| ASN1 function| JSEncrypt object| KnownCardVendors function| ExecutionResult function| EncryptedCardList object| TempTokenFactories function| EncryptCardsTokens function| cardTokenModule object| moduloCardToken object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| recaptchaToken object| recaptcha object| closure_lm_37320

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 05:03:35	Name: _GRECAPTCHA Value: 09APj96hTeWQ3AxrQyJRK2bUpOrSmcl6iTXj9LdRIRsvv-LqPnDff0rvuAwb1uHt9zu-f3ANP-4Ie53VG-EsofIc8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; img-src 'self' data: https:;frame-ancestors 'self'; frame-src https://www.google.com/recaptcha/;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
pay.unic.br
www.google.com
www.gstatic.com
2a00:1450:4001:803::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
3.222.21.177
049aad36f0251163ddc43fb960be622d24ee16e148a91d6e4f45ad2d721bf517
09f54c80dc54ccf224c2031d1b1160537405d823f81e68d72f59f708f5210b89
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2207beb8711f0d6e39e3e5bf1451c209f19be5eee8dc5c48d9b48b7e7eab2053
3456177bebac0bdd158ae1389da874c7cbf37bb55d036555b7e3253660867f8c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
665aecdb4d41d9ec99bc22f463626d3af56deb4f846543cb13ddbcf5e70aa2e4
6aae0a5f7615ebfb7e341760a69da86b4ab33cb88e1a65cffd88f5fb94812d0f
6d68f24ad23897d72774c5c7d8368424ea537c014317f5e60dbe7933c6557815
7e567bc7c05116a47eb83ea902314c962d43c7d9038fd8915ec115f88a1d7450
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
a5587a9dca3673b604a8a0e144d268f3dcb180aac337e2b2e163704bc1fc508a
aa5c00c1a41b13691f84566fff14d086e49210dafe7b465114c25ff3a2ffb4e1
d05e0d322ffde0bf08ecb0125349f922b06e44315c7ae72d7b98dca9382d6a71
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
ed49a24acea2f27e0997d77637f22b8c643cdcc3fe3bd676150c77cd95e402f2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48