urlscan.io logo urlscan.io
SecurityTrails logo

haf.com.br.cdn.vtex.com Open in urlscan Pro
35.170.87.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://haf.com.br.cdn.vtex.com/
Submission: On November 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 35.170.87.49, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is haf.com.br.cdn.vtex.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 30th 2024. Valid for: a year.
This is the only time haf.com.br.cdn.vtex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.170.87.49 14618 (AMAZON-AES)
1 142.250.31.95 15169 (GOOGLE)
3 52.217.41.166 16509 (AMAZON-02)
3 172.67.142.245 13335 (CLOUDFLAR...)
1 2 104.17.249.203 13335 (CLOUDFLAR...)
3 8.8.4.4 15169 (GOOGLE)
2 142.251.111.94 15169 (GOOGLE)
16 8
2    35.170.87.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-87-49.compute-1.amazonaws.com
haf.com.br.cdn.vtex.com
1    142.250.31.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net
fonts.googleapis.com
3    52.217.41.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    104.17.249.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    8.8.4.4 (United States)

ASN15169 (GOOGLE, US)
PTR: dns.google
dns.google
2    142.251.111.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
3 dns.google
dns.google — Cisco Umbrella Rank: 964
1 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
88 KB
3 amazonaws.com
s3.amazonaws.com
28 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
66 KB
2 vtex.com
haf.com.br.cdn.vtex.com
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
16 7
Domain Requested by
3 dns.google unpkg.com
3 use.fontawesome.com haf.com.br.cdn.vtex.com
use.fontawesome.com
3 s3.amazonaws.com haf.com.br.cdn.vtex.com
2 fonts.gstatic.com fonts.googleapis.com
2 unpkg.com 1 redirects haf.com.br.cdn.vtex.com
2 haf.com.br.cdn.vtex.com unpkg.com
1 fonts.googleapis.com haf.com.br.cdn.vtex.com
16 7

This site contains no links.

Subject Issuer Validity Valid
cdn-service.vtex.com
Amazon RSA 2048 M03		 2024-04-30 -
2025-05-29		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-09-18 -
2025-09-16		 a year crt.sh
use.fontawesome.com
WE1		 2024-11-07 -
2025-02-06		 3 months crt.sh
dns.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://haf.com.br.cdn.vtex.com/
Frame ID: E91F2626D0A13ADE6F9B352B29A648E4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Generating SSL Certificate

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

75 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

223 kB
Transfer

349 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/@vtex/dns-diagnostics/bundle.js HTTP 302
  • https://unpkg.com/@vtex/dns-diagnostics@1.0.4/bundle.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
haf.com.br.cdn.vtex.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haf.com.br.cdn.vtex.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.87.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-87-49.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
0a28a5733ea12dc9541df87ef1a5e8554e7ddb2f0f3a053fa1cfec18546c1589

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
2386
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Nov 2024 22:13:55 GMT
Server
Kestrel
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f95.1e100.net
Software
ESF /
Resource Hash
71a7d80995d742a26196e7af621a50daa08e0812fbb07c32b4d0374f42af0e13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 22:13:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 22:13:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 27 Nov 2024 21:48:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
cdn.css
s3.amazonaws.com/cdn-webfiles/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn-webfiles/cdn.css?versionId=Z9JPBe7oH64q0MLXK8c0hAVLFbLKxhkv
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.41.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
eda9d7a3be5053bb9987e15b1ac2e5641d4758dee52110ad159905703a884163

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

ETag
"e65b2f32951d9f44b40e103dad2032f3"
x-amz-version-id
Z9JPBe7oH64q0MLXK8c0hAVLFbLKxhkv
x-amz-request-id
JDB5TRAD6GNJA52V
Accept-Ranges
bytes
Content-Length
3266
Date
Wed, 27 Nov 2024 22:13:57 GMT
Last-Modified
Wed, 10 Nov 2021 12:16:17 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-id-2
sZs33ASj3cSdWPOtVn8QloEQn38F9eQFE/vk7eJlU93EebuFxLVI5ObZ5x0a+QQ+chNUbyLp5+M=
all.css
use.fontawesome.com/releases/v5.2.0/css/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://haf.com.br.cdn.vtex.com
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"20a9ce516eaea76da29a23adc43e8998"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxgufC5hQv3Dy4P%2BNPGMlRuYDPA4VQ5v5p08I%2BxtAn%2BVHDha4pw2XXMhhORDVe01HMPNcj%2Fxz1%2FGFBV5xYsOUFoPs8icjYwgF8Z4GOjBe1E694P04ETriO2SpIRUTklIs4WK8SqW"}],"group":"cf-nel","max_age":604800}
cf-ray
8e9577e48a3aebba-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24560&min_rtt=23555&rtt_var=5245&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4040&recv_bytes=2273&delivery_rate=167061&cwnd=253&unsent_bytes=0&cid=75f6cb1a2e3af102&ts=170&x=0"
date
Wed, 27 Nov 2024 22:13:56 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:26 GMT
vary
Origin, Accept-Encoding
server
cloudflare
bundle.js
unpkg.com/@vtex/dns-diagnostics@1.0.4/
Redirect Chain
  • https://unpkg.com/@vtex/dns-diagnostics/bundle.js
  • https://unpkg.com/@vtex/dns-diagnostics@1.0.4/bundle.js
156 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@vtex/dns-diagnostics@1.0.4/bundle.js
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
H2
Server
104.17.249.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1032732b73ad2f676a7aed0eb3524fadb297c8184cd46cb6b2968c06ed653562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
MISS
etag
"27101-UZQL5UhO0kSc04U4ugfsF4tdyds"
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8e9577e8bf5936bd-YYZ
access-control-allow-origin
*
date
Wed, 27 Nov 2024 22:13:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JDQV0BC4VQ75AW6F5P59MQY9-yyz
server
cloudflare
vary
Accept-Encoding

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@vtex/dns-diagnostics@1.0.4/bundle.js
content-encoding
br
cf-cache-status
MISS
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8e9577e46a5e36bd-YYZ
access-control-allow-origin
*
date
Wed, 27 Nov 2024 22:13:57 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JDQV0AQ09SK8FGR76FJM1PFV-yyz
server
cloudflare
logo.png
s3.amazonaws.com/cdn-webfiles/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn-webfiles/logo.png
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.41.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
396f7159ee90a389656521ac0cd45eefebdf97a4d2a8f5bcaefb951678b62b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

ETag
"f3ba1e5e59eb29754597290f0c09eb10"
x-amz-version-id
jde.L.mlRTOjRQtJy4SKZCHz9b.cSdUF
x-amz-request-id
JDB707JH3F878F01
Accept-Ranges
bytes
Content-Length
21911
Date
Wed, 27 Nov 2024 22:13:57 GMT
Last-Modified
Wed, 10 Nov 2021 12:48:20 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-id-2
NzpWBmdPX9hPHHPVmQeWLHFcGrxaByF5l95amLPxY5pBHeE7hEzuXMuTD15fgBo6BDMfjDmZH9c=
cdn.js
s3.amazonaws.com/cdn-webfiles/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn-webfiles/cdn.js?versionId=1kYsqkQPsRiKpQSdCPDhUsQPpE1tUOq3
Requested by
Host: haf.com.br.cdn.vtex.com
URL: https://haf.com.br.cdn.vtex.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.41.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bbb40803c2c58d0471bdecaa0b11306cf4f516589ba8572e7f1d19f70ef33079

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

ETag
"d9bb5739f60db051c819ee80cd932c4a"
x-amz-version-id
1kYsqkQPsRiKpQSdCPDhUsQPpE1tUOq3
x-amz-request-id
JDBBGCPAWKST23YZ
Accept-Ranges
bytes
Content-Length
2559
Date
Wed, 27 Nov 2024 22:13:57 GMT
Last-Modified
Tue, 16 Nov 2021 11:39:04 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-id-2
b6SjVaKgLOWBELJqx9GLyeAkwZtcGcSoEczs3f5KnZXKDTQb6lmm2k0YIYXvCVXmLgvaEmET82U=
resolve
dns.google/ 		263 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dns.google/resolve?name=haf.com.br.cdn.vtex.com&type=CNAME
Requested by
Host: unpkg.com
URL: https://unpkg.com/@vtex/dns-diagnostics/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.8.4.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
dns.google
Software
HTTP server (unknown) /
Resource Hash
dd08d805e7233cf4eedb4046c29781fed804e3afb77221a8bdf7d93df6458ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=300
content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 22:13:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
date
Wed, 27 Nov 2024 22:13:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
resolve
dns.google/ 		528 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dns.google/resolve?name=haf.com.br.cdn.vtex.com&type=TXT
Requested by
Host: unpkg.com
URL: https://unpkg.com/@vtex/dns-diagnostics/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.8.4.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
dns.google
Software
HTTP server (unknown) /
Resource Hash
3b36ad0ba83b5cfd3961e38056c45ac60253d6a3e5eb6d7d496e925dfd035999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=60
content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 22:13:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
date
Wed, 27 Nov 2024 22:13:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
test-cdn-operator
haf.com.br.cdn.vtex.com/.well-known/acme-challenge/ 		0
0
resolve
dns.google/ 		291 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dns.google/resolve?name=vtex.com&type=CAA
Requested by
Host: unpkg.com
URL: https://unpkg.com/@vtex/dns-diagnostics/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.8.4.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
dns.google
Software
HTTP server (unknown) /
Resource Hash
2be2d7dabc648e16d1716667927386913fc111cf66fcedad45eb9d53425669b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=900
content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 27 Nov 2024 22:13:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215
date
Wed, 27 Nov 2024 22:13:59 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://haf.com.br.cdn.vtex.com
Referer
https://fonts.googleapis.com/

Response headers

age
479748
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 08:58:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 08:58:11 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://haf.com.br.cdn.vtex.com
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css

Response headers

cf-cache-status
MISS
etag
"b75b4bfe0d58faeced5006c785eaae23"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWILOdPCUTjw9T9nxWiugfkYZ1vvMUCLpUJozQyBtPsk1Tw6vbOqf3Qbk5InNnG51Y4d6qldxvqPLCCIHoTAgFxDG%2Bs64w7fhw6FCBgdNAc7OsmO3NkWCEXL9LTBisCH5uqLDN6H"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=31524&min_rtt=23555&rtt_var=1989&sent=23&recv=26&lost=0&retrans=0&sent_bytes=15767&recv_bytes=2403&delivery_rate=254999&cwnd=257&unsent_bytes=0&cid=75f6cb1a2e3af102&ts=2398&x=0"
date
Wed, 27 Nov 2024 22:13:58 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:27 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9577f26c50ebba-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
62472
server
cloudflare
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://haf.com.br.cdn.vtex.com
Referer
https://fonts.googleapis.com/

Response headers

age
535023
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 17:36:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 17:36:56 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
fa-regular-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://haf.com.br.cdn.vtex.com
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css

Response headers

cf-cache-status
MISS
etag
"8d9ab84bfe87a3f77112a6698cf639fb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3sMFqsguND6NG0pyTJ1TGNqE1drmcryWPvXs2%2FgCKEnt6Pzyu9orlvtX%2BbcKxFsRznPo4uA49I%2FwWmnJDp0XuaZQtrfO9452agXFds4BstfvJAiXw1tW9Wc5hsQAWQCJz9LbTH3"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25969&min_rtt=23555&rtt_var=1434&sent=78&recv=43&lost=0&retrans=0&sent_bytes=79610&recv_bytes=2487&delivery_rate=2751752&cwnd=257&unsent_bytes=0&cid=75f6cb1a2e3af102&ts=2874&x=0"
date
Wed, 27 Nov 2024 22:13:59 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:27 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e9577f57b45ebba-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14888
server
cloudflare
favicon.ico
haf.com.br.cdn.vtex.com/ 		0
123 B 		Other
General
Check archive.org
Download Go to
Full URL
https://haf.com.br.cdn.vtex.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.87.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-87-49.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://haf.com.br.cdn.vtex.com/

Response headers

Content-Length
0
Date
Wed, 27 Nov 2024 22:13:58 GMT
Server
Kestrel
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
haf.com.br.cdn.vtex.com
URL
http://haf.com.br.cdn.vtex.com/.well-known/acme-challenge/test-cdn-operator

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| wellknownIsRoutedToVtex function| dnsIsPointed function| caaPointsToLetsEncrypt string| hostname function| getDignosticsStatus function| updateDiagnosticStatus function| displayDiagnostics function| renderDiagosticsTable

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://unpkg.com/@vtex/dns-diagnostics/bundle.js(Line 371)
Message:
Mixed Content: The page at 'https://haf.com.br.cdn.vtex.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://haf.com.br.cdn.vtex.com/.well-known/acme-challenge/test-cdn-operator'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://haf.com.br.cdn.vtex.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)