urlscan.io logo urlscan.io
SecurityTrails logo

saudecomdesconto.com.br Open in urlscan Pro
2606:4700:3030::6815:56b7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.saudecomdesconto.com.br/
Effective URL: https://saudecomdesconto.com.br/
Submission: On July 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3030::6815:56b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is saudecomdesconto.com.br.
TLS certificate: Issued by WE1 on June 13th 2024. Valid for: 3 months.
This is the only time saudecomdesconto.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
24 4
Apex Domain
Subdomains		 Transfer
17 saudecomdesconto.com.br
www.saudecomdesconto.com.br
saudecomdesconto.com.br
3 MB
7 gstatic.com
fonts.gstatic.com
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
24 3
Domain Requested by
16 saudecomdesconto.com.br saudecomdesconto.com.br
7 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com saudecomdesconto.com.br
1 www.saudecomdesconto.com.br 1 redirects
24 4

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
saudecomdesconto.com.br
WE1		 2024-06-13 -
2024-09-11		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://saudecomdesconto.com.br/
Frame ID: DF6E32FE714AD38FE25948AB61DF3575
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Saúde com Desconto – Saúde Acessível a Todos!

Page URL History Show full URLs

  1. https://www.saudecomdesconto.com.br/ HTTP 301
    https://saudecomdesconto.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3084 kB
Transfer

4197 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.saudecomdesconto.com.br/ HTTP 301
    https://saudecomdesconto.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
saudecomdesconto.com.br/
Redirect Chain
  • https://www.saudecomdesconto.com.br/
  • https://saudecomdesconto.com.br/
194 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df11c29403cd732e500e5ce7a4a8c996fd5f6ad834eae9e60c7b565fffb093e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a4d580dbed71e81-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 Jul 2024 21:32:19 GMT
expires
Wed, 17 Jul 2024 21:32:19 GMT
last-modified
Wed, 17 Jul 2024 19:46:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrTAM2Qj2Xzy0PO3XtfVwk%2BPK4ffav3U3sfanpbmCiLUFyTPQ6K1kxF3rUdehWcGjgqjLUiHVGXzxwvj1D%2BuQIetBJz%2BooWURWWgeis%2FUtiepvjCxlM5G4Ai503X0TzrogCHbT86sp9X1nFptOYrHqzjn2OQfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a4d58063abc1e81-AMS
content-type
text/html; charset=UTF-8
date
Wed, 17 Jul 2024 21:32:19 GMT
expires
Wed, 17 Jul 2024 21:32:18 GMT
location
https://saudecomdesconto.com.br/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQPKy2MRYzTt1STApwZmWrnOXmqmwi3NafJJIEL3%2BKcJDVhZXxspfm684s1zL9I42UTcn3R3pOBdHSjOsE3wACZT%2B91vDNLw3yXdFPAumsbWEKCYCbiFm%2BtTm0bdZUSsnxkOc72H6%2F2%2FD0pXzrAFoLpaV6ALxfXjQBY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		63 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68ae2e88b829952180e6d2948a284df5bc1b2d550c1b128cce93f6db05416b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jul 2024 21:32:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jul 2024 19:36:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jul 2024 21:32:19 GMT
92dcdfde82d51c757a4dd2630bec7e30.css
saudecomdesconto.com.br/wp-content/cache/min/1/ 		859 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/cache/min/1/92dcdfde82d51c757a4dd2630bec7e30.css
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fd215074539f38093ce95cc6ca27784d4eab1cbcaaf10a908f4cf3028f27c0

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvaZGUy80yfQuL6XXWlPgRS4nWKhYjmAOAW9Jycu77UzEkaXj%2Fr332w%2FjUDm36bf64QdL4J4p6qKsoY0JLnJ3yXhaOqRIcjXq2HHjStpU96pCqR8gDPFNDKwzPskxtYVEAKVHk5xw7Z%2BTYnDNVpXlJF%2BubKtHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581058241e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
post-244.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		1 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-244.css?ver=1710518985
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be4ee2a1fce29f747a17a0d9f28ae1099052bd8d0f91e6f8fca47f4668408c2

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gt%2BjFBju6T3uXcyNIaOTcXdqzE%2FlYUiqG1AJQzYOGHYiygkd%2F6OUdLetsgPGAUuXhviQ1qWbF%2BBL%2BnMOaibLylL8Er0q0b%2BmZBCPxXHHkpKg6ERVujgqeDozuMq68ZHQzK0J6U6XwaxFXvBrgqpjMVVJ7vRyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581058271e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
global.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		86 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/global.css?ver=1710518986
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bc54f47d696d758c600fca63af61ab2da0f2f7285624aad89fc968bc0e39e2

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EcxgZCv0mGOT3bNBiSKTWBaAM8SA6j8kNNl7Z8O8YtX88Y%2BKiQcOVcyBXevDO%2FT2onk%2FOA5K9KUfRkc%2BjwJjZDEGBB9ijBI9RCb8NfjOR2iBG1LD%2FveNjNitIWYOAypUzoU7Oa9uk%2Bonr3xhlFNEwySYNmVgHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581058281e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
post-6.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		63 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1710518986
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802ceb1e2e0fb0cab4329ced3dfc0723532d5596c180b4e1f7daed917cd82f3c

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrL1a6tdap782qempiwG%2BvRQL0XD6%2FElteJf4%2Bf8%2BAApXbwD2G7wWOqntRASh9QXKfmjJHhK2jVzv3Vzy03nvSqlKChzxbDOPxy%2B0aAICC5AcjOl7HmRRgJNtYM8Jv%2B7mbxyxZyFQ3WFz3aY3UtxGqKxFE60Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581058291e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
post-793.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-793.css?ver=1710518987
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142e5e6581b9fc2179bf1bf491a4b5f06ab1823d8ab7060ac0dde2563c80aadc

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4WfJY%2BaVLY34d6iOyHHnN3hlHHVIvbGBq72jEc2bH%2BF2eN5fkMPkVrQmMR3Gz1IuOChs4Vsy8McjO86xYRwiep8qk01HLx8wUX6%2FpcNZyrKGU6h1GQXJhicYDVxwUoQhCiCZhuss4w64MWcaNPGiHkhSnRRDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d5810582a1e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
post-264.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-264.css?ver=1710518987
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7479ed8b7aeb4746ca69d5a45e66602eb4c0aef0db996efcfa93d9ef27e19ed

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JbJAsvP2uqxciG9leYV%2BvK%2Bewok8CjzcyVbXonJpPoaeDhHWKMszIaBerYbBJRlYqOCyZxVe82YvOc7Y4zjUNgCGZgmQf7u5taNlXrINqywGHmzNIR9HuFSgGGApJ09LAgXLC4AcuJHxjvrCkOlHKLeCcmamw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d5810582b1e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a30abdfd389f80206873e916ce489f5d89a283226629b46f571a669acc258a0a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d1f8559e4544854082e285027d2ae4c25c82fbd5f6cda858d0a147e4dc302b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
login.png
saudecomdesconto.com.br/wp-content/uploads/2022/03/ 		413 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2022/03/login.png
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a270d744c052cca276c82232b48328d20f4edd8e1548f9c809b909d372b329d

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Mar 2022 15:32:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DL%2F5r%2F7m9ETEHz7g6ifJDQkC4gTsRSh3YeJCWHT1KHJCfiVMy9RgJm%2FMGDTWa15KKNaSX60aI05kYRxz3enN9DFZfhcDHBzHYRtTU7EopzkuetIQ0mIT%2F9YaqhI9wkAqRSURL0rowrgypxHr5l4sqCF83dSZIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d5810783e1e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
423249
expires
Thu, 14 Nov 2024 21:32:19 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 03:04:16 GMT
x-content-type-options
nosniff
age
584884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jul 2025 03:04:16 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 02:11:00 GMT
x-content-type-options
nosniff
age
156080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 02:11:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:58:52 GMT
x-content-type-options
nosniff
age
120808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:58:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:46:58 GMT
x-content-type-options
nosniff
age
121522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:46:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 17:06:51 GMT
x-content-type-options
nosniff
age
188729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 17:06:51 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 16:56:10 GMT
x-content-type-options
nosniff
age
189370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 16:56:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 12:29:10 GMT
x-content-type-options
nosniff
age
118990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 12:29:10 GMT
truncated
/ 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af6bd3f9ee669bc57d0d63d5a767677c9f40032def06b4a33626f8de637e7106

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
post-783.css
saudecomdesconto.com.br/wp-content/uploads/elementor/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-783.css?ver=1710518987
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a217c350fc0291b9ecb03dc2633f83fdbbf2391f3f542717abdb667b7b01fd45

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 15 Mar 2024 16:09:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJTdA340oGlAHnuKemp2LJsl3AAs%2B%2BR1wANHG%2BrtjhRY4B10QAKxMkfdOX4oUeBTxF%2BKLHQjCmyoSfspr%2FvMswaxTBEx9%2FWIFKk0fOl1MfZJ3BUs5pZWRP%2Bd1pb8dfdZZkgsjnM%2F8f%2Fxr%2F2r0hyvOTc5UVZCpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581198bd1e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
lazyload.min.js
saudecomdesconto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 10 Mar 2022 10:53:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzGrccUwXGqWyCkYUqEJnTHXnEb8%2B2ukrnIWyJVkYVZqcXkjyMK%2FBmZKl9sKLJ7KGYGV7h8LfKYKOCMl8NEsfv6FYvrgtybpRxpe1MSFyOfo3xC0Okk09b8z09mbeE66bU7BcpGVBFxg0OQXF8bsGHEQcxZoIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
8a4d581198bf1e81-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 17 Jul 2025 21:32:19 GMT
saude-com-desconto-topo-home.png
saudecomdesconto.com.br/wp-content/uploads/2022/04/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2022/04/saude-com-desconto-topo-home.png
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1710518986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4711e1ff82c61bb1f39cf937cf0ec54795131a4e0c17dd0cfa3e6419f13a0996

Request headers

Referer
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1710518986
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:21 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Apr 2022 12:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiYIvfWK7%2BBNIVLfvtqgz%2Fkmhz8hfO6lj6HYLy4dunyzXjKBx3h5Vqc2NHhW1nu5byC1dIZiOKv%2FuGPR3qPcld1S86E2sY79CPO72o8%2FrJnAbApqa7DZqezcMpIGRf9EgaxSZRNAwuEpyJf%2FP%2BVe7w3YtcFp%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d581319401e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
2182614
expires
Thu, 14 Nov 2024 21:32:20 GMT
app_bg.png
saudecomdesconto.com.br/wp-content/uploads/2022/03/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2022/03/app_bg.png
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1710518986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e9ad20e8fd95a1ce585624a16deb52c2374127329abee1778ccd3c92004833

Request headers

Referer
https://saudecomdesconto.com.br/wp-content/uploads/elementor/css/post-6.css?ver=1710518986
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:21 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Mar 2022 12:42:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=to2JYdnkwrlrPdxtPCuVE6l5nCOyMxa2nbDitkp%2BOM%2FEVxXbEXurHNwRo86yuQb%2FvDBNf2v%2B%2FRWVONcmFqB%2BEg2Eqj44Pu%2B20kb3YwQUr5uvoXS%2FImPmjSOEME7QLkrTlDpHZvP07k3dSuhbwyY%2B0EHYcCfiAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d581319411e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
150687
expires
Thu, 14 Nov 2024 21:32:20 GMT
Logotipo_SaudeComDesconto_SemFundo-06.png.webp
saudecomdesconto.com.br/wp-content/uploads/2022/02/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2022/02/Logotipo_SaudeComDesconto_SemFundo-06.png.webp
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc234479363b3209bc49f4e266d790036dcf336bf9dbc00c2df742cd907ef031

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:21 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Apr 2022 12:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUiiejWnBNsVjoudbEIVwUZe0go0C%2BhVs6HY6PakN0CrfGWfoNzkolVIc7OCwz2rxn9U3Ccs4P1X%2Bvaep%2BOwut4l6BiDekRAAc2iCueCwfGznrpuoC4RTdCOhis8uvap9rHZ67vSEHBmAb8K3Ciaa2%2BsTqAbPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d581459b71e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
60962
expires
Thu, 14 Nov 2024 21:32:20 GMT
hero-bg.png
saudecomdesconto.com.br/wp-content/uploads/2020/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2020/12/hero-bg.png
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8899319c56f54e454704de24768100e78298ae9f671ab6b215bc6b20264c43b

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:20 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Feb 2022 19:57:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbqt92JCZl6fBZi6%2FjikAH7RbSoQtpEXU5X7M7%2B2m0gsCfeMGJeDyVTkOu%2B4cg2qZCuIACD%2Bdv5Kgdjwjf0aQTWbd%2FBGVeyDNQLV707mjFIqYgw%2BT9bmPf3l8roGjTwF3EhyLBbP9zvpsC4VMlNted432lW5bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d581459b81e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
1821
expires
Thu, 14 Nov 2024 21:32:20 GMT
fa-solid-900.woff2
saudecomdesconto.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: saudecomdesconto.com.br
URL: https://saudecomdesconto.com.br/wp-content/cache/min/1/92dcdfde82d51c757a4dd2630bec7e30.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://saudecomdesconto.com.br/wp-content/cache/min/1/92dcdfde82d51c757a4dd2630bec7e30.css
Origin
https://saudecomdesconto.com.br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Fri, 15 Mar 2024 15:36:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3JKUls%2BZyVr3ZJEN4nvAPtpZpF2yTEN7u47u3s2zaneSI5hTHATPRKThBfz72OG%2BCDAEuConUeZK7jWhahufhXEz71MLe7gcMNUUfzpMp%2FJTCqwQm6aX7ZtG4T9mcS2z%2BklUycvAXeQ5W%2FHiM6JE%2BgNK9Bntg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d58176b591e81-AMS
expires
Thu, 14 Nov 2024 21:32:20 GMT
Logotipo_SaudeComDesconto_SemFundo-09-150x150.png.webp
saudecomdesconto.com.br/wp-content/uploads/2022/02/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://saudecomdesconto.com.br/wp-content/uploads/2022/02/Logotipo_SaudeComDesconto_SemFundo-09-150x150.png.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6258f0766667f9612e19a6bdf063ae008b32dbe088bd625f7a256a4e53835c2

Request headers

Referer
https://saudecomdesconto.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 21:32:22 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Apr 2022 12:29:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4x21dFCvaqGfk1VEmVkFcLx6PpFq8iekyNMI%2F6A9Iasen4%2BJNttbl1Ye3QqmbNgR4AqI4BghRlGsXjLFKZrA0aIUHqzPaafcH3ynnIqagIA%2FrZrqSqb9Py%2FJlh6gSbdvyXoDHomFqcC98k%2FxsHRgtw%2F6lG44Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4d581e9e211e81-AMS
alt-svc
h3=":443"; ma=86400
content-length
4578
expires
Thu, 14 Nov 2024 21:32:21 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| RocketPreloadLinksConfig object| jupiterxOptions object| jetElements object| jetPopupData object| _wpUtilSettings object| ravenFormsTranslations object| lazyLoadOptions function| LazyLoad

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
saudecomdesconto.com.br
www.saudecomdesconto.com.br
2606:4700:3030::6815:56b7
2a00:1450:4001:81d::2003
2a00:1450:4001:828::200a
142e5e6581b9fc2179bf1bf491a4b5f06ab1823d8ab7060ac0dde2563c80aadc
27e9ad20e8fd95a1ce585624a16deb52c2374127329abee1778ccd3c92004833
2be4ee2a1fce29f747a17a0d9f28ae1099052bd8d0f91e6f8fca47f4668408c2
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a
44bc54f47d696d758c600fca63af61ab2da0f2f7285624aad89fc968bc0e39e2
4711e1ff82c61bb1f39cf937cf0ec54795131a4e0c17dd0cfa3e6419f13a0996
4a270d744c052cca276c82232b48328d20f4edd8e1548f9c809b909d372b329d
68ae2e88b829952180e6d2948a284df5bc1b2d550c1b128cce93f6db05416b9c
6df11c29403cd732e500e5ce7a4a8c996fd5f6ad834eae9e60c7b565fffb093e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
802ceb1e2e0fb0cab4329ced3dfc0723532d5596c180b4e1f7daed917cd82f3c
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a1d1f8559e4544854082e285027d2ae4c25c82fbd5f6cda858d0a147e4dc302b
a217c350fc0291b9ecb03dc2633f83fdbbf2391f3f542717abdb667b7b01fd45
a30abdfd389f80206873e916ce489f5d89a283226629b46f571a669acc258a0a
af6bd3f9ee669bc57d0d63d5a767677c9f40032def06b4a33626f8de637e7106
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c6258f0766667f9612e19a6bdf063ae008b32dbe088bd625f7a256a4e53835c2
c6fd215074539f38093ce95cc6ca27784d4eab1cbcaaf10a908f4cf3028f27c0
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
dc234479363b3209bc49f4e266d790036dcf336bf9dbc00c2df742cd907ef031
e7479ed8b7aeb4746ca69d5a45e66602eb4c0aef0db996efcfa93d9ef27e19ed
e8899319c56f54e454704de24768100e78298ae9f671ab6b215bc6b20264c43b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615