armandocosta.com.br Open in urlscan Pro
45.6.217.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://armandocosta.com.br/ssa/macu.com/
Submission: On January 25 via manual (January 25th 2022, 9:33:55 am UTC) from IN — Scanned from DE

Summary HTTP 84 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 20 domains to perform 84 HTTP transactions. The main IP is 45.6.217.8, located in Fortaleza, Brazil and belongs to ISPCORP Solucoes Digitais Corporativas Ltda., BR. The main domain is armandocosta.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 16th 2022. Valid for: 3 months.

This is the only time armandocosta.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Mountain America Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6 16	45.6.217.8 45.6.217.8	266247 (ISPCORP S...) (ISPCORP Solucoes Digitais Corporativas Ltda.)
1	184.29.200.235 184.29.200.235	16625 (AKAMAI-AS) (AKAMAI-AS)
26	45.60.46.50 45.60.46.50	19551 (INCAPSULA) (INCAPSULA)
4	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	63.128.130.61 63.128.130.61	22013 (GUARD-DC1) (GUARD-DC1)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.239.236.68 52.239.236.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.0.173.134 142.0.173.134	7160 (NETDYNAMICS) (NETDYNAMICS)
1	99.86.3.75 99.86.3.75	16509 (AMAZON-02) (AMAZON-02)
2	18.66.2.14 18.66.2.14	16509 (AMAZON-02) (AMAZON-02)
1	13.66.240.155 13.66.240.155	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.42.65.85 20.42.65.85	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
84	23

16 45.6.217.8 (Fortaleza, Brazil) 6 redirects

ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR)
PTR: srv.loks.com.br

armandocosta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.armandocosta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.200.235 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-200-235.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 45.60.46.50 (United States)

ASN19551 (INCAPSULA, US)

www.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oc-cdn-ocprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comms.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ocsdk-prod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.128.130.61 (United States)

ASN22013 (GUARD-DC1, US)
PTR: collector.fraudmap.net

collector.fraudmap.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.botframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.236.68 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

webchatic3.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.134 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

elq.macu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-75.fra6.r.cloudfront.net

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-14.txl50.r.cloudfront.net

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.66.240.155 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.65.85 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	macu.com 1 redirects www.macu.com — Cisco Umbrella Rank: 248301 elq.macu.com — Cisco Umbrella Rank: 609566	745 KB
16	azureedge.net oc-cdn-ocprod.azureedge.net — Cisco Umbrella Rank: 67595 ocsdk-prod.azureedge.net — Cisco Umbrella Rank: 78646	368 KB
16	armandocosta.com.br 6 redirects armandocosta.com.br www.armandocosta.com.br	303 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 509 p.typekit.net — Cisco Umbrella Rank: 656	57 KB
3	audioeye.com ws.audioeye.com — Cisco Umbrella Rank: 3742 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3515	13 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	58 KB
2	microsoft.com browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 91	793 B
2	omnichannelengagementhub.com comms.omnichannelengagementhub.com — Cisco Umbrella Rank: 62708 217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com — Cisco Umbrella Rank: 628392	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	396 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	12 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	53 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6941	3 KB
1	windows.net webchatic3.blob.core.windows.net — Cisco Umbrella Rank: 86919	115 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 4321	38 KB
1	botframework.com cdn.botframework.com — Cisco Umbrella Rank: 23808	748 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 740	38 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	15 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 385	430 B
1	fraudmap.net collector.fraudmap.net — Cisco Umbrella Rank: 148136	269 B
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 5992
84	20

	Domain	Requested by
26	www.macu.com	armandocosta.com.br www.macu.com
15	oc-cdn-ocprod.azureedge.net	armandocosta.com.br oc-cdn-ocprod.azureedge.net
11	armandocosta.com.br	6 redirects armandocosta.com.br
5	www.armandocosta.com.br	armandocosta.com.br
4	use.typekit.net	armandocosta.com.br use.typekit.net
3	connect.facebook.net	armandocosta.com.br connect.facebook.net
2	browser.pipe.aria.microsoft.com	oc-cdn-ocprod.azureedge.net
2	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
2	elq.macu.com	1 redirects armandocosta.com.br
2	www.facebook.com	armandocosta.com.br
2	cdnjs.cloudflare.com	armandocosta.com.br
2	code.jquery.com	armandocosta.com.br
1	217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com	ocsdk-prod.azureedge.net
1	ocsdk-prod.azureedge.net	oc-cdn-ocprod.azureedge.net
1	ws.audioeye.com	armandocosta.com.br
1	comms.omnichannelengagementhub.com	oc-cdn-ocprod.azureedge.net
1	img.en25.com	armandocosta.com.br
1	webchatic3.blob.core.windows.net	oc-cdn-ocprod.azureedge.net
1	js.monitor.azure.com	oc-cdn-ocprod.azureedge.net
1	cdn.botframework.com	oc-cdn-ocprod.azureedge.net
1	p.typekit.net	use.typekit.net
1	ajax.aspnetcdn.com	armandocosta.com.br
1	stackpath.bootstrapcdn.com	armandocosta.com.br
1	bat.bing.com	armandocosta.com.br
1	collector.fraudmap.net	armandocosta.com.br
1	cloud.typography.com	armandocosta.com.br
84	26

This site contains links to these domains. Also see Links.

Domain
o.macu.com
www.macu.com
secure.macu.com
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
www.linkedin.com
www.ncua.gov
portal.hud.gov

Subject Issuer	Validity	Valid
armandocosta.com.br cPanel, Inc. Certification Authority	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2021-05-27` - `2022-06-01`	a year	crt.sh
www.macu.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-05` - `2022-05-10`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 06	`2021-12-28` - `2022-12-23`	a year	crt.sh
*.fraudmap.net Thawte TLS RSA CA G1	`2020-03-09` - `2022-04-17`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-03` - `2022-02-01`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06	`2021-12-27` - `2022-12-22`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-11-16` - `2022-11-16`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
comms.omnichannelengagementhub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-09-08`	a year	crt.sh
*.audioeye.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-14`	a year	crt.sh
*.omnichannelengagementhub.com Microsoft RSA TLS CA 01	`2021-12-04` - `2022-12-04`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2021-12-12` - `2022-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://armandocosta.com.br/ssa/macu.com/
Frame ID: 938F9827A5B16D373E2F358D0F50520E
Requests: 65 HTTP requests in this frame

Frame: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Frame ID: 263A05061BE5070AC363FE69954071FE
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mountain America Credit Union in Utah & the West

Page URL History Show full URLs

https://armandocosta.com.br/ssa/macu.com HTTP 301
https://armandocosta.com.br/ssa/macu.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AudioEye (Accessibility) Expand

Overall confidence: 100%
Detected patterns

audioeye\.com/ae\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

92 %
HTTPS

45 %
IPv6

20
Domains

26
Subdomains

23
IPs

4
Countries

2585 kB
Transfer

6856 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://o.macu.com/Registration
Title: Register

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotUsername
Title: ID

Search URL Search Domain Scan URL

URL: https://o.macu.com/ForgotPassword
Title: Password

Search URL Search Domain Scan URL

URL: https://www.macu.com/accounts/checking/mystyle-checking?icid=topsearches-checking
Title: MyStyle Rewards Checking

Search URL Search Domain Scan URL

URL: https://www.macu.com/loans/vehicle-loans/auto?icid=topsearches-auto
Title: Low-rate Auto Loans

Search URL Search Domain Scan URL

URL: https://secure.macu.com/account-opening?productId=52
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MountainAmerica/
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mountainamerica
Title: Follow us on YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mountainamericacu/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/MountainAmerica?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mountain-america-credit-union/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.ncua.gov/Pages/default.aspx
Title: Go to the National Credit Union Administration Federally insured by NCUA

Search URL Search Domain Scan URL

URL: http://portal.hud.gov/hudportal/HUD
Title: Equal Housing Lender

Search URL Search Domain Scan URL

URL: https://secure.macu.com/#/account-opening
Title: Become a member

Search URL Search Domain Scan URL

URL: https://www.macu.com/about-us/contact-us/help-center
Title: Check out our FAQs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://armandocosta.com.br/ssa/macu.com HTTP 301
https://armandocosta.com.br/ssa/macu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js HTTP 301
https://www.armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js

Request Chain 16

https://armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js HTTP 301
https://www.armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js

Request Chain 18

https://armandocosta.com.br/MACU/Scripts/Lib/skipto.js HTTP 301
https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js

Request Chain 28

https://armandocosta.com.br/ssa/macu.com/js/actions.js HTTP 301
https://www.armandocosta.com.br/ssa/macu.com/js/actions.js

Request Chain 50

https://armandocosta.com.br/MACU/Scripts/Lib/skipto.js HTTP 301
https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js

Request Chain 54

https://armandocosta.com.br/ssa/macu.com/js/actions.js HTTP 301
https://www.armandocosta.com.br/ssa/macu.com/js/actions.js

Request Chain 72

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&firstPartyCookieDomain=elq.macu.com HTTP 302
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&elq1pcGUID=FAB4727208E54316BFD430436E408D9D

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
armandocosta.com.br/ssa/macu.com/
Redirect Chain

https://armandocosta.com.br/ssa/macu.com
https://armandocosta.com.br/ssa/macu.com/

156 KB
156 KB

184ms
184ms

Document
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: Apache /
Resource Hash: 09927329c9a15cdedd77368a5a4f7c984ca673f9714d2f926ac1925ea97dd8a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 25 Jan 2022 09:33:44 GMT
Server: Apache
Last-Modified: Tue, 14 Dec 2021 13:51:54 GMT
Accept-Ranges: bytes
Content-Length: 159585
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Tue, 25 Jan 2022 09:33:44 GMT
Server: Apache
Location: https://armandocosta.com.br/ssa/macu.com/
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/689828/7556792/css/ 0
0 959ms
905ms Stylesheet
text/html 184.29.200.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/689828/7556792/css/fonts.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.200.235 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-200-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 font-awesome.min.css
www.macu.com/MACU/Stylesheets/ 30 KB
9 KB 767ms
617ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/font-awesome.min.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 2-65074883-65074886 2VNN RT(1643103224837 0) q(0 0 0 0) r(0 6)
cache-control: max-age=84731, public
content-length: 8332
expires: Wed, 26 Jan 2022 09:05:56 GMT

GET
H2 200 jquery.smartbanner.css
www.macu.com/MACU/Stylesheets/ 5 KB
2 KB 753ms
604ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/MACU/Stylesheets/jquery.smartbanner.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 2-65074884-65074887 2VNN RT(1643103224838 0) q(0 0 0 3) r(0 6)
cache-control: max-age=84731, public
content-length: 1766
expires: Wed, 26 Jan 2022 09:05:56 GMT

GET
H2 200 main.6748b61948611561aebb.css
www.macu.com/dist/module/ 198 KB
33 KB 738ms
589ms Stylesheet
text/css 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: text/css
x-iinfo: 2-65074885-65074152 2VNN RT(1643103224838 0) q(0 0 0 6) r(6 6)
cache-control: max-age=84731, public
content-length: 32719
expires: Wed, 26 Jan 2022 09:05:56 GMT

GET
H2 200 cvd1zmo.css
use.typekit.net/ 3 KB
926 B 204ms
136ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/cvd1zmo.css

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

52ea6ddb89b42de720bdd54cd5ae9fc21e71f2e7c4ef51dfb3dc5bada31b5813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 25 Jan 2022 09:33:45 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 694

GET
H2 200 LiveChatWidgetFrame.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ 2 KB
1 KB 164ms
18ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetFrame.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:44 GMT
content-encoding: br
x-azure-ref-originshield: 08qTtYQAAAADz28H8bVMLSr9Q+peesryZQU1TMDRFREdFMTgwNgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: T6+Ch2oZZGwEGnAXQDcCfw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BCF7CB0
x-azure-ref: 0+cPvYQAAAAC7ujJIppF6RqOYcQPSb9ZARlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 02758054-e01e-014d-7027-10a1bf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK style.css
armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/ 830 B
1 KB 559ms
211ms Stylesheet
text/css 45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/style.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: Apache /
Resource Hash: 60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/ssa/macu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:45 GMT
Last-Modified: Sat, 20 Nov 2021 21:02:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 830

GET
H/1.1 200
OK font-awesome.min.css
armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/ 30 KB
31 KB 558ms
210ms Stylesheet
text/css 45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: Apache /
Resource Hash: b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/ssa/macu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:45 GMT
Last-Modified: Sat, 04 Dec 2021 15:42:10 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 31033

GET
H2 200 icon-security-padlock.svg
www.macu.com/media/Icons/ 2 KB
1 KB 582ms
581ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-security-padlock.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:11 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "6ca188bdb2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074945-65074934 2NYN RT(1643103225657 0) q(0 0 0 1) r(6 6) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-map-location.svg
www.macu.com/media/Icons/ 1 KB
1 KB 601ms
599ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-map-location.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:01 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "36132e85db2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074946-65074948 2NYN RT(1643103225657 0) q(0 0 0 4) r(0 6) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-market-prediction.svg
www.macu.com/media/Icons/ 2 KB
1 KB 604ms
603ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-market-prediction.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:32:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "9ab4bc85db2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074947-65074950 2NYN RT(1643103225661 0) q(0 0 0 4) r(0 6) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-account.svg
www.macu.com/media/Icons/ 2 KB
1 KB 179ms
178ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-account.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:45 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "84e99f7bdb2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074949-65074886 2NYN RT(1643103225665 0) q(0 0 0 4) r(2 2) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-budget-accounting.svg
www.macu.com/media/Icons/ 4 KB
1 KB 183ms
182ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-budget-accounting.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:52 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "df1cec7fdb2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074951-65074152 2NYN RT(1643103225669 0) q(0 0 0 3) r(2 2) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 icon-fraud-detection.svg
www.macu.com/media/Icons/ 2 KB
1 KB 606ms
605ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/Icons/icon-fraud-detection.svg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 23:31:54 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "207efd80db2d51:0"
content-type: image/svg+xml
x-iinfo: 2-65074952-65074953 2NYN RT(1643103225676 0) q(0 0 0 0) r(0 6) U1
accept-ranges: bytes
x-cdn: Imperva

GET
H2 200 search_icon_white.png
www.macu.com/MACU/Images/ 1 KB
2 KB 331ms
331ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/search_icon_white.png
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 2-65074954-65074978 2VNN RT(1643103225680 0) q(0 2 2 1) r(2 3)
cache-control: max-age=84732, public
content-length: 1333
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H/1.1

404
Not Found

tippy.all.min.js
www.armandocosta.com.br/MACU/Scripts/Lib/
Redirect Chain

https://armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js
https://www.armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js

0
0

1203ms
639ms

Script
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET

main.bundle.6748b61948611561aebb.js
www.armandocosta.com.br/dist/module/
Redirect Chain

https://armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js
https://www.armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js

0
0

GET
H/1.1 200
OK validate.js Show response
collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/ 0
269 B 656ms
162ms Script
application/javascript 63.128.130.61
GUARD-DC1

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.fraudmap.net/fs/e517993e82e64ad6428327ea680b88b3/validate/validate.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

63.128.130.61 , United States, ASN22013 (GUARD-DC1, US),

Reverse DNS

collector.fraudmap.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Connection: Keep-Alive
Keep-Alive: timeout=5, max=42
Content-Length: 0
X-XSS-Protection: 1

GET
H/1.1

404
Not Found

skipto.js
www.armandocosta.com.br/MACU/Scripts/Lib/
Redirect Chain

https://armandocosta.com.br/MACU/Scripts/Lib/skipto.js
https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js

0
0

1034ms
639ms

Script
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/ 10 KB
2 KB 24ms
23ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:45 GMT
content-encoding: br
x-azure-ref-originshield: 0kZ/vYQAAAAAOtpvK4+IdSKL/hIEtTIoMQU1TMDRFREdFMTgwNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: thkHRtTmATEZlK21AHK9Yg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:28 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFF6B508EE
x-azure-ref: 0+sPvYQAAAAAkSmKLIaG7SKudpyXMHtBHRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4502dffe-401e-0109-38b7-112b80000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 204 0
bat.bing.com/action/ 0
430 B 83ms
43ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4014792&tm=gtm002&Ver=2&mid=42ad0409-03c2-46af-b38d-c937e7fbe5f1&sid=d02e7e60550311ecb91869c28ee55430&vid=d02f0200550311ec8a902f0fefbfce0e&vids=0&pi=0&lg=en-US&sw=1366&sh=768&sc=24&tl=Mountain%20America%20Credit%20Union%20in%20Utah%20%26%20the%20West&kw=home&p=https%3A%2F%2Fwww.macu.com%2F&r=&lt=4738&evt=pageLoad&msclkid=N&sv=1&rn=903490
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 09:33:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61963EAE82EF490CAA3656DB12224AD3 Ref B: FRAEDGE1414 Ref C: 2022-01-25T09:33:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK loading.gif
armandocosta.com.br/ssa/macu.com/cmss/script/custom/fonts/images/img/ 38 KB
38 KB 594ms
256ms Image
image/gif 45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://armandocosta.com.br/ssa/macu.com/cmss/script/custom/fonts/images/img/loading.gif
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: Apache /
Resource Hash: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/ssa/macu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Last-Modified: Sat, 11 Aug 2018 16:03:52 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 38636

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 55ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1643103226.dop001.fr8.t,1643103226.cds270.fr8.hn,1643103226.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 59ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://armandocosta.com.br/
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1643103226.dop123.fr8.t,1643103226.cds290.fr8.hn,1643103226.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 89ms
52ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://armandocosta.com.br/
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 98030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScQNZB3wOmecGF35DH4rmdhELurnBg60dSTfi1%2Bp7rn0nYpaFHnW%2FHDY%2BMt4qWVEL7TF8crtingm128XD5nUzjq3SARBXa3vj8UtJ9SXcQM2YIPDl6ETmoNvudBIVQxtHARzF4t0o1SStybI7hbIApFo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d30807c1a416987-FRA
expires: Sun, 15 Jan 2023 09:33:46 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 77ms
39ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://armandocosta.com.br/
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 565, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 31746e4f32fc67f087dad711b35b2beb
cf-ray: 6d30807c1c115b4a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
38 KB 82ms
14ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E87) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10484378
x-cache: HIT
content-length: 38892
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/8E87)
etag: "af301a17b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 64ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tWIkZFiwLNDrH1Cs4LzVTztc%2FnnIdxDVPhQM90N6KwFIfFZPCPbsxEZ6WyFu7WO1a5ACFdxP1bodd1UTI06Dg0ETMRI2Io65qKgkE%2FGuBdjfv3wcSfQXq6NEp1iEbhCpEcs1jOnQpwltBWf55FaT%2FU6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d30807c1d49900d-FRA
expires: Sun, 15 Jan 2023 09:33:46 GMT

GET
H/1.1

404
Not Found

actions.js
www.armandocosta.com.br/ssa/macu.com/js/
Redirect Chain

https://armandocosta.com.br/ssa/macu.com/js/actions.js
https://www.armandocosta.com.br/ssa/macu.com/js/actions.js

0
0

711ms
626ms

Script
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 82ms
29ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=cvd1zmo&ht=tk&f=39680.39685.39687&a=1540528&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/a3a085/00000000000000007735ba73/30/ 16 KB
17 KB 61ms
16ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a3a085/00000000000000007735ba73/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
server: nginx
etag: "c8312ec3794d199c4baa21fae3f300f4162a37ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16816

GET
H/1.1 200
OK fontawesome-webfont.woff2
armandocosta.com.br/ssa/macu.com/module/media/Script/lib/Fonts/ 75 KB
76 KB 380ms
228ms Font
font/woff2 45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://armandocosta.com.br/ssa/macu.com/module/media/Script/lib/Fonts/fontawesome-webfont.woff2
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://armandocosta.com.br/ssa/macu.com/cms/media/fonts/stylesheet/css/font-awesome.min.css
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:46 GMT
Last-Modified: Sat, 04 Dec 2021 11:52:26 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 77160

GET
H2 200 header_logo.svg
www.macu.com/MACU/Images/ 10 KB
4 KB 656ms
656ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/header_logo.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074959-65074979 2VNN RT(1643103225763 0) q(0 1 1 0) r(1 6)
cache-control: max-age=84731, public
content-length: 3737
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 info-icon.png
www.macu.com/MACU/Images/ 1 KB
2 KB 652ms
652ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/info-icon.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 2-65074960-65074987 2VNN RT(1643103225768 0) q(0 2 2 0) r(2 6)
cache-control: max-age=84731, public
content-length: 1150
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
www.macu.com/media/3-column-images/ 94 KB
95 KB 618ms
618ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021_VisaTripleRewards_3ColumnFlex_457x644_TP.jpg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Wed, 20 Oct 2021 18:04:34 GMT
x-cdn: Imperva
etag: "2ead30f0dcc5d71:0"
content-type: image/jpeg
x-iinfo: 2-65074961-65074978 2VNN RT(1643103225770 0) q(0 5 5 0) r(6 6)
cache-control: max-age=80548, public
content-length: 96057
expires: Wed, 26 Jan 2022 07:56:14 GMT

GET
H2 200 2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
www.macu.com/media/3-column-images/ 87 KB
88 KB 647ms
647ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/2021-MyStyleCampaign-3-column-flex-promo-457x644-Cupbop-AL.jpeg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03074f175d2e30b0c6a3418ea28c1b9877b135ecf5f36685a71a5a9c949192fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:45 GMT
last-modified: Fri, 23 Jul 2021 19:51:14 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "c7e9718fc7fd71:0"
content-type: image/jpeg
x-iinfo: 2-65074962-65074948 2NNN RT(1643103225773 0) q(0 5 5 1) r(6 6) U1
accept-ranges: bytes
content-length: 88674
x-cdn: Imperva

GET
H2 200 3colflex-value-analyzer-2020-V1TSP-457x644.jpg
www.macu.com/media/3-column-images/ 93 KB
94 KB 649ms
648ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/3-column-images/3colflex-value-analyzer-2020-V1TSP-457x644.jpg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Wed, 15 Jul 2020 21:28:54 GMT
x-cdn: Imperva
etag: "fefdcaf0ee5ad61:0"
content-type: image/jpeg
x-iinfo: 2-65074963-65074152 2VNN RT(1643103225773 0) q(0 5 5 3) r(6 6)
cache-control: max-age=80548, public
content-length: 95317
expires: Wed, 26 Jan 2022 07:56:14 GMT

GET
H2 200 social-icon-facebook.svg
www.macu.com/MACU/Images/ 656 B
929 B 648ms
647ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-facebook.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074964-65074953 2VNN RT(1643103225776 0) q(0 5 5 2) r(6 6)
cache-control: max-age=84731, public
content-length: 452
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 social-icon-youtube.svg
www.macu.com/MACU/Images/ 1 KB
1 KB 772ms
771ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-youtube.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074965-65074950 2VNN RT(1643103225780 0) q(0 6 6 0) r(8 8)
cache-control: max-age=84731, public
content-length: 745
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 social-icon-instagram.svg
www.macu.com/MACU/Images/ 2 KB
2 KB 789ms
788ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-instagram.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074966-65074978 2VNN RT(1643103225783 0) q(0 6 6 3) r(8 8)
cache-control: max-age=84731, public
content-length: 1078
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 social-icon-twitter.svg
www.macu.com/MACU/Images/ 995 B
1 KB 775ms
774ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-twitter.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074968-65074953 2VNN RT(1643103225787 0) q(0 6 6 0) r(8 8)
cache-control: max-age=84731, public
content-length: 613
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 social-icon-linkedin.svg
www.macu.com/MACU/Images/ 796 B
989 B 779ms
778ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/social-icon-linkedin.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074969-65074987 2VNN RT(1643103225789 0) q(0 6 6 1) r(8 8)
cache-control: max-age=84731, public
content-length: 511
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 ncua_logo.png
www.macu.com/MACU/Images/ 2 KB
2 KB 786ms
785ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/ncua_logo.png
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 2-65074970-65074979 2VNN RT(1643103225789 0) q(0 7 7 2) r(8 8)
cache-control: max-age=84731, public
content-length: 1989
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 icon-equal-housing.svg
www.macu.com/MACU/Images/ 640 B
887 B 919ms
918ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/icon-equal-housing.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074971-65074152 2VNN RT(1643103225791 0) q(0 8 8 12) r(9 9)
cache-control: max-age=84731, public
content-length: 409
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 footer_mountains.svg
www.macu.com/MACU/Images/ 2 KB
1 KB 925ms
924ms Image
image/svg+xml 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/footer_mountains.svg
Requested by: Host: www.macu.com
URL: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.macu.com/dist/module/main.6748b61948611561aebb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/svg+xml
x-iinfo: 2-65074972-65074958 2VNN RT(1643103225793 0) q(0 8 8 12) r(9 9)
cache-control: max-age=84731, public
content-length: 489
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H2 200 l
use.typekit.net/af/e7065f/00000000000000007735ba3f/30/ 20 KB
20 KB 36ms
19ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e7065f/00000000000000007735ba3f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
server: nginx
etag: "65381862afa1e35bdce2a257727d8a6c9625f357"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20480

GET
H2 200 l
use.typekit.net/af/a741c0/00000000000000007735ba66/30/ 19 KB
19 KB 35ms
18ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a741c0/00000000000000007735ba66/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/cvd1zmo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656

Request headers

Referer: https://use.typekit.net/cvd1zmo.css
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
server: nginx
etag: "519cefc842ab7db6e740a26a5e2b3c236659ca6b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19684

GET
H2 200 2021_MyStyleCampaign_1821x630_AL.jpg
www.macu.com/media/hero-images/ 324 KB
325 KB 877ms
876ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/hero-images/2021_MyStyleCampaign_1821x630_AL.jpg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Tue, 19 Oct 2021 19:59:10 GMT
x-cdn: Imperva
etag: "832218c823c5d71:0"
content-type: image/jpeg
x-iinfo: 2-65074975-65074987 2VNN RT(1643103225815 0) q(0 7 7 0) r(8 8)
cache-control: max-age=80547, public
content-length: 331751
expires: Wed, 26 Jan 2022 07:56:13 GMT

GET
H2 200 mystyle-video-thumbnail-summer-2021-v1cc.jpg
www.macu.com/media/videos/ 73 KB
74 KB 892ms
891ms Image
image/jpeg 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/media/videos/mystyle-video-thumbnail-summer-2021-v1cc.jpg
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2e71ed7493ee4502bf285424f72cdf8bcdecf30ff4d99515b10fb1af3cdd08d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Tue, 24 Aug 2021 17:05:33 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "f3842740a99d71:0"
content-type: image/jpeg
x-iinfo: 2-65074976-65072480 2NNN RT(1643103225816 0) q(0 7 7 3) r(8 8) U1
accept-ranges: bytes
content-length: 74365
x-cdn: Imperva

GET
H2 200 play_button.png
www.macu.com/MACU/Images/ 559 B
1 KB 892ms
892ms Image
image/png 45.60.46.50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.macu.com/MACU/Images/play_button.png
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.46.50 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:46 GMT
last-modified: Wed, 29 Sep 2021 15:43:00 GMT
x-cdn: Imperva
etag: "09a76ae48b5d71:0"
content-type: image/png
x-iinfo: 2-65074977-65074886 2VNN RT(1643103225820 0) q(0 7 7 0) r(8 8)
cache-control: max-age=84731, public
content-length: 559
expires: Wed, 26 Jan 2022 09:05:57 GMT

GET
H/1.1

404
Not Found

skipto.js
www.armandocosta.com.br/MACU/Scripts/Lib/
Redirect Chain

https://armandocosta.com.br/MACU/Scripts/Lib/skipto.js
https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js

0
0

376ms
376ms

Script
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 25 Jan 2022 09:33:47 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/configs/ 4 KB
2 KB 56ms
20ms Fetch
application/json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0D67vYQAAAAAzeKqLS5wNQLkPDAomHqKhQU1TMDRFREdFMTkwOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7EFED267BBA
x-azure-ref: 0/MPvYQAAAAB+EbKHXieaQIUiUs1AN84bRlJBRURHRTEwMjAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5d7517a2-901e-0048-7e81-108d69000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 52ms
16ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 3V73wjJok4P6K5k7ojuefZrFw+4rJty99xepKchPH5MDkVE3AD+NnUNB59TpkHeTWlP3TRCC2GhAH/MIq/Q2xA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 25 Jan 2022 09:33:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chat.html Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/ Frame 263A 7 KB
2 KB 18ms
18ms Document
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/

Response headers

cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
content-type: text/html
content-encoding: br
content-md5: 4svHTbPebj5nFznb41LdVg==
last-modified: Sat, 15 Jan 2022 06:26:48 GMT
etag: 0x8D9D7F0029D3293
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 13291cdf-a01e-006c-7542-107bc9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0xqTtYQAAAACnECEQ67KkSKiALXPgtlgiQU1TMDRFREdFMTgwNwA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
x-azure-ref: 0/MPvYQAAAACT6bTbkCuESrJggOSOAUnIRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
date: Tue, 25 Jan 2022 09:33:47 GMT

GET
H/1.1

404
Not Found

actions.js
www.armandocosta.com.br/ssa/macu.com/js/
Redirect Chain

https://armandocosta.com.br/ssa/macu.com/js/actions.js
https://www.armandocosta.com.br/ssa/macu.com/js/actions.js

0
0

728ms
380ms

Script
text/html

45.6.217.8
ISPCORP Solucoes ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: HTTP/1.1
Server: 45.6.217.8 Fortaleza, Brazil, ASN266247 (ISPCORP Solucoes Digitais Corporativas Ltda., BR),
Reverse DNS: srv.loks.com.br
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Tue, 25 Jan 2022 09:33:48 GMT
Server: Apache
X-Redirect-By: WordPress
Content-Type: text/html; charset=UTF-8
Location: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame 263A 78 KB
8 KB 19ms
18ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0kqTtYQAAAADk2azAeLKRQLuFUBqu43nGQU1TMDRFREdFMTkxMAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0/MPvYQAAAAAnwedLVedGRJLQKeVZv4f+RlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6d91ad5-601e-003e-4c6b-0f0721000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatBootstrapper.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ 78 KB
8 KB 17ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0kqTtYQAAAADk2azAeLKRQLuFUBqu43nGQU1TMDRFREdFMTkxMAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: otvOoeTPqbzWPKPH87WRmA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007C73785
x-azure-ref: 0/MPvYQAAAAD4LOHv54JXSocBkEKn0pVKRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c6d91ad5-601e-003e-4c6b-0f0721000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: BWV/k7hy/o/5l0lRyP5+TVmdLTZ2bqTJd+0O4XoC3Xq8cn1kC6xhMzGFuUxIY0VlwTg7ebMCWEBgRcsQgy+QQg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 25 Jan 2022 09:33:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 837421743000518 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 52ms
52ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/837421743000518?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c61013941dafa299b401f2ecaef12190565aec04f0344f48bbeed7fdb91ddbb0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: OonrezUXHG4SiEineCHK/KmacCvSyWwSLo7cGA3Kjou+tHfMFI5B1bAe+lCKx97RhTVhnkAAyhEOW4il6p+VMg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 25 Jan 2022 09:33:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LiveChatWidgetLibs.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 263A 412 KB
107 KB 18ms
18ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 02anuYQAAAACO5Z8PbDIqS7qnsKkumYw2QU1TMDRFREdFMTgwNgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: AV3A5KYwCd4LKK8Bu2rBWw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0076158E0
x-azure-ref: 0/MPvYQAAAADiKxojybV7SpHLIgmMFd0wRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8ddd15a8-e01e-013f-413a-10a6f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 LiveChatWidgetScripts.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/ Frame 263A 396 KB
69 KB 19ms
19ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatBootstrapper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 09ovvYQAAAABjQlNSpcpvSbcZAEd+LckxQU1TMDRFREdFMTgwOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: HJIf6V8EGajSQQtpPTfOQQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F007E78C00
x-azure-ref: 0/MPvYQAAAAA0M/nJ9B+sSI8Ike23ZRZTRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 111c72a8-501e-0068-4423-10f6ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 51ms
16ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=PageView&dl=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1643103228553&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.51&r=stable&ec=0&o=60&fbp=fb.2.1643103228551.1462721193&it=1643103228479&coo=false&rqm=GET

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 25 Jan 2022 09:33:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 51ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=837421743000518&ev=ViewContent&dl=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F%23wa%3Dwsignin1.0%26rpsnv%3D13%26ct%3D1539585327%26rver%3D7.0.6737.0%26wp%3DMBI_SSL%26wreply%3Dhttps%253a%252f%252foutlook.live.com%252fowa%252f%253fnlp%253d1%2526RpsCsrfState%253d715d44a2-2f11-4282-f625-a066679e96e2%26id%3D292841%26CBCXT%3Dout%26lw%3D1%26fl%3Ddob%252cflname%252cwld%26cobrandid%3D90015%26domain%3D&rl=&if=false&ts=1643103228555&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.51&r=stable&ec=1&o=60&fbp=fb.2.1643103228551.1462721193&it=1643103228479&coo=false&rqm=GET

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 25 Jan 2022 09:33:48 GMT

GET
H2 200 LiveChatWidgetAll.min.css
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/ Frame 263A 53 KB
9 KB 18ms
18ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/styles/LiveChatWidgetAll.min.css
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0orzvYQAAAACwW0BIoDDGRqif90Q8Dej4QU1TMDRFREdFMTgxOQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: WaCWuIabbLjYwdudjji8ZQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:27:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00BBBA986
x-azure-ref: 0/MPvYQAAAAAzGpKb//wyRpAujYQ43jIbRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0a5037b7-801e-006b-038c-1117aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 jquery-3.4.1.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 263A 104 KB
31 KB 18ms
18ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0o7zvYQAAAAAgbQC1p92LS7MuUABg5iWRQU1TMDRFREdFMTkxOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: iPDd3y2YhzkDBroYgeOIwg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00736CCC0
x-azure-ref: 0/MPvYQAAAACRWvd0bsnIRb/3v+VtPtJoRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 00ce68f0-b01e-0132-48ba-106e24000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 prod.json Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/ Frame 263A 4 KB
2 KB 17ms
17ms XHR
application/json 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/configs/prod.json
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0o7zvYQAAAAChvheSqDbgQaCrbEghWXdzQU1TMDRFREdFMTkwOAA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: GG61rgxZFh1G8ZdPM9eiog==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F00238B342
x-azure-ref: 0/MPvYQAAAAC18ERH5LK/Ra3k2IK+YWVgRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82f5ab56-c01e-0037-33bd-1142f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 appinsights.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 263A 5 KB
3 KB 17ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0t63vYQAAAACQklpKG4L6TqWLaJJzvcOOQU1TMDRFREdFMTkyMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: ADbtFKqlrLgA2/6zjT1cnw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F006756E1E
x-azure-ref: 0/MPvYQAAAAC6BpG/mMDVTZT+tYEWXur3RlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 94505f4d-301e-00c7-3288-110403000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 webchat-es5.js Show response
cdn.botframework.com/botframework-webchat/4.9.2/ Frame 263A 3 MB
748 KB 59ms
15ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.botframework.com/botframework-webchat/4.9.2/webchat-es5.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8A) /
Resource Hash: 0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:48 GMT
content-encoding: gzip
content-md5: lAEA5uInanqd0I1LBpYUXA==
age: 213
x-cache: HIT
content-length: 765604
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jul 2020 18:43:42 GMT
server: ECAcc (frc/8F8A)
etag: 0x8D829B82987C0B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c90fad45-f01e-0097-07ce-11cb02000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Tue, 25 Jan 2022 13:33:48 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ Frame 263A 119 KB
38 KB 366ms
20ms Script
text/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/appinsights.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

Request headers

Referer: https://oc-cdn-ocprod.azureedge.net/
Origin: https://oc-cdn-ocprod.azureedge.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:48 GMT
content-encoding: br
x-azure-ref-originshield: 0WcDvYQAAAACbHYVlVdxkSriwr/yx3iH4QU1TMDRFREdFMTkxMQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5: eo/NA/cIfC8rvfmGvcVN1w==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.7.2.min.js
last-modified: Wed, 08 Dec 2021 18:03:24 GMT
x-ms-meta-aijssdkver: 2.7.2
etag: 0x8D9BA750718AE66
x-azure-ref: 0/cPvYQAAAAA8dwjqTWwzQ4ZVKXEn6w0ORlJBRURHRTEwMTYAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3f891c72-f01e-008a-38c8-11b3c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 purify.min.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 263A 16 KB
7 KB 18ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/purify.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:47 GMT
content-encoding: br
x-azure-ref-originshield: 0Jq7vYQAAAACBJ2/lwJSAS46O4nYW+FIPQU1TMDRFREdFMTgxNQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: 98MT7M8SRWeA4QUys4utxQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0077B45AC
x-azure-ref: 0/MPvYQAAAADT4ELdH7B/RKeKK0C7i6lQRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c3551e54-d01e-00ad-1e16-10dc2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H/1.1 200
OK botframework-webchat-adapter-ic3.production.min.js Show response
webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/ Frame 263A 115 KB
115 KB 876ms
173ms Script
application/javascript 52.239.236.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://webchatic3.blob.core.windows.net/webchat-ic3adapter/0.1.0-master.2dba07b/botframework-webchat-adapter-ic3.production.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.236.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 25 Jan 2022 09:33:49 GMT
Last-Modified: Sat, 14 Aug 2021 15:05:49 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: uWzZutPFlN9rzjGW2y8JIQ==
ETag: 0x8D95F3500AFCFD0
Content-Type: application/javascript
x-ms-request-id: 1cb036b6-d01e-002a-3ace-11946e000000
x-ms-version: 2009-09-19
Content-Length: 117440

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 49ms
18ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
Date: Tue, 25 Jan 2022 09:33:49 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "28352a696c0d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Tue, 25 Jan 2022 09:33:49 GMT

GET
H/1.1

200
OK

svrGP
elq.macu.com/visitor/v200/
Redirect Chain

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&firstPartyCookieDomain=elq.macu.com
https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&elq1pcGUID=FAB4727208E54316BFD430436E408D9D

49 B
497 B

193ms
193ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&elq1pcGUID=FAB4727208E54316BFD430436E408D9D

Requested by

Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/

Protocol

HTTP/1.1

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 09:33:50 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 09:33:49 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://elq.macu.com/visitor/v200/svrGP?pps=3&siteid=2213&ref=https%3A%2F%2Farmandocosta.com.br%2Fssa%2Fmacu.com%2F&ref2=elqNone&tzo=0&ms=717&optin=disabled&elq1pcGUID=FAB4727208E54316BFD430436E408D9D
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 345
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 SDK.min.js Show response
comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/ Frame 263A 24 KB
5 KB 215ms
18ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.omnichannelengagementhub.com/ams/0.1.1-main.af545b3/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:49 GMT
content-encoding: br
last-modified: Sat, 02 Oct 2021 02:07:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WdlsYBmkBlaPY+FFlT//KA==
etag: 0x8D98549567E591B
x-azure-ref: 0/sPvYQAAAACLW7suKuMBTYnxKtNfSPh5RlJBRURHRTEwMTAAMzEzYmNhYWQtNTkyZS00ZDA4LWI1OTEtZjJjZTI1ZDc2ZjU3
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: f9aa6157-e01e-003f-5989-109b57000000
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19
x-azure-ref-originshield: 09J7vYQAAAACJqcwpDoLqRIthFDq0X9V1QU1TMDRFREdFMTgyMgAzMTNiY2FhZC01OTJlLTRkMDgtYjU5MS1mMmNlMjVkNzZmNTc=

GET
H2 200 ae.js Show response
ws.audioeye.com/ 1020 B
817 B 82ms
14ms Script
application/javascript 99.86.3.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: armandocosta.com.br
URL: https://armandocosta.com.br/ssa/macu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-75.fra6.r.cloudfront.net
Software: /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:09:09 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
age: 1485
etag: "c5f5d23dbd841fb0868078e4bfbbd713"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
content-encoding: gzip
x-amz-cf-id: EO9rIIXuCgurz6VYtxNQz7oMTWDDqM0uwTmmi4GolXAbav8Ag2i4yg==

GET
H2 200 chat-adapter-0.0.35-beta.1.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/ Frame 263A 444 KB
99 KB 18ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/chat-adapter-0.0.35-beta.1.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:49 GMT
content-encoding: br
x-azure-ref-originshield: 0/b3vYQAAAAAuGGs3PvvkTKPwuVjnt8/IQU1TMDRFREdFMTgxMQA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: O+ExDonOjsci5GCZ/GHiZw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F0070E3C1C
x-azure-ref: 0/sPvYQAAAADhQ5W7C9JIQp+Z97EsW+52RlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b31f091-201e-0120-639b-1115f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 SDK.min.js Show response
ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/ Frame 263A 78 KB
17 KB 87ms
18ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:49 GMT
content-encoding: br
x-azure-ref-originshield: 0bq/vYQAAAAAuhb54jFdeTI2J95N3tIwkQU1TMDRFREdFMTgxOQA5Nzk3MTdhNC1mNDg1LTRjOTUtYWQ2Yi1iOGFiMTViZmIzYTI=
content-md5: wgHqAXXLbwBtAnW5wGiHJg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 31 Aug 2021 20:29:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96CBE17F6BD2B
x-azure-ref: 0/sPvYQAAAADfJdzcMo5hSLIb7kWUidN+RlJBRURHRTEwMTAAOTc5NzE3YTQtZjQ4NS00Yzk1LWFkNmItYjhhYjE1YmZiM2Ey
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d23c804d-201e-0095-21b7-108018000000
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
12 KB 258ms
194ms Script
application/javascript 18.66.2.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=armandocosta.com.br
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-14.txl50.r.cloudfront.net
Software: /
Resource Hash: 29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://armandocosta.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 09:33:50 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
etag: "bd2f70577e43319f96c693e34b326375"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, private
content-encoding: gzip
x-amz-cf-id: ndVh1PyIPbUieVnnNG21BFeYTedqUVKfDyZ4TcdC9al3qs3yacjXmA==

GET
H/1.1 200
OK 705610f5-72b1-469e-8935-4af156c9dcbb Show response
217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/ Frame 263A 12 KB
13 KB 1661ms
683ms XHR
application/json 13.66.240.155
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com/livechatconnector/config/0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c/705610f5-72b1-469e-8935-4af156c9dcbb?requestId=5d43136e-142c-4e17-8159-296c1771431d&channelId=lcw

Requested by

Host: ocsdk-prod.azureedge.net
URL: https://ocsdk-prod.azureedge.net/release/0.2.1-main.d3114ea/SDK.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.66.240.155 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd

Security Headers

Name	Value
Content-Security-Policy	default-src "none"
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://oc-cdn-ocprod.azureedge.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src "none"
X-Content-Type-Options: nosniff
Correlation-Vector: IiYL8n2u/UWiTL7nHkMBhg.27
Date: Tue, 25 Jan 2022 09:33:52 GMT
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Cache-Control: no-store, must-revalidate, no-cache
Transaction-Id: 3bac6b3a-9a5d-480b-a1d2-b8bbd41f0446
Expires: Tue, 25 Jan 2022 09:33:52 GMT

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 263A 0
397 B 530ms
197ms XHR
application/json 20.42.65.85
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1643103230671&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.85 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:50 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 380
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 29 B
425 B 92ms
47ms Script
text/javascript 18.66.2.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?d=armandocosta.com.br&lang=en&cb=3a3e9de
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=armandocosta.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-14.txl50.r.cloudfront.net
Software: Apache /
Resource Hash: 8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd

Request headers

Referer: https://armandocosta.com.br/
Origin: https://armandocosta.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 07:56:18 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: TXL50-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
content-length: 49
via: 1.1 f40ff9523880a4442009f8741bfb3f5c.cloudfront.net (CloudFront)
x-amz-cf-id: 0LGWuVOX5Ak_cCCVRPF5IjslZ4SnrpaJwdqkTWrFAIGoDp-sBIZBCA==

GET
H2 200 1033.js Show response
oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/ Frame 263A 13 KB
3 KB 17ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/locale/1033.js
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/scripts/LiveChatWidgetScripts.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/htmls/chat.html?&id=Microsoft_Omnichannel_LCWidget&data-app-id=705610f5-72b1-469e-8935-4af156c9dcbb&data-org-id=0163ca2c-c37d-48eb-8e8c-e23dc15c6c9c&data-org-url=https://217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com&hostname=www.macu.com&data-hide-chat-button=true&data-lcw-version=prod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 25 Jan 2022 09:33:51 GMT
content-encoding: br
x-azure-ref-originshield: 0x57vYQAAAABTP5Q7p8DrS6dpiI7Bq+6wQU1TMDRFREdFMTgyMgA0YjJlN2NmYi1mMGJiLTQwOGItYmVlMy0wMDRmNTQzMjdhYTQ=
content-md5: +rNdVFj8oJE5dM/EJCJOQA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Sat, 15 Jan 2022 06:26:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9D7F008A0D57F
x-azure-ref: 0AMTvYQAAAACpE7GyYFnCTaFJtGJ/NeEdRlJBRURHRTEwMTAANGIyZTdjZmItZjBiYi00MDhiLWJlZTMtMDA0ZjU0MzI3YWE0
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: baaadb3f-c01e-0008-3bb3-118a51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, s-maxage=259200, must-revalidate
x-ms-version: 2009-09-19

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 263A 0
396 B 100ms
99ms XHR
application/json 20.42.65.85
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.2&x-apikey=c7655518acf1403f93ff6b9f77942f0a-d01a02fd-6b50-4de3-a566-62eda11f93bc-7083&client-time-epoch-millis=1643103234456&time-delta-to-apply-millis=380
Requested by: Host: oc-cdn-ocprod.azureedge.net
URL: https://oc-cdn-ocprod.azureedge.net/livechatwidget/WebChatControl/lib/LiveChatWidgetLibs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.85 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oc-cdn-ocprod.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 09:33:53 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 37
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.armandocosta.com.br
URL: https://www.armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mountain America Credit Union (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bing.com/	1970-01-20 09:46:39	Name: MUID Value: 083B81F8D85C65F52CE290CFD9376409
			.armandocosta.com.br/	1970-01-20 02:34:39	Name: _fbp Value: fb.2.1643103228551.1462721193

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.typography.com/689828/7556792/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/tippy.all.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://armandocosta.com.br/ssa/macu.com/ Message: Access to script at 'https://www.armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js' (redirected from 'https://armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js') from origin 'https://armandocosta.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.armandocosta.com.br/dist/module/main.bundle.6748b61948611561aebb.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.armandocosta.com.br/MACU/Scripts/Lib/skipto.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.armandocosta.com.br/ssa/macu.com/js/actions.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

217bc97eb4d14888850d908baf4fba-crm.omnichannelengagementhub.com
ajax.aspnetcdn.com
armandocosta.com.br
bat.bing.com
browser.pipe.aria.microsoft.com
cdn.botframework.com
cdnjs.cloudflare.com
cloud.typography.com
code.jquery.com
collector.fraudmap.net
comms.omnichannelengagementhub.com
connect.facebook.net
elq.macu.com
img.en25.com
js.monitor.azure.com
oc-cdn-ocprod.azureedge.net
ocsdk-prod.azureedge.net
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
webchatic3.blob.core.windows.net
ws.audioeye.com
wsv3cdn.audioeye.com
www.armandocosta.com.br
www.facebook.com
www.macu.com
www.armandocosta.com.br
104.111.229.66
13.66.240.155
142.0.173.134
152.199.19.160
18.66.2.14
184.29.200.235
20.42.65.85
2001:4de0:ac18::1:a:3b
2606:4700::6810:135e
2606:4700::6812:acf
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:c11::200
2a02:26f0:6c00:2ae::19fd
2a02:26f0:f7::5c7b:e024
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
45.6.217.8
45.60.46.50
52.239.236.68
63.128.130.61
99.86.3.75
023e4947e93631fc56fdae00a58b1edf8dfd77648f23e7c0ed5e5e2ec91b218b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
03074f175d2e30b0c6a3418ea28c1b9877b135ecf5f36685a71a5a9c949192fd
06fa02fd2b13da57e4a5ac02bab65eec3a3b204cb60bf08e40262f9db28d8121
0935532150293b962fb321373aa304c6f519d45f292fedfea6cb2d7ad1281575
09927329c9a15cdedd77368a5a4f7c984ca673f9714d2f926ac1925ea97dd8a3
0a3d5af4428611b0cc385c60aefaa6d0b95836c1961c796ebdf95dca108b07a7
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce3bfe6b37e617902a441cdb980f7db4da201582e793324ebecdb758d446ccd
202267f57c5401883e5f7abedb41c824919ef471c5759cc994f9653e836c7f5b
2324969e1a7e15eaf89a25ab4f018296a7ccdb03187f80d2c40ec867271afaa2
29147105374de37dc23aa45a4e1201104f4b7979d31950fcf95d60e9acd9890b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e71ed7493ee4502bf285424f72cdf8bcdecf30ff4d99515b10fb1af3cdd08d9
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
395ba7d4187e9ee539495094380c0292b5edcc3b28228d9e871c9d2a471f1916
3be2fa8fc01386a4135ebc59168a1e447b699d0bacd0e3c622d701ec685fdbf0
3d133e653aa3b803f3811450300e76cda11912432494ca973dd81dfeec5aac47
3fa39ec7210a30850c5127247651e4e63d18df9af10144213b314e5062c336ff
470c598ef6db18c7ae2a420ef65df40ca35ef9ace19c43f35d084c0e5fd8081f
4c6b8238224112dde0a10a3aae95d9e7e23bee7a3c98b76e00137f36370a34b3
5038ec8b627d1b4f565ebaf3360f3a8317182b7c3518525a337d86b335f302ae
52ea6ddb89b42de720bdd54cd5ae9fc21e71f2e7c4ef51dfb3dc5bada31b5813
5ac9fcdf2b8bf1ec5ec8b98a5b9a744d872fc3acf4ecdd55bea9f3aef01cff23
5ccd2ec373b11b4dc619ea1f584ebf51c1a4e640275d080261dc6eac099878b5
5d9b8c3cb4ecf3bb4b83deda95f964fd0bd9d56eb2a626a14ad4e3ff78f9d8c7
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
5eacb24dce95197ef1b8db870117adbf2be5642b5b0172e4502cf570d0602466
60062b64733e9587b52db3a48d8ff4a3d7f469af0101c7e6ff313d7221f752a1
661ad0861039f6323b4167c759cec7305c985587c147ea964711686a889481c6
68f9d12ac81b50577c9750d61e6b3316465cb394acbd854df3f4b9a1ed87917f
6bb0cf569812f53957b5b82aa5cbb3c2a3075a37416cf12f90c95d1d70cba969
6f2ec1d519d369425aeab2897e77ed0d739207f7cb5804bd878cfb5aca738d0f
7022e3ed651e8969ec18b5fdbb7fd98ee159d3e798af380e80938c1e2c5abbda
821a2b02f48c78cb4788a5c22489113d0a0e03f5f13175ebfde31385c7601656
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b3bc42630ce797308e3ad9ac29de81ae883fa51d646e0c84a1165b27646cffd
90af0447f5d8a9d4705c9aa636d31ce859f280460810f68f1de93922277fb0ef
93d8446660114a3c908c7d4ff2ba5677fad8f436ddd493f8936abf807649d0db
95d18200a346f736b3a5233135118f9da301038de07476b7dba8acfab508c0d9
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
a75d69cfc96d32fd87c93b4cfc533626916ad843fb315404fe3a1266a41f4646
a7a05d6db9fff3ed1d8626f59c88628a08dd321a7bc8682e007f2f8de2f9cd3c
b0cbe509c8ccd79f0378e7a1e0a511ee5467ec95c72bd904d8280ae390f609b6
b9d2c77e6cd4411222a2b98a5b00f67c1794bb1f917cfc3039d9c6bec0cdce2c
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c2b1ae00eb2ac991a06487f3f0162c918768b25cbe2787638110570d04ed1f88
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c61013941dafa299b401f2ecaef12190565aec04f0344f48bbeed7fdb91ddbb0
c86d88f9e36b602c162116764cb7c693ae21c6bee25b6fb3de923e9bec0e72ec
c9a80625e971b234d28263a9f86712c4ccb54feb7d37379f8ec6930c4f534f9c
cbbda9b1b15022e435325e2bb7ab9e19f8d4ea15cd1716a33c07f4750930adc3
ce69237dc3cba8560ba03c06c30c9830b7d5ca48acfd2c91757ea9c9fa2c2de1
cefe4aaefb1daa0c4bff6a9e08bee952d7259fe7e9f20f973cedf18fec5c6002
d35bdade27b3f2a1e604fb83aba7fad8e53dc22a98e6953218922c4ffd247a7b
d7b371bfbeda687c7e7e4738bea7f985953adab2134dd573874a281e3ed8be7a
dc4e732be656c0118a3b2b5e74a55e86893e909294b38074fcb00e676a86bfa3
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e23b1851926f1f909295d26142dfe45ceabc52fe898f724b4f61a659f6ac6a53
e2627fae42ecc27102bc84e8abd96cf7c8709354a50b568e385ea92c0480c6d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e947adf53c17d668e9ab54c1348eafdd5a7db5eda04d076adfacc004702749bb
f082d94f17f4e5e3725177207431e7853ef566cde2ae17db075bfe99832c50ff
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f5e52056a2430132f8aece37250adea25254c4728a05d600c1915931b6ebde4d
f6d1c3dd273fad6871f347b1391f11cd6b765d19a8cf91026f7d66558b512192
f9fa2bbbf048b49dca5b1207cf03a3d5867924372252df0196167810cea88780

armandocosta.com.br Open in urlscan Pro 45.6.217.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

92 %HTTPS

45 %IPv6

20 Domains

26 Subdomains

23 IPs

4 Countries

2585 kBTransfer

6856 kBSize

2 Cookies

15 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

armandocosta.com.br Open in urlscan Pro
45.6.217.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

92 %
HTTPS

45 %
IPv6

20
Domains

26
Subdomains

23
IPs

4
Countries

2585 kB
Transfer

6856 kB
Size

2
Cookies

84 HTTP transactions
0 data transactions