urlscan.io logo urlscan.io
SecurityTrails logo

www4.acesso.io Open in urlscan Pro
35.244.135.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aces.so/rKaufKj
Effective URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Submission: On December 31 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 35.244.135.227, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www4.acesso.io.
TLS certificate: Issued by TrustSign BR Certification Authority ... on October 27th 2022. Valid for: a year.
This is the only time www4.acesso.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 35.244.135.227 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.112 16509 (AMAZON-02)
1 13.32.110.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
1 143.204.215.118 16509 (AMAZON-02)
2 162.247.241.14 23467 (NEWRELIC-...)
1 54.77.102.179 16509 (AMAZON-02)
1 65.9.66.63 16509 (AMAZON-02)
1 52.50.111.150 16509 (AMAZON-02)
35 12
24    35.244.135.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.135.244.35.bc.googleusercontent.com
aces.so
www4.acesso.io
1    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.110.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-74.vie50.r.cloudfront.net
script.hotjar.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
vars.hotjar.com
2    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    54.77.102.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-102-179.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    65.9.66.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-63.fra56.r.cloudfront.net
vc.hotjar.io
1    52.50.111.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-111-150.eu-west-1.compute.amazonaws.com
content.hotjar.io
Apex Domain
Subdomains		 Transfer
23 acesso.io
www4.acesso.io
3 MB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1181
vars.hotjar.com — Cisco Umbrella Rank: 1235
in.hotjar.com — Cisco Umbrella Rank: 2246
73 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2940
content.hotjar.io — Cisco Umbrella Rank: 66850
419 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 473
1 KB
2 gstatic.com
fonts.gstatic.com
33 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 818
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
946 B
1 aces.so
aces.so
251 B
35 8
Domain Requested by
23 www4.acesso.io www4.acesso.io
2 bam.nr-data.net www4.acesso.io
2 fonts.gstatic.com fonts.googleapis.com
1 content.hotjar.io www4.acesso.io
1 vc.hotjar.io www4.acesso.io
1 in.hotjar.com www4.acesso.io
1 vars.hotjar.com www4.acesso.io
1 js-agent.newrelic.com www4.acesso.io
1 script.hotjar.com www4.acesso.io
1 static.hotjar.com www4.acesso.io
1 fonts.googleapis.com www4.acesso.io
1 aces.so 1 redirects
35 12

This site contains links to these domains. Also see Links.

Domain
unico.io
Subject Issuer Validity Valid
*.acesso.io
TrustSign BR Certification Authority (DV) 2		 2022-10-27 -
2023-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Frame ID: 60E47FD5FD972B603EDBC14F2BC10C89
Requests: 35 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 0C69E1DD87D62E86A3EB25ACD0340339
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Autentique sua identidade para autorizar a compra

Page URL History Show full URLs

  1. https://aces.so/rKaufKj HTTP 302
    https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

35
Requests

100 %
HTTPS

18 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

3429 kB
Transfer

4032 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aces.so/rKaufKj HTTP 302
    https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Selfie.aspx
www4.acesso.io/transacional/Capture/SMS/
Redirect Chain
  • https://aces.so/rKaufKj
  • https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
52 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
0236b6ba1a364137d0dc2e57b1221478add99c3d2275a0d52d06a03d134bb19b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
access-control-allow-methods
GET,POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
deflate
content-length
15556
content-type
text/html; charset=utf-8
date
Sat, 31 Dec 2022 23:15:56 GMT
expires
-1
pragma
no-cache
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
0
date
Sat, 31 Dec 2022 23:15:56 GMT
expires
-1
location
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
pragma
no-cache
server
Microsoft-IIS/10.0
via
1.1 google
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
ecommerce-bundle.min.css
www4.acesso.io/transacional/Resources/css/bundle/ 		166 KB
166 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/css/bundle/ecommerce-bundle.min.css?tsts=535
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0c4fd2f5093b6a8fcdcb34928f7206e1c9f9075c055e41a8e3f644baa604728
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:04 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169499
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 May 2021 19:05:18 GMT
etag
"0abb9414f40d71:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
protegido-pela-unico.svg
www4.acesso.io/transacional/Resources/img/app/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/protegido-pela-unico.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
5cb3a6dd0880a0c7142fa74c3ab62b73649a8021cbaa3c4e34f46492a133faf5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15239
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"c9585b9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
sweetalert2.all.min.js
www4.acesso.io/transacional/Resources/sms/js/ 		67 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/sweetalert2.all.min.js
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e2dfe64df579f158643b137672c5ae97473acfdbda4a3a586b45b8e101d57c13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 03 Oct 2022 13:49:44 GMT
etag
"485561fe2ed7d81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
68472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css2
fonts.googleapis.com/ 		2 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:wght@400;700&display=swap
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4d491a5cbc511036769df610e35dc554ac185d03c7c8290703ef8162f7ecb8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 31 Dec 2022 23:15:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 31 Dec 2022 23:15:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Dec 2022 23:15:57 GMT
logo_unico.svg
www4.acesso.io/transacional/Resources/img/app/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/logo_unico.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
c1078a616c74f9c9f4fbf5e16b97b5c71053d48b16e107439e52c5791d3963d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:05 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4160
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"8a24589b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
selfie-illustration.svg
www4.acesso.io/transacional/Resources/img/app/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/selfie-illustration.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
3d1caa358e6fa786528ab137720d1b66588bf3f0a7c865bfd2001028d63295df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"b9a25d9b1cd7d81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
8626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
information.svg
www4.acesso.io/transacional/Resources/img/app/ 		464 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/information.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
7777cc218123dd48efe6a21c39343eecaa356e7fd576d30212208bcd9b357b40
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
464
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"aa28569b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
share.svg
www4.acesso.io/transacional/Resources/img/app/ 		521 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/share.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
899dc5492450994d153dbd2bd474155e2d8a60550f6d649abda4361993f0c5ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"43f5e9b1cd7d81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
safe.svg
www4.acesso.io/transacional/Resources/img/app/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/safe.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
77c4e6daaf75dd09fdf0b0c925dfe0afe159eefac53940b784e9bc42a42f5770
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:05 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13358
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"98545d9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
rotate-phone.png
www4.acesso.io/transacional/Resources/img/app/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/rotate-phone.png
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
66d80ef970c631becf52a82adaa977f4afdb200cc46ba3772e2d268a61bbb48c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:05 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24338
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"70df5c9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
ico-alert.svg
www4.acesso.io/transacional/Resources/img/app/ 		938 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www4.acesso.io/transacional/Resources/img/app/ico-alert.svg
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e03bff4aa0aeb8d2457ce6f1d882ce071eedf9d4c91165e85c9c8e47adb647d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"21c9549b1cd7d81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecommerce-bundle.min.js
www4.acesso.io/transacional/Resources/sms/js/bundle/ 		224 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/bundle/ecommerce-bundle.min.js?tsts=541
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
50b07397c97dcec5b77a731b781348d93e04af07a305a2c8f25524943ece600f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229864
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 13:49:44 GMT
etag
"ec9f3cfe2ed7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
MobileMaster.js
www4.acesso.io/transacional/Scripts/App/Capture/SMS/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Scripts/App/Capture/SMS/MobileMaster.js?tsts=541
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
eda015a7ca1ebba52802289f739b8a94e7bcf1ad8afb37c61c9dad661835c239
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15043
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:08 GMT
etag
"eb12cd9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
FaceTecStrings.pt-br.js
www4.acesso.io/transacional/Resources/sms/js/facetec/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/FaceTecStrings.pt-br.js?tsts=541
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
844689cd2ae346ef3a13aa8f995874ac83911b11760a910077b4dfc9df738477
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:05 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6261
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"4f3db09b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
FaceTecSDK.js
www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/FaceTecSDK.js?tsts=541
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
3ee0db8b0f58f5817e601fbd15d7c68d78175c82d4cb99a3b25e5693b28d4a91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2324531
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"dbdb49b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
Config.js
www4.acesso.io/transacional/Resources/sms/js/facetec/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/Config.js?tsts=541
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e1b12a0fb948bc4c6734fccf8ca0d0275aa798d12faefe8554b00d10318ef624
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7381
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"5016b09b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
LivenessCheckProcessor.js
www4.acesso.io/transacional/Resources/sms/js/facetec/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/LivenessCheckProcessor.js?tsts=5410
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
0f950db1dfbf6fcce98896fa0c43cdb82ccb51418ab4cb149b0f0444f1b09690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"5964b09b1cd7d81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
7511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Selfie.js
www4.acesso.io/transacional/Scripts/App/Capture/SMS/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Scripts/App/Capture/SMS/Selfie.js?tsts=103
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
87b7cd77968bb21e3b07afa49c994fba47fd1785cf9770b219b8233aa5a430a2

Request headers

Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Origin
https://www4.acesso.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:56 GMT
via
1.1 google
last-modified
Mon, 21 Nov 2022 12:49:21 GMT
etag
"adec28ada7fdd81:0"
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
content-length
25110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hotjar-3278202.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3278202.js?sv=6
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-112.fra56.r.cloudfront.net
Software
/
Resource Hash
20a5553397546e020460b66e9ab8d5d041df321d26e46633e21093d536c44522
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
W/f079634dbdb6facd8150492f952844e5
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dBm4cILOk6MniRwDGYKHWV14BX_weSDK2ygAlE-YGQ6vvKFnwu2leQ==
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-74.vie50.r.cloudfront.net
Software
/
Resource Hash
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
832132
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68894
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"3256c76707175033b83ffe82f89b32ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
FmI6FIZUWtVza_W4gOWGmaiQIXUEDsI_aDipC47m7SVMgrg-hmt5aw==
9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2
fonts.gstatic.com/s/atkinsonhyperlegible/v10/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3351d61cc20cda98f78d87b7809925a951f4eabdfb13ef5ad8699a633114096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www4.acesso.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 18:54:31 GMT
x-content-type-options
nosniff
age
274887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16496
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 17:13:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 18:54:31 GMT
9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
fonts.gstatic.com/s/atkinsonhyperlegible/v10/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/atkinsonhyperlegible/v10/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32e7aec16901a1f1a5ad7bd17c599fe62ede04f4059358d9134f89522fbc0162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www4.acesso.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:32:30 GMT
x-content-type-options
nosniff
age
319408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16872
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 17:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 06:32:30 GMT
GetProcess
www4.acesso.io/transacional/Capture/SMS/Start.aspx/ 		111 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Capture/SMS/Start.aspx/GetProcess
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e2bc2c0d17dce265f622c4dfcc17c83217658dcf7c45e53f4a4db4c0adef3ada
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
VwYPVFVWCRABUVdWBwEBXlEE
tracestate
3085351@nr=0-1-3085351-1588615585-0134825a767974d7----1672528558649
traceparent
00-b47f6dd038fb918d8a6fc1e23a76bd97-0134825a767974d7-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwODUzNTEiLCJhcCI6IjE1ODg2MTU1ODUiLCJpZCI6IjAxMzQ4MjVhNzY3OTc0ZDciLCJ0ciI6ImI0N2Y2ZGQwMzhmYjkxOGQ4YTZmYzFlMjNhNzZiZDk3IiwidGkiOjE2NzI1Mjg1NTg2NDl9fQ==
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
X-Requested-With
XMLHttpRequest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:57 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113188
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Sat, 31 Dec 2022 23:15:58 GMT
x-amz-request-id
0VBKPW74SBTHYZ5G
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
sme3WW7vyDfyACi+CiQJ7caOux45Mfqu5uwp4aWRVK2lwbJ5iFhrNnQyFp9Ipa4XaeQdZk4LlEE=
x-served-by
cache-hhn-etou8220037-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1672528559.706069,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
743
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 0C69 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www4.acesso.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2486036
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 04:42:02 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
x-amz-cf-id
Ff3uNgmLMacWS9A_xhEVnJdaGavzFgqvHfmTrjvNkHsaD7aQT_vhsA==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
NRJS-22fe8ed3493180d8695
bam.nr-data.net/1/ 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-22fe8ed3493180d8695?a=1564006855&v=1216.487a282&to=Z1dTYkYAWUoAARVcC14dcGVkTlRYERYURwEfQVxFGxJSVQcLBBsFQ0JJ&rst=2442&ck=1&ref=https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx&ap=13&be=773&fe=2367&dc=2215&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1672528556288,%22n%22:0,%22f%22:222,%22dn%22:223,%22dne%22:567,%22c%22:567,%22s%22:586,%22ce%22:610,%22rq%22:610,%22rp%22:751,%22rpe%22:762,%22dl%22:754,%22di%22:2214,%22ds%22:2214,%22de%22:2216,%22dc%22:2366,%22l%22:2366,%22le%22:2366%7D,%22navigation%22:%7B%7D%7D&fp=2379&fcp=2379&jsonp=NREUM.setToken
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 31 Dec 2022 23:15:59 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7826b864882c9c12-FRA
visit-data
in.hotjar.com/api/v2/client/sites/3278202/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3278202/visit-data?sv=6
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.102.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-102-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
https://www4.acesso.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 31 Dec 2022 23:15:58 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
3278202
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3278202?s=0.25&r=0.16331263864612455
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-63.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:15:58 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
p7b2Dw6n73fykIbkFuioviqK9-kHAgHveBv3jZ_q6ZLffBiD6klmKw==
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.111.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-111-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e6cde699aab912b94d2dfbf571e954c0eb31863575e739d9dba06d3f2c70ac85

Request headers

Referer
https://www4.acesso.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 31 Dec 2022 23:15:59 GMT
content-length
56
vary
Origin
content-type
application/json
session
www4.acesso.io/transacional/Services/v3/AcessoService.svc/token/ 		817 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Services/v3/AcessoService.svc/token/session
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
7e1af39a6aac4f2cd2dc5b8d45327f1b597cca407af763fbb35c2a58ac3674db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-User-Agent
facetec|sdk|web|www4.acesso.io||NOT-INITIALIZED|Windows NT 10.0|9.4.8|en-US|en
X-NewRelic-ID
VwYPVFVWCRABUVdWBwEBXlEE
tracestate
3085351@nr=0-1-3085351-1588615585-c98c039832a9138e----1672528558947
X-Device-Key
traceparent
00-53d38c70af560fa1add4eefa5ef73fac-c98c039832a9138e-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwODUzNTEiLCJhcCI6IjE1ODg2MTU1ODUiLCJpZCI6ImM5OGMwMzk4MzJhOTEzOGUiLCJ0ciI6IjUzZDM4YzcwYWY1NjBmYTFhZGQ0ZWVmYTVlZjczZmFjIiwidGkiOjE2NzI1Mjg1NTg5NDd9fQ==
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
X-Requested-With
XMLHttpRequest

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:59 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
817
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
truncated
/ 		68 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e58000942e3db6f5a29aa7254de2376678d5fba4fcab926d2aa7de711885c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
3a4b797006cfdb1c6b9d47dc24c4ffbe38684c82.js
www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/ 		48 KB
48 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/3a4b797006cfdb1c6b9d47dc24c4ffbe38684c82.js?v20220315-1021-948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6ab0ea5a90faeb22dbc13d8ecd4575219e161a7d457728f13288c4b519101bb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:06 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49316
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"2e78ba9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
NRJS-22fe8ed3493180d8695
bam.nr-data.net/events/1/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-22fe8ed3493180d8695?a=1564006855&v=1216.487a282&to=Z1dTYkYAWUoAARVcC14dcGVkTlRYERYURwEfQVxFGxJSVQcLBBsFQ0JJ&rst=2821&ck=1&ref=https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www4.acesso.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 31 Dec 2022 23:15:59 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www4.acesso.io
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7826b8667a919c12-FRA
Content-Length
24
011c90516755d702cfb4205ca9d93e21fe6683b8_cache.wasm
www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/ 		271 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/011c90516755d702cfb4205ca9d93e21fe6683b8_cache.wasm
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
tracestate
3085351@nr=0-1-3085351-1588615585-f93ae79fc9202f69----1672528560848
traceparent
00-30275788aa35f463cc45be676dbf199b-f93ae79fc9202f69-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwODUzNTEiLCJhcCI6IjE1ODg2MTU1ODUiLCJpZCI6ImY5M2FlNzlmYzkyMDJmNjkiLCJ0ciI6IjMwMjc1Nzg4YWEzNWY0NjNjYzQ1YmU2NzZkYmYxOTliIiwidGkiOjE2NzI1Mjg1NjA4NDh9fQ==

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:15:08 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277539
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"1f51ba9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application / wasm
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent
011c90516755d702cfb4205ca9d93e21fe6683b8_cache.wasm
www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/ 		271 KB
271 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/011c90516755d702cfb4205ca9d93e21fe6683b8_cache.wasm
Requested by
Host: www4.acesso.io
URL: https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.135.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.135.244.35.bc.googleusercontent.com
Software
/
Resource Hash
5ae570b3e4ee019578ab68afcf3d10f68d47e9e5d11696cee4b85a6449fca5ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www4.acesso.io/transacional/Capture/SMS/Selfie.aspx?id=a2da1b43-e6ee-4dc3-8fad-a9e7809d87e6
tracestate
3085351@nr=0-1-3085351-1588615585-96a77970269bef04----1672528560989
traceparent
00-9342b1895de008383a7bc487b2dc97b5-96a77970269bef04-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMwODUzNTEiLCJhcCI6IjE1ODg2MTU1ODUiLCJpZCI6Ijk2YTc3OTcwMjY5YmVmMDQiLCJ0ciI6IjkzNDJiMTg5NWRlMDA4MzgzYTdiYzQ4N2IyZGM5N2I1IiwidGkiOjE2NzI1Mjg1NjA5ODl9fQ==

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Sat, 31 Dec 2022 23:16:00 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277539
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
last-modified
Mon, 03 Oct 2022 11:38:07 GMT
etag
"1f51ba9b1cd7d81:0"
x-frame-options
DENY
access-control-allow-methods
GET,POST, OPTIONS
content-type
application / wasm
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
access-control-allow-headers
Authorization,Authentication, Content-Type,x-acessobio-apikey,x-login,x-password,APIKEY,x-user-agent

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| NREUM object| newrelic function| __nr_require function| hj object| _hjSettings function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| getUrlParameter function| isDate function| getGuid function| bytesToSize function| formatarCampo function| validaCpf function| validaCnpj function| validateEmail function| validateDate function| fieldMask function| isNumberKey function| isNumberOrCommaKey function| formatCPF function| formatCurrency function| formatCurrency2 function| parseFloat2 function| isNaN2 function| browserSuport function| getBrowserSuported function| hasWebkit function| getWindowSize function| getAppURL function| getAppPartURL function| hasPermissions function| isAndroid function| isChrome function| isIOS function| isSafari function| ValidateEvidenceExtensions function| CheckInternalUser function| stripHtml function| murmurhash3_32_gc function| MD5 object| BrowserDetect object| windowSize function| onLoad object| deployJava function| Detector object| swfobject string| subPath object| DAYNAMES object| DAYNAMESMIN object| MONTHNAMES boolean| isUserAcesso function| $ function| jQuery function| Popper object| bootstrap function| dateFromJSON function| dateFromString function| dateTimeFromString function| dateFromDbString function| dateTimeFromDbString function| localDateTimeFromDbString function| ClientJS function| UAParser boolean| verifyBrowser string| environment function| MobileMaster object| objMobileMaster object| FaceTecStrings function| d function| I object| FaceTecSDK object| Config function| LivenessCheckProcessor function| mobileCheck

7 Cookies

Domain/Path Name / Value
.acesso.io/ Name: _hjSessionUser_3278202
Value: eyJpZCI6ImE3Mjg3YzRkLWFjOGItNTRjMS04ODE0LTMwZmIwMjNmNGUyNSIsImNyZWF0ZWQiOjE2NzI1Mjg1NTc2OTUsImV4aXN0aW5nIjpmYWxzZX0=
.acesso.io/ Name: _hjFirstSeen
Value: 1
www4.acesso.io/ Name: _hjIncludedInSessionSample
Value: 1
.acesso.io/ Name: _hjSession_3278202
Value: eyJpZCI6IjJjYzk4MDk4LWNmY2QtNDYyNy1hYjYwLTE4ZmU0NjIyNTdkYiIsImNyZWF0ZWQiOjE2NzI1Mjg1NTg3NjcsImluU2FtcGxlIjp0cnVlfQ==
www4.acesso.io/ Name: _hjIncludedInPageviewSample
Value: 1
.acesso.io/ Name: _hjAbsoluteSessionInProgress
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: c1efca0e5fddec35

2 Console Messages

Source Level URL
Text
worker warning URL: https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/011c90516755d702cfb4205ca9d93e21fe6683b8.js?v20220315-1021-948(Line 149)
Message:
wasm streaming compile failed: TypeError: Failed to execute 'compile' on 'WebAssembly': Incorrect response MIME type. Expected 'application/wasm'.
worker warning URL: https://www4.acesso.io/transacional/Resources/sms/js/facetec/core-sdk/FaceTecSDK.js/resources/011c90516755d702cfb4205ca9d93e21fe6683b8.js?v20220315-1021-948(Line 149)
Message:
falling back to ArrayBuffer instantiation

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aces.so
bam.nr-data.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js-agent.newrelic.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
www4.acesso.io
13.32.110.74
143.204.215.118
151.101.2.137
162.247.241.14
2a00:1450:4001:82a::2003
2a00:1450:400d:808::200a
35.244.135.227
52.50.111.150
54.77.102.179
65.9.66.112
65.9.66.63
0236b6ba1a364137d0dc2e57b1221478add99c3d2275a0d52d06a03d134bb19b
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f950db1dfbf6fcce98896fa0c43cdb82ccb51418ab4cb149b0f0444f1b09690
1e58000942e3db6f5a29aa7254de2376678d5fba4fcab926d2aa7de711885c4c
20a5553397546e020460b66e9ab8d5d041df321d26e46633e21093d536c44522
32e7aec16901a1f1a5ad7bd17c599fe62ede04f4059358d9134f89522fbc0162
3d1caa358e6fa786528ab137720d1b66588bf3f0a7c865bfd2001028d63295df
3ee0db8b0f58f5817e601fbd15d7c68d78175c82d4cb99a3b25e5693b28d4a91
50b07397c97dcec5b77a731b781348d93e04af07a305a2c8f25524943ece600f
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5ae570b3e4ee019578ab68afcf3d10f68d47e9e5d11696cee4b85a6449fca5ec
5cb3a6dd0880a0c7142fa74c3ab62b73649a8021cbaa3c4e34f46492a133faf5
66d80ef970c631becf52a82adaa977f4afdb200cc46ba3772e2d268a61bbb48c
6ab0ea5a90faeb22dbc13d8ecd4575219e161a7d457728f13288c4b519101bb6
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
7777cc218123dd48efe6a21c39343eecaa356e7fd576d30212208bcd9b357b40
77c4e6daaf75dd09fdf0b0c925dfe0afe159eefac53940b784e9bc42a42f5770
7e1af39a6aac4f2cd2dc5b8d45327f1b597cca407af763fbb35c2a58ac3674db
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
844689cd2ae346ef3a13aa8f995874ac83911b11760a910077b4dfc9df738477
87b7cd77968bb21e3b07afa49c994fba47fd1785cf9770b219b8233aa5a430a2
899dc5492450994d153dbd2bd474155e2d8a60550f6d649abda4361993f0c5ad
c1078a616c74f9c9f4fbf5e16b97b5c71053d48b16e107439e52c5791d3963d0
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d0c4fd2f5093b6a8fcdcb34928f7206e1c9f9075c055e41a8e3f644baa604728
d3351d61cc20cda98f78d87b7809925a951f4eabdfb13ef5ad8699a633114096
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e03bff4aa0aeb8d2457ce6f1d882ce071eedf9d4c91165e85c9c8e47adb647d3
e1b12a0fb948bc4c6734fccf8ca0d0275aa798d12faefe8554b00d10318ef624
e2bc2c0d17dce265f622c4dfcc17c83217658dcf7c45e53f4a4db4c0adef3ada
e2dfe64df579f158643b137672c5ae97473acfdbda4a3a586b45b8e101d57c13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cde699aab912b94d2dfbf571e954c0eb31863575e739d9dba06d3f2c70ac85
eda015a7ca1ebba52802289f739b8a94e7bcf1ad8afb37c61c9dad661835c239
f4d491a5cbc511036769df610e35dc554ac185d03c7c8290703ef8162f7ecb8d