acesso.atendimentoonline.us Open in urlscan Pro
184.174.38.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://acesso.atendimentoonline.us/frf
Submission Tags: @phish_report
Submission: On May 27 via api (May 27th 2024, 4:33:13 pm UTC) from FI — Scanned from US

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 184.174.38.29, located in Düsseldorf, Germany and belongs to AS-COLOAM, US. The main domain is acesso.atendimentoonline.us.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time acesso.atendimentoonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	184.174.38.29 184.174.38.29	21769 (AS-COLOAM) (AS-COLOAM)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2016	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a09:8280:1::... 2a09:8280:1::2a:6f56:0	40509 (FLY) (FLY)
9	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	162.249.168.129 162.249.168.129	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
2	2001:bc8:10::8 2001:bc8:10::8	12876 (Online SAS) (Online SAS)
1	212.132.117.42 212.132.117.42	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
41	11

18 184.174.38.29 (Düsseldorf, Germany)

ASN21769 (AS-COLOAM, US)
PTR: vmi1519296.contaboserver.net

acesso.atendimentoonline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage2.atendimentoonline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2016 (United States)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a09:8280:1::2a:6f56:0 (United States)

ASN40509 (FLY, US)

cdn.utmify.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:bc8:10::8 (France)

ASN12876 (Online SAS, FR)

s3.fr-par.scw.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.132.117.42 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ip212-132-117-42.pbiaas.com

ip-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	atendimentoonline.us acesso.atendimentoonline.us storage2.atendimentoonline.us	296 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	5 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	79 KB
2	scw.cloud s3.fr-par.scw.cloud	70 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	44 KB
1	ip-api.io ip-api.io — Cisco Umbrella Rank: 320264	1 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18335	19 KB
1	utmify.com.br cdn.utmify.com.br	2 KB
1	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 10256	747 B
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 544	6 KB
41	10

	Domain	Requested by
17	acesso.atendimentoonline.us	acesso.atendimentoonline.us
9	www.facebook.com
5	connect.facebook.net	acesso.atendimentoonline.us connect.facebook.net
2	s3.fr-par.scw.cloud
2	cdnjs.cloudflare.com	acesso.atendimentoonline.us cdnjs.cloudflare.com
1	storage2.atendimentoonline.us
1	ip-api.io	acesso.atendimentoonline.us
1	i.postimg.cc
1	cdn.utmify.com.br	acesso.atendimentoonline.us
1	fonts.bunny.net	acesso.atendimentoonline.us
1	play-lh.googleusercontent.com
41	11

This site contains no links.

Subject Issuer	Validity	Valid
acesso.atendimentoonline.us R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
fonts.bunny.net R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-06` - `2024-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cdn.utmify.com.br R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
postimg.cc R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
s3.fr-par.scw.cloud R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
ip-api.io R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
storage2.atendimentoonline.us R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://acesso.atendimentoonline.us/frf
Frame ID: D4E4D15320519BDCDBAA1391AF8DB97F
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WhatsApp Web

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

41
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

525 kB
Transfer

1676 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request frf Show response
acesso.atendimentoonline.us/ 12 KB
5 KB 516ms
185ms Document
text/html 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy / Next.js
Resource Hash: 14478b9442c04cf5d547ee6ece61a025c960ad30a9188fbabebf69e4a71d00bb

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 May 2024 16:33:05 GMT
etag: "a0st7pxwmg9qb"
server: Caddy
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 __ENV.js Show response
acesso.atendimentoonline.us/ 131 B
242 B 156ms
154ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/__ENV.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 4077d8c17a11d5ea7ea07c461620bd50327792cbef6a54155c3b1e3e3707ea61

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
last-modified: Wed, 15 May 2024 17:59:29 GMT
server: Caddy
etag: W/"83-18f7d68c6c6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-length: 131

GET
H2 200 85a3fdb148fb7ccf.css
acesso.atendimentoonline.us/_next/static/css/ 167 B
281 B 161ms
160ms Stylesheet
text/css 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/css/85a3fdb148fb7ccf.css
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 49e7330fc2780d5b9ec7b685325976e7ab19ecd06c470091500e593bfbd2a90d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"a7-18cd4ac39d0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 167

GET
H2 200 webpack-469e484a5238f03d.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 4 KB
2 KB 171ms
167ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/webpack-469e484a5238f03d.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 6ec49ef66f3d7eef58150536be75dbdaaf8bbf0c0114a44bcd6c84a1fff1fe8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"e69-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 1807

GET
H2 200 framework-7d3b60c145b065d5.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 138 KB
44 KB 178ms
174ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/framework-7d3b60c145b065d5.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 1bad54e59186e1f20be1f52f0db8a90b3a7b6b7623cece9225f7db5f9546c7b9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"226c1-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable

GET
H2 200 main-a16ff636940bd8cd.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 121 KB
36 KB 321ms
318ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/main-a16ff636940bd8cd.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 87e7e2c052f366c7097b116d9c6e98340bb12a57e9ec437aaa184db2adc65ffc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"1e5a2-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable

GET
H2 200 _app-52b288c856ec9653.js Show response
acesso.atendimentoonline.us/_next/static/chunks/pages/ 486 B
533 B 169ms
166ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/pages/_app-52b288c856ec9653.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 2532aad30295b0d05087b2d0a33ae0838660932362ff68d5426e316ecc83db29

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"1e6-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 486

GET
H2 200 18-93559bfda4d48868.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 321 KB
81 KB 320ms
317ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/18-93559bfda4d48868.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: faea5da7dd22ca4621fdcadb2610e2c9a75779ba5df05105c0289d357c6d9efa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"503d8-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable

GET
H2 200 823-b70e4dd60223dcac.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 175 KB
46 KB 319ms
317ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/823-b70e4dd60223dcac.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: f08c9966bfa43b64bcb88f7cb251a0499013b8a529b7012100d18a2e4d7b9da2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"2ba2a-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable

GET
H2 200 %5B%5B...publicId%5D%5D-e1926b73aa1f05a4.js Show response
acesso.atendimentoonline.us/_next/static/chunks/pages/ 7 KB
3 KB 317ms
315ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/pages/%5B%5B...publicId%5D%5D-e1926b73aa1f05a4.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 1e44db3993e1a707bb0f7dc06e5a276e29949ff38b00a723ee18ddee44d51da6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"1d1f-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 3183

GET
H2 200 _buildManifest.js Show response
acesso.atendimentoonline.us/_next/static/bdxl3JbaPQPcCKf-9YU2W/ 739 B
438 B 466ms
465ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/bdxl3JbaPQPcCKf-9YU2W/_buildManifest.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: ba0e8e61cb8a4b366ca337daf679293b28ade8069680cab01e302519720e1f84

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
content-encoding: zstd
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"2e3-18cd4ac39d0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 385

GET
H2 200 _ssgManifest.js Show response
acesso.atendimentoonline.us/_next/static/bdxl3JbaPQPcCKf-9YU2W/ 80 B
148 B 169ms
168ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/bdxl3JbaPQPcCKf-9YU2W/_ssgManifest.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:05 GMT
last-modified: Thu, 04 Jan 2024 13:32:05 GMT
server: Caddy
etag: W/"50-18cd4ac8408"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 80

GET
H2 200 426.bbdbaa83e094edbb.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 235 KB
67 KB 166ms
162ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/webpack-469e484a5238f03d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: ad2d7f57a083ee11b3a5241c5dd51f7b7656bfefba98ce4812ebe8233087082e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"3abff-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable

GET
H2 200 983.b0f7c38f06159abb.js Show response
acesso.atendimentoonline.us/_next/static/chunks/ 393 B
463 B 158ms
156ms Script
application/javascript 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/_next/static/chunks/983.b0f7c38f06159abb.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/webpack-469e484a5238f03d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 277cbc8e70f6ca32b17107ec73bd4a812050f85b725751d1cd0269349f9d184c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/frf
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:06 GMT
last-modified: Thu, 04 Jan 2024 13:31:46 GMT
server: Caddy
etag: W/"189-18cd4ac39d0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
content-length: 393

GET
H2 200 0S2hyweSiKWDtq91uKRRgMsW-KFq5aSTLSjgTTu6OKs7R3AURKI7s9NMnMR5Ot4dIRY
play-lh.googleusercontent.com/ 6 KB
6 KB 274ms
118ms Other
image/png 2607:f8b0:4006:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play-lh.googleusercontent.com/0S2hyweSiKWDtq91uKRRgMsW-KFq5aSTLSjgTTu6OKs7R3AURKI7s9NMnMR5Ot4dIRY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2016 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f01165f49041b0aacc185d760e664ded98c984bca5931ca0ef0af11874927dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6265
x-xss-protection: 0
expires: Tue, 28 May 2024 16:33:06 GMT

POST
H2 200 startChat Show response
acesso.atendimentoonline.us/api/v1/typebots/frf/ 22 KB
5 KB 262ms
260ms Fetch
application/json 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/api/v1/typebots/frf/startChat
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 29b12f6be547d52d8e729e4a68e6c2f07b384e2403b27bcd2020167ce88e820f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://acesso.atendimentoonline.us/frf
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 27 May 2024 16:33:06 GMT
content-encoding: gzip
server: Caddy
vary: Accept-Encoding
content-type: application/json

GET
H2 200 css2
fonts.bunny.net/ 96 B
747 B 216ms
65ms Stylesheet
text/css 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css2?family=Clear%20Sans:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27)
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 6be81c708e67803485b94d3dcd62a476bf29189d65615522c5a5715fe1b129e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
cdn-edgestorageid: 885
cdn-cachedat: 04/29/2024 15:31:27
cdn-pullzone: 781720
content-length: 96
last-modified: Mon, 29 Apr 2024 15:31:27 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 4575c9f778f8b1009fcb4536d0dde64b
accept-ranges: bytes
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 183ms
59ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/frf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=12, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0Hx502bmnQfObvGDn2orQcfO5IPfiFpAMlt/0KHKfgNYLVX2qU612LgzClRYEa9Ykdai1OfljGjSdMRclDrlCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 84ms
42ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 245425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMt5NKv3W%2Bu418HtPYQr9%2B61SqoM8p%2BGC1NzNrTEPEj3W2osVA8WTTSh84W8y4AKPS%2FVFmObppoWDg9ueDTnYuoBJa7cXAln7BOFbPhD%2Fnr9DZIaeu5pvF65Q5i1GH7Px%2BOvfebB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a767a2dae18db5-MIA
expires: Sat, 17 May 2025 16:33:07 GMT

GET
H2 200 latest.js Show response
cdn.utmify.com.br/scripts/utms/ 5 KB
2 KB 288ms
171ms Script
application/javascript 2a09:8280:1::2a:6f56:0
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.utmify.com.br/scripts/utms/latest.js
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::2a:6f56:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) / Express
Resource Hash: dcedb052d4b33fc20607f294d8b02a4eba1c9add8efbdb7d41e31ae6efcfdb6d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
content-encoding: zstd
via: 2 fly.io
last-modified: Mon, 27 May 2024 10:53:39 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYXEC0GTG0E73FXZS8E6RMW4-mia
x-powered-by: Express
etag: W/"13a1-18fb9af3738"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 tr
www.facebook.com/ 0
270 B 177ms
57ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=741869608132717&ev=PageView&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=2757, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 regular-b6efed2f1d1175735bad7a4da6718f85.png
i.postimg.cc/6p92HNKT/ 19 KB
19 KB 191ms
58ms Image
image/png 162.249.168.129
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/6p92HNKT/regular-b6efed2f1d1175735bad7a4da6718f85.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b78346ea3d17e68d6d40e275ad260baafed424f88b8b9b1fa294d35f9a4d124

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
last-modified: Sun, 05 May 2024 04:04:05 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 19315
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 continueChat Show response
acesso.atendimentoonline.us/api/v1/sessions/clwp6tg5x0ikio70ekd9msllu/ 162 B
213 B 311ms
309ms Fetch
application/json 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/api/v1/sessions/clwp6tg5x0ikio70ekd9msllu/continueChat
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: ca04b28fa5a06e33ee4f491c0a88a2aca750220e636b56c07f3fcd2b6fb10345

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://acesso.atendimentoonline.us/frf
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 27 May 2024 16:33:07 GMT
server: Caddy
content-length: 162
vary: Accept-Encoding
content-type: application/json

GET
H2 200 background
s3.fr-par.scw.cloud/typebot/public/typebots/cli88mae30010mh0f0yzjqn48/ 70 KB
70 KB 655ms
156ms Image
image/png 2001:bc8:10::8
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.fr-par.scw.cloud/typebot/public/typebots/cli88mae30010mh0f0yzjqn48/background?v=1685470080750
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:bc8:10::8 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: /
Resource Hash: d58597d1114fa4e7d486e0f6c53b1495778c410c9adbb2e2b9a32e40f01b2e31

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
last-modified: Tue, 30 May 2023 18:08:00 GMT
x-amz-request-id: txgad711b9f397a4734ba4f-006654b5c3
etag: "7d8beb7eecdd6c650032027f7082bd55"
content-type: image/png
accept-ranges: bytes
content-length: 71598
x-amz-id-2: txgad711b9f397a4734ba4f-006654b5c3

GET
H2 206 ttfglhs9oks32ebn2ymqcrp1
s3.fr-par.scw.cloud/typebot/public/typebots/rx0zcrlqkhifqajxuzr6txa9/blocks/ 91 KB
0 917ms
437ms Media
audio/mpeg 2001:bc8:10::8
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.fr-par.scw.cloud/typebot/public/typebots/rx0zcrlqkhifqajxuzr6txa9/blocks/ttfglhs9oks32ebn2ymqcrp1?v=1690899194685
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:bc8:10::8 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://acesso.atendimentoonline.us/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
last-modified: Tue, 01 Aug 2023 14:13:12 GMT
x-amz-request-id: txgc36f994398b84bb782c8-006654b5c3
etag: "605f63a369b7423b423ec19c7fe9ffb7"
content-type: audio/mpeg
Content-Range: bytes 0-135140/135141
accept-ranges: bytes
Content-Length: 135141
x-amz-id-2: txgc36f994398b84bb782c8-006654b5c3

GET
H3 200 Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/ 37 KB
38 KB 73ms
39ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Origin: https://acesso.atendimentoonline.us
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 422164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 38384
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-95f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VN6U6QuC82yl61RQYMEcJqLTDwytP%2BktJCYN8bOs%2FSJwjZ7yAL%2Fb9SpbKO58d2E44DIxi%2FW7khenq%2FO3X7%2BuCuQuoz66DwIsrRGqzLDRS%2FHIbNbuApXB4tCALb7%2F3NsAbsIQ%2FFz%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a767a36e1c747d-MIA
expires: Sat, 17 May 2025 16:33:07 GMT

GET
H2 200 958626358987906 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 194ms
193ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/958626358987906?v=2.9.156&r=stable&domain=acesso.atendimentoonline.us&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e7ac26c761793e7af42001ba8720071c97154f48e81c48c448bcdb5c7950032

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=64, mss=1294, tbw=63317, tp=-1, tpl=-1, uplat=134, ullat=0
pragma: public
x-fb-debug: xvo+1IQaC0bfq6IeBzxaZjGqJMnR3Mymnr6xgCcXTy9z/ovAFoLc8TkK1+SP+YqMpXH3kWSFZiGrVL+0Pawm3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ip-api.io/json/ 753 B
1 KB 500ms
169ms Fetch
application/json 212.132.117.42
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ip-api.io/json/

Requested by

Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

212.132.117.42 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

ip212-132-117-42.pbiaas.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

85f4dbb7d4a80a411222d58f7bdf3b7f8a26584b96931e7765f00f92fdd76ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 16:33:07 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 0
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Ratelimit-Reset: 86400
X-Ratelimit-Limit: 200
X-Ratelimit-Remaining: 199
Expires: 0

GET
H2 200 hostAvatar
storage2.atendimentoonline.us/typebot/public/workspaces/clr4fpuiv0001ox1olfzkj4sk/typebots/clvqy4dot0097nw1pefqpsro9/ 4 KB
4 KB 477ms
152ms Image
image/png 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage2.atendimentoonline.us/typebot/public/workspaces/clr4fpuiv0001ox1olfzkj4sk/typebots/clvqy4dot0097nw1pefqpsro9/hostAvatar?v=1715802158884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),

Reverse DNS

vmi1519296.contaboserver.net

Software

Caddy, MinIO /

Resource Hash

72d069c8879e06e2dc5be8e1bb49e14dd0aedf09275cc2fcf42311023689a18d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 16:33:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 15 May 2024 19:42:38 GMT
server: Caddy, MinIO
x-amz-request-id: 17D3659849DC0626
etag: "b3aaa7b13231397a5767c7b6d5bfccf6"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
content-length: 4006
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block

GET
H3 200 430669769690645 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 157ms
157ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/430669769690645?v=2.9.156&r=stable&domain=acesso.atendimentoonline.us&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

4216eccd32d670f994979438935cfeb628f9839723c9b86db6b1c4c780dbe28f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=23, mss=1232, tbw=4310, tp=9, tpl=0, uplat=100, ullat=0
pragma: public
x-fb-debug: 1UtlScTulB7Ktd53sjSmBX5lgkhFtnIStXzWYcYikloTdhxIhV0r1q29MX6YiIzjLBgdyNP/PCfPNpYduHL3wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 849198850354934 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 120ms
120ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/849198850354934?v=2.9.156&r=stable&domain=acesso.atendimentoonline.us&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3a41cba5fc04d9ca854e9a3fb5d67478dba70d8ea77ec4bdb264b0fdf5860957

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=27, mss=1232, tbw=9494, tp=15, tpl=0, uplat=64, ullat=0
pragma: public
x-fb-debug: Q1EZK0TO4uejPXTMndEXrJVkgzx8hQgiD2BRscylmxSyFMBFEjckI/xdPg/0nAPNaTzdDPOg2JiMGpq9yoJNeQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 286742671175789 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 121ms
121ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/286742671175789?v=2.9.156&r=stable&domain=acesso.atendimentoonline.us&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

b7cc09f9245f755e02e3378a0e870fb1b7267b9c3cf9f315817f2fed2f565340

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=30, mss=1232, tbw=12502, tp=19, tpl=0, uplat=65, ullat=0
pragma: public
x-fb-debug: 7hgh4pSaVjCGXP7S/+EvTnJ5U/guRKeZWfgrl0wxY63w5JEXBghV0+Ra9onipuJYHnWypnMQtD5+91bmh0MIUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 continueChat Show response
acesso.atendimentoonline.us/api/v1/sessions/clwp6tg5x0ikio70ekd9msllu/ 2 KB
668 B 256ms
255ms Fetch
application/json 184.174.38.29
AS-COLOAM

General

Check archive.org

Show headers Download Go to

Full URL: https://acesso.atendimentoonline.us/api/v1/sessions/clwp6tg5x0ikio70ekd9msllu/continueChat
Requested by: Host: acesso.atendimentoonline.us
URL: https://acesso.atendimentoonline.us/_next/static/chunks/426.bbdbaa83e094edbb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 184.174.38.29 Düsseldorf, Germany, ASN21769 (AS-COLOAM, US),
Reverse DNS: vmi1519296.contaboserver.net
Software: Caddy /
Resource Hash: 2c35d9d55182dcf67894a3e5c09646dfa8cc4598aa9c548c29c9f1e182ef3508

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://acesso.atendimentoonline.us/frf
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 27 May 2024 16:33:07 GMT
content-encoding: gzip
server: Caddy
content-length: 638
vary: Accept-Encoding
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 62ms
59ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=958626358987906&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587924&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=3219, tp=-1, tpl=-1, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 212ms
209ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=958626358987906&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587924&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x524ad5c2661a9a8c","source_keys":["1","2"]},{"key_piece":"0xd627d203a28ac340","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 16:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=3545, tp=-1, tpl=-1, uplat=149, ullat=0
pragma: no-cache
x-fb-debug: 80gE7ZAKEiFtNXk+Mj+rDeMyMId0xHk3orc6OVB5Ry4Op1vfmbEroJ7mc9KJNtN80+yOoFuBXG+GmSEwKRggkg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 62ms
60ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=430669769690645&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587926&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=3330, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
472 B 213ms
211ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=430669769690645&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587926&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb3b7a915def286db","source_keys":["1","2"]},{"key_piece":"0x159eba8876ddbb3d","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 16:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=6915, tp=-1, tpl=-1, uplat=152, ullat=0
pragma: no-cache
x-fb-debug: Qeh0I+lIKpxQyEi6qUQOk/jG3GoaDmnC6cN9ppMnSh9T+w7NyQBxX9Vhf3uN8d4ut158QZ/85uGHlZV/xIzD7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 62ms
61ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=849198850354934&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587927&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=3330, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
471 B 213ms
212ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=849198850354934&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587927&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x91ddddf5c939d298","source_keys":["1","2"]},{"key_piece":"0xd8d75a48b9fc610b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 16:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=7409, tp=-1, tpl=-1, uplat=154, ullat=0
pragma: no-cache
x-fb-debug: VunencKkdq3WIbaCIdGQxkC1hpe9KRJ5OKtfJSXmTaMWTgSJdV9WvC7A44tHfSm0Pi7K5wOetPBRFuLE7RqLyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 62ms
61ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=286742671175789&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587929&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=3330, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 May 2024 16:33:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
472 B 265ms
265ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=286742671175789&ev=PageView&dl=https%3A%2F%2Facesso.atendimentoonline.us%2Ffrf&rl=&if=false&ts=1716827587929&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716827587920.630804940&ler=empty&cdl=API_unavailable&it=1716827587293&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://acesso.atendimentoonline.us/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf8445a3ce5a0b13e","source_keys":["1","2"]},{"key_piece":"0x9dc60f1e0a3cfe69","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 27 May 2024 16:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1294, tbw=7902, tp=-1, tpl=-1, uplat=206, ullat=0
pragma: no-cache
x-fb-debug: 0NwfExsPXTJ7IAKSeSlMeLo0amfQhLNfISCsyFuauEjW19WWvuIu4uWVq9+Go+W6QWPkpYCRDoO+MEb50GgiXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.atendimentoonline.us/	1970-01-20 23:03:23	Name: _fbp Value: fb.1.1716827587920.630804940

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acesso.atendimentoonline.us
cdn.utmify.com.br
cdnjs.cloudflare.com
connect.facebook.net
fonts.bunny.net
i.postimg.cc
ip-api.io
play-lh.googleusercontent.com
s3.fr-par.scw.cloud
storage2.atendimentoonline.us
www.facebook.com
104.17.25.14
162.249.168.129
184.174.38.29
2001:bc8:10::8
212.132.117.42
2607:f8b0:4006:81d::2016
2a02:6ea0:c454::1
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a09:8280:1::2a:6f56:0
31.13.66.19
0e7ac26c761793e7af42001ba8720071c97154f48e81c48c448bcdb5c7950032
14478b9442c04cf5d547ee6ece61a025c960ad30a9188fbabebf69e4a71d00bb
1bad54e59186e1f20be1f52f0db8a90b3a7b6b7623cece9225f7db5f9546c7b9
1e44db3993e1a707bb0f7dc06e5a276e29949ff38b00a723ee18ddee44d51da6
2532aad30295b0d05087b2d0a33ae0838660932362ff68d5426e316ecc83db29
277cbc8e70f6ca32b17107ec73bd4a812050f85b725751d1cd0269349f9d184c
29b12f6be547d52d8e729e4a68e6c2f07b384e2403b27bcd2020167ce88e820f
2c35d9d55182dcf67894a3e5c09646dfa8cc4598aa9c548c29c9f1e182ef3508
3a41cba5fc04d9ca854e9a3fb5d67478dba70d8ea77ec4bdb264b0fdf5860957
4077d8c17a11d5ea7ea07c461620bd50327792cbef6a54155c3b1e3e3707ea61
4216eccd32d670f994979438935cfeb628f9839723c9b86db6b1c4c780dbe28f
49e7330fc2780d5b9ec7b685325976e7ab19ecd06c470091500e593bfbd2a90d
4b78346ea3d17e68d6d40e275ad260baafed424f88b8b9b1fa294d35f9a4d124
678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00
6be81c708e67803485b94d3dcd62a476bf29189d65615522c5a5715fe1b129e8
6ec49ef66f3d7eef58150536be75dbdaaf8bbf0c0114a44bcd6c84a1fff1fe8a
72d069c8879e06e2dc5be8e1bb49e14dd0aedf09275cc2fcf42311023689a18d
85f4dbb7d4a80a411222d58f7bdf3b7f8a26584b96931e7765f00f92fdd76ae1
87e7e2c052f366c7097b116d9c6e98340bb12a57e9ec437aaa184db2adc65ffc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad2d7f57a083ee11b3a5241c5dd51f7b7656bfefba98ce4812ebe8233087082e
b7cc09f9245f755e02e3378a0e870fb1b7267b9c3cf9f315817f2fed2f565340
ba0e8e61cb8a4b366ca337daf679293b28ade8069680cab01e302519720e1f84
ca04b28fa5a06e33ee4f491c0a88a2aca750220e636b56c07f3fcd2b6fb10345
d58597d1114fa4e7d486e0f6c53b1495778c410c9adbb2e2b9a32e40f01b2e31
dcedb052d4b33fc20607f294d8b02a4eba1c9add8efbdb7d41e31ae6efcfdb6d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f01165f49041b0aacc185d760e664ded98c984bca5931ca0ef0af11874927dfc
f08c9966bfa43b64bcb88f7cb251a0499013b8a529b7012100d18a2e4d7b9da2
faea5da7dd22ca4621fdcadb2610e2c9a75779ba5df05105c0289d357c6d9efa

acesso.atendimentoonline.us Open in urlscan Pro 184.174.38.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

55 %IPv6

10 Domains

11 Subdomains

11 IPs

4 Countries

525 kBTransfer

1676 kBSize

1 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

acesso.atendimentoonline.us Open in urlscan Pro
184.174.38.29 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

525 kB
Transfer

1676 kB
Size

1
Cookies

41 HTTP transactions
0 data transactions