www.rf.topdesconto.net Open in urlscan Pro
45.162.228.138  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.rf.topdesconto.net/	443 KB 71 KB	6842ms 1015ms	Document text/html	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash a16bff9644711bc13f22a4aad09aa8afe0866b34a77908fcf437fbbb3b695f62 Request headers :method GET :authority www.rf.topdesconto.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 15 Sep 2021 08:11:27 GMT content-type text/html; charset=UTF-8 set-cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate public pragma no-cache public vary Accept-Encoding Accept-Encoding content-encoding gzip
GET H2	200	7017382.png www.rf.topdesconto.net/franquias/2/457596/editor-html/	56 KB 56 KB	208ms 207ms	Image image/png	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Show image Full URL https://www.rf.topdesconto.net/franquias/2/457596/editor-html/7017382.png Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash 4056b467053da26bc859e7e867421a394b7f4b10deabc9708a040768d44b65d5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers :path /franquias/2/457596/editor-html/7017382.png pragma no-cache cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT x-content-type-options nosniff last-modified Sun, 17 Jan 2021 15:17:09 GMT server nginx etag "600454f5-deae" x-frame-options ALLOW content-type image/png cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains accept-ranges bytes content-length 57006 expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	tracking.min.js Show response member.mailingboss.com/integration/assets/js/	6 KB 1 KB	5410ms 131ms	Script application/javascript	65.111.191.135 INFOLINK-MIA-
General Check archive.org Show headers Download Go to Full URL https://member.mailingboss.com/integration/assets/js/tracking.min.js Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 65.111.191.135 Miami, United States, ASN15083 (INFOLINK-MIA-, US), Reverse DNS mailingboss.com Software nginx / Resource Hash 55c3d5e1869a7c5833b8724435504323f9c1492ca049561331dabbec6cf194e1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:33 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 15 Jun 2021 13:57:53 GMT server nginx etag W/"60c8b1e1-196d" content-type application/javascript
GET H2	200	style.min.css www.rf.topdesconto.net/	820 KB 138 KB	397ms 397ms	Stylesheet text/css	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/style.min.css Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash b34daa41ffbce46b7097d40e590744aed61a6bb3729a680aff6f3c3082fbf25b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers :path /style.min.css pragma no-cache cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 19 Dec 2019 15:47:36 GMT server nginx etag W/"5dfb9b98-cce06" x-frame-options ALLOW content-type text/css cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains vary Accept-Encoding expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	Lato-Heavy.ttf www.rf.topdesconto.net/font/LatoFonts/	589 KB 590 KB	389ms 388ms	Font application/octet-stream	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/font/LatoFonts/Lato-Heavy.ttf Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash 1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers sec-fetch-mode cors origin https://www.rf.topdesconto.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo :path /font/LatoFonts/Lato-Heavy.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT x-content-type-options nosniff last-modified Thu, 20 Jun 2019 16:20:55 GMT server nginx etag "5d0bb267-933b0" x-frame-options ALLOW content-type application/octet-stream cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains accept-ranges bytes content-length 603056 expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	fontawesome-webfont.woff cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/	88 KB 89 KB	5044ms 15ms	Font application/octet-stream	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/fonts/fontawesome-webfont.woff Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a96bfebdbc4c156b895c1c6b2b6eea0f08f0f4b94b7dc9435eed298d42f9fd2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:33 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 192198 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 90417 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-1612c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SJM2bnThFsKgCWXLYUp6UILM6koIrD4n%2Fe3BagLmaYWJnuGbcIj6jsnZqmTWvi7oAmlQTIO5csppwuuMSt0Pu6vLtWbN2vC5CtZm0VdnZugiPjvgBa05O4VxESSVbC0KUfgoc8DHVGtncbcyh%2Fc7ozn"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 68f0628b58ef4a98-FRA expires Mon, 05 Sep 2022 08:11:33 GMT
GET H2	200	Montserrat-Bold.woff www.rf.topdesconto.net/font/Montserrat/	24 KB 24 KB	389ms 388ms	Font font/woff	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/font/Montserrat/Montserrat-Bold.woff Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash af1a9521ce04a5a0cc90f089a30acf85b3dee0d3483ccd767b5ed5dbdae893fa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers sec-fetch-mode cors origin https://www.rf.topdesconto.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo :path /font/Montserrat/Montserrat-Bold.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT x-content-type-options nosniff last-modified Thu, 20 Jun 2019 16:26:14 GMT server nginx etag "5d0bb3a6-60bc" x-frame-options ALLOW content-type font/woff cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains accept-ranges bytes content-length 24764 expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	Lato-Bold.ttf www.rf.topdesconto.net/font/LatoFonts/	119 KB 119 KB	389ms 389ms	Font application/octet-stream	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/font/LatoFonts/Lato-Bold.ttf Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash 14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers sec-fetch-mode cors origin https://www.rf.topdesconto.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo :path /font/LatoFonts/Lato-Bold.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT x-content-type-options nosniff last-modified Thu, 20 Jun 2019 16:20:57 GMT server nginx etag "5d0bb269-1dbbc" x-frame-options ALLOW content-type application/octet-stream cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains accept-ranges bytes content-length 121788 expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	HelveticaNeue.woff www.rf.topdesconto.net/font/HelveticaNeue/	17 KB 18 KB	381ms 381ms	Font font/woff	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/font/HelveticaNeue/HelveticaNeue.woff Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash b00c06a7d6aa579cfa4c80518e79f84e2d029b20828ec86587ad54d199f11ee3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers sec-fetch-mode cors origin https://www.rf.topdesconto.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo :path /font/HelveticaNeue/HelveticaNeue.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:28 GMT x-content-type-options nosniff last-modified Thu, 20 Jun 2019 16:15:27 GMT server nginx etag "5d0bb11f-4558" x-frame-options ALLOW content-type font/woff cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains accept-ranges bytes content-length 17752 expires Thu, 15 Sep 2022 08:11:28 GMT
GET H2	200	pixel-bundle.js Show response office.builderall.com/scripts/pixel/	2 KB 994 B	5057ms 20ms	Script application/javascript	2606:4700:10::6816:31d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office.builderall.com/scripts/pixel/pixel-bundle.js Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:31d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7aa2236468fc7501c469dbc2233591381a16fede61500bfaae9ba9c6a9fef0ec Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Frame-Options ALLOW Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:33 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 2390742 cf-polished origSize=2178 cf-bgj minify last-modified Wed, 04 Nov 2020 14:08:14 GMT server cloudflare x-frame-options ALLOW etag W/"5fa2b5ce-882" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63072000; includeSubdomains content-type application/javascript cache-control max-age=2592000 cf-ray 68f0628b7cc1430f-FRA expires Fri, 17 Sep 2021 16:05:51 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	5044ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (), Reverse DNS Software / Resource Hash cc0728e72b62a38bca9ce2cee3d3255d65b59bd2a10978034a7d669aa8ee7044 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 oJ3YwJIiT+rs0pwN+URHrA== cross-origin-resource-policy cross-origin expires Wed, 15 Sep 2021 08:23:58 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1686 x-fb-rlafr 0 x-fb-debug ICEQCESarzMEIggfBu+Vy3DG9xOMfvwjTiFCGngYZP+KZv3kQdHQ8IoJidR3D+sQlfaLAlFPaUHykpr5yoNUPw== x-fb-trip-id 686109401 x-fb-content-md5 ff079e8f15564d252a4905a8a628fd68 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 15 Sep 2021 08:11:38 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "ad78b0a22f64f23453b5aea74f468fe0" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	222 KB 66 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=f0f98a9eae6386ead75dd5b10075e535 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (), Reverse DNS Software / Resource Hash 2d99ffbf30333ff69044dcb36eca9da0475a067ce2ca5ab09bc068b5f7640ec5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.rf.topdesconto.net/ Origin https://www.rf.topdesconto.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 Cnibjlp/GJ/ZAdsCtGS+iQ== cross-origin-resource-policy cross-origin expires Thu, 15 Sep 2022 07:48:27 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 66943 x-fb-rlafr 0 x-fb-debug fLR2BH8Ucu6gy+fUqfuOMFOwKJ4t7QZeCauvZTrSTuKDMfpLNQ5RQawYQoLpkkbtwdkmy9NQKgTzndg7K//RdQ== x-fb-trip-id 686109401 x-fb-content-md5 9a5fd712fdb8eb9448cf051cbcbdf61a cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 15 Sep 2021 08:11:38 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "c8d703a77cc4caf481cc67d7e37c2517" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	publication.min.js Show response www.rf.topdesconto.net/	2 MB 527 KB	417ms 417ms	Script application/javascript	45.162.228.138 QNAX LTDA
General Check archive.org Show headers Download Go to Full URL https://www.rf.topdesconto.net/publication.min.js Requested by Host: www.rf.topdesconto.net URL: https://www.rf.topdesconto.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.162.228.138 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR), Reverse DNS Software nginx / Resource Hash 2d9a29b83b4b1cce5a923d4435c4b986f14b04c02660944b464bd2dcf16b1bf3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options ALLOW Request headers :path /publication.min.js pragma no-cache cookie PHPSESSID=h3ljbbg0f69h27g9g9ksa90dqo accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.rf.topdesconto.net referer https://www.rf.topdesconto.net/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.rf.topdesconto.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 15 Sep 2021 08:11:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Mar 2020 19:49:26 GMT server nginx etag W/"5e6940c6-1b96e0" x-frame-options ALLOW content-type application/javascript cache-control max-age=31536000 strict-transport-security max-age=63072000; includeSubdomains vary Accept-Encoding expires Thu, 15 Sep 2022 08:11:38 GMT
GET		tracking.min.js member.mailingboss.com/integration/assets/js/	0 0
GET		embeds.js platform.instagram.com/en_US/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

member.mailingboss.com

URL

https://member.mailingboss.com/integration/assets/js/tracking.min.js

Domain

platform.instagram.com

URL

https://platform.instagram.com/en_US/embeds.js

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| templateScriptGoogle function| disqus_config boolean| isBuilderAll string| query undefined| reload undefined| string undefined| date undefined| _setAidStorage object| _idViewport function| _orientationDevice string| device object| MailingBossTracking string| websiteID object| OPTIONS_INIT_SITE undefined| elems string| hash boolean| hasHash undefined| aid_office undefined| office_script string| templateScript object| templateScriptPixel function| loadScript function| fbAsyncInit

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.rf.topdesconto.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: h3ljbbg0f69h27g9g9ksa90dqo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
member.mailingboss.com
office.builderall.com
platform.instagram.com
www.rf.topdesconto.net
member.mailingboss.com
platform.instagram.com
2606:4700:10::6816:31d
2606:4700::6810:125e
2a03:2880:f01c:8012:face:b00c:0:3
45.162.228.138
65.111.191.135
14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6
1b2d1ea8ac370e573b4ac505c468759d74a0564efdb1df4784a50c098767e3fa
2d99ffbf30333ff69044dcb36eca9da0475a067ce2ca5ab09bc068b5f7640ec5
2d9a29b83b4b1cce5a923d4435c4b986f14b04c02660944b464bd2dcf16b1bf3
4056b467053da26bc859e7e867421a394b7f4b10deabc9708a040768d44b65d5
55c3d5e1869a7c5833b8724435504323f9c1492ca049561331dabbec6cf194e1
7a96bfebdbc4c156b895c1c6b2b6eea0f08f0f4b94b7dc9435eed298d42f9fd2
7aa2236468fc7501c469dbc2233591381a16fede61500bfaae9ba9c6a9fef0ec
a16bff9644711bc13f22a4aad09aa8afe0866b34a77908fcf437fbbb3b695f62
af1a9521ce04a5a0cc90f089a30acf85b3dee0d3483ccd767b5ed5dbdae893fa
b00c06a7d6aa579cfa4c80518e79f84e2d029b20828ec86587ad54d199f11ee3
b34daa41ffbce46b7097d40e590744aed61a6bb3729a680aff6f3c3082fbf25b
cc0728e72b62a38bca9ce2cee3d3255d65b59bd2a10978034a7d669aa8ee7044