| cdn.trustindex.io/loader.js?ver=6.5.2 |  143.204.55.116 | 200 OK | 10 kB |
URL GET HTTP/2cdn.trustindex.io/loader.js?ver=6.5.2 IP143.204.55.116:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoGetSSL Subjectcdn.trustindex.io FingerprintDF:C9:FD:DD:C9:81:88:9A:C4:8A:54:F3:38:69:9E:6C:28:00:21:4C ValidityWed, 28 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (904) Hash6cce6cb0df3cd9294655abae4f240a83 d9da9b95d9829363c0e97276be63be2057b1586e ff9a3b58348f49f8072f723d3b2e6d6883b33b2c2667059c888176ee5bc4b88e
GET /loader.js?ver=6.5.2 HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
content-length: 9983
server: Apache/2.4.52 (Ubuntu)
last-modified: Tue, 30 Apr 2024 14:08:28 GMT
accept-ranges: bytes
content-encoding: gzip
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-security-policy: frame-ancestors 'self' *;
x-frame-options: SAMEORIGIN
date: Tue, 07 May 2024 04:49:56 GMT
etag: "95ec-61750e777e00c-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vAGoKgA4aNvxFqKM8uEoEmPVG4d61po6-oZE64866hxQxfPG_mPuiA==
age: 39052
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-419551596 | 142.250.74.168 | 200 OK | 84 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-419551596 IP142.250.74.168:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash03675a1ea34f9d82b15cfd7c0cc9fe1f 356a53737d3f38fa0c2e76338843a8d95612466a 4185fefb819fbad605c9f3a3bf9f405b7e7ee55fbc8b1528c16f30b028b8c2e7
GET /gtag/js?id=AW-419551596 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:40:48 GMT
expires: Tue, 07 May 2024 15:40:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-389D975B23 | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-389D975B23 IP142.250.74.168:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101682 bytes) Hash5016c7603fe9d064cdb8540a8a4d4671 99d257d665dd2574817b4059a3f4a0d64ecbe547 bdf66a6d6967fcfff0aa7765112987de5201de14fc99647df85348a9b311812a
GET /gtag/js?id=G-389D975B23 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:40:48 GMT
expires: Tue, 07 May 2024 15:40:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.cdntoswitchspirit.com/source/split.js |  104.21.93.126 | 200 OK | 96 kB |
URL GET HTTP/3js.cdntoswitchspirit.com/source/split.js IP104.21.93.126:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerLet's Encrypt Subjectcdntoswitchspirit.com FingerprintDF:DB:EE:70:5A:39:BB:E7:A9:C6:4B:5C:24:04:56:6B:D0:D3:C0:AD ValidityMon, 29 Apr 2024 10:49:03 GMT - Sun, 28 Jul 2024 10:49:02 GMT
File typeJavaScript source, ASCII text, with very long lines (36341), with no line terminators Hashfe59aea1c787d361c69c43c46a747767 2cc61a29d05db4814718cc60450876419afc5d24 9763b6045876ff0f6ddf7f20e19d631346a2f132e675ff1601896b3625fd9816
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /source/split.js HTTP/1.1
Host: js.cdntoswitchspirit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 15:40:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 30 Apr 2024 15:35:14 GMT
vary: Accept-Encoding
etag: W/"66310fb2-8df5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 8973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCLI761NROHyZsZ2zH8fQFdoWVshaOyHLKGlMx3dJgM9P5ttjH3scXSPpW3kbr60Eu66VMejs053hfO5ISQSb0TqIX4UDQbl8zMZa%2Bd%2F4I4CSfPhncWg0K%2BAJbg72sq18o2TVXb2cSIpZvE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f834ebf568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-M43MQKC | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-M43MQKC IP142.250.74.168:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3439) Hash52ceadb69de9743cd1c3ad7a3bf766aa 0d417a0ac911f99bcda5f33b1b243eb7dd7cb140 17e8367ad917cb9092c0a2b344a9c7b8c491949d6e65d89f00b5892d858d8a4b
GET /gtm.js?id=GTM-M43MQKC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:40:48 GMT
expires: Tue, 07 May 2024 15:40:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.jsdelivr.net/npm/@typebot.io/js@0.1/dist/web.js | 104.18.187.31 | 200 OK | 76 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@typebot.io/js@0.1/dist/web.js IP104.18.187.31:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerSectigo Limited Subject*.jsdelivr.net Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators Hash1c37434cbf40d457b59d9bc2774bf706 73221843f0f1b657f0c3a262286bc8de6c71b46c 808b6c44c819527009e0e6503c8031b9986ec125ff156251bee7e96b3d339516
GET /npm/@typebot.io/js@0.1/dist/web.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rfadvs.com
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:40:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 76481
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.1.34
x-jsd-version-type: version
etag: W/"41153-cyIYQ/Dxtlfww6JiKGvI3mxxtGw"
content-encoding: br
x-served-by: cache-fra-eddf8230101-FRA, cache-lga21981-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bp7wMUCBADfxH6eC5MIfHCsQa6dRaHfHyEBsudRZ3hwtDrCAzfiufoJOLQECHriiZL%2FazWhCI4dRK8wo83d%2Fy%2F4xMn8%2BcjYBX6%2F9%2FofHwUTAM6Kd%2BbYvgHPP%2FGZ3O8J10s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f85edf81bfe-OSL
X-Firefox-Spdy: h2
|
|
| rfadvs.com/wp-content/uploads/2023/11/RFADVS-LETRAS-FUNDO-PRETO-APLICACAO-1.png | 104.21.81.183 | 403 Forbidden | 406 B |
URL GET HTTP/3rfadvs.com/wp-content/uploads/2023/11/RFADVS-LETRAS-FUNDO-PRETO-APLICACAO-1.png IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashff715af41f83fb38cd35c4e91c77c46d 11e71530661013137721d635f95630722eaa6afd 036bacf3bd34365006eac2a78e4520a953a6250e9550dcf9c9d4b0678c225b4c
GET /wp-content/uploads/2023/11/RFADVS-LETRAS-FUNDO-PRETO-APLICACAO-1.png HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOgKARuV%2BP%2Be5oc7j5opxyfTaA1Ir38WwUJxQyzntxYY8ZgGhVHM4w5TfN1u8XJyrNslDlM8jbv8Ck0AGZlSY48FHPGIOJk97jCOe0hXXplcXD2Mcoo9niyrUgsM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f824a590b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/litespeed/css/0493c7452dbe3e32cd29b040fde1e7fc.css?ver=c4da8 | 104.21.81.183 | 403 Forbidden | 1.1 kB |
URL GET HTTP/3rfadvs.com/wp-content/litespeed/css/0493c7452dbe3e32cd29b040fde1e7fc.css?ver=c4da8 IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashff715af41f83fb38cd35c4e91c77c46d 11e71530661013137721d635f95630722eaa6afd 036bacf3bd34365006eac2a78e4520a953a6250e9550dcf9c9d4b0678c225b4c
GET /wp-content/litespeed/css/0493c7452dbe3e32cd29b040fde1e7fc.css?ver=c4da8 HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tc%2Fojoj6ujkApZrXS6ZjLKcC7qv7E0wtTGMe3SxhWV3%2Bwh7K6tXZhE4uSLaO91JofjWgKH2uEKnhGfRC2QTCV%2F%2BYRDw4Uu7yCn%2Bo3ow62ZtwPeapySjOHhqo1T0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f823a490b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/litespeed/js/ec178e84d6808a7ce479a13d5d69e00a.js?ver=c4da8 | 104.21.81.183 | 403 Forbidden | 8.8 kB |
URL GET HTTP/3rfadvs.com/wp-content/litespeed/js/ec178e84d6808a7ce479a13d5d69e00a.js?ver=c4da8 IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashff715af41f83fb38cd35c4e91c77c46d 11e71530661013137721d635f95630722eaa6afd 036bacf3bd34365006eac2a78e4520a953a6250e9550dcf9c9d4b0678c225b4c
GET /wp-content/litespeed/js/ec178e84d6808a7ce479a13d5d69e00a.js?ver=c4da8 HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EieDwnZAhBIMNkOdCgqXmp7zPmosDkeuBuMspTKLmkA6Z5UMJ%2BbKPczFWLLjuf3VA9zJdD2UUUqXBJRruU3%2BzOMn9%2FyFn2BK7e68XhWiUbd6vaDzGyplsWUuOFiV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f828ab50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rest.cdntoswitchspirit.com/scripts/stack.js | 104.21.93.126 | 200 OK | 11 kB |
URL GET HTTP/2rest.cdntoswitchspirit.com/scripts/stack.js IP104.21.93.126:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerLet's Encrypt Subjectcdntoswitchspirit.com FingerprintDF:DB:EE:70:5A:39:BB:E7:A9:C6:4B:5C:24:04:56:6B:D0:D3:C0:AD ValidityMon, 29 Apr 2024 10:49:03 GMT - Sun, 28 Jul 2024 10:49:02 GMT
File typeJavaScript source, ASCII text, with very long lines (10731), with no line terminators Hashe878b03a981d11cece993499461e5e06 31ebea7de3f1cfc6c81a9d37d8dfb3c3d7990e0e 857a06738b346b4d275749df845fb3fe2f296bfe49c031e170a1808478299198
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /scripts/stack.js HTTP/1.1
Host: rest.cdntoswitchspirit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:40:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 16:05:11 GMT
vary: Accept-Encoding
etag: W/"66326837-29eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 8937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPB2m8SU4zUVuJMxHo7uMKapp46YxjCuowF4kB9MxU%2BANJP8Krc8TvPiOLsY%2BDlklI28rbXbIffZf0mAYd69k3Xowq4qHKuuPY%2Ffs4r%2B5c956kNYdecnZBH5ieZCOZHTh7mN2ppahoargc7LGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f8288b97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rfadvs.com/wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-192x192.jpg | 104.21.81.183 | 403 Forbidden | 787 B |
URL GET HTTP/3rfadvs.com/wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-192x192.jpg IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with very long lines (818), with no line terminators Hashcc519965fb8b0abd554b640cdd27c970 fab0dd8a659e59a856b6dc94d133e7bc54b28d6e 644494e8e07e5053a1ffc8d3246e8035e80b1feb752943bfea5c01279876d0d5
GET /wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-192x192.jpg HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Cookie: _ga_389D975B23=GS1.1.1715096448.1.0.1715096448.0.0.0; _ga=GA1.1.126259766.1715096449; _gcl_au=1.1.1292518688.1715096449
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:49 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6g%2FMBzsVuA1KoIFSabtz4jh%2B%2Bs7Yh2ZSsoV%2BkECVqmddpo8fQ2YqmXmUYxzB01s%2FUivZMH0RrB9QCZC7cszAHj3DCOW0fadlHnNr33SzxFSeEuIv42dQUSJT8uB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f87997a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-32x32.jpg | 104.21.81.183 | 200 OK | 735 B |
URL GET HTTP/3rfadvs.com/wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-32x32.jpg IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3 Hash9d941964216e51c4b56ac7ad06fb61b4 a559d2d0105145b331887cc0bdc7770afa230434 012769e6826adf95a0787dee6171535997f81da8ecf760234dabce2f202bc283
GET /wp-content/uploads/2023/01/cropped-234743557_1073272203080194_6506112593888666773_n-32x32.jpg HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Cookie: _ga_389D975B23=GS1.1.1715096448.1.0.1715096448.0.0.0; _ga=GA1.1.126259766.1715096449; _gcl_au=1.1.1292518688.1715096449
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 15:40:49 GMT
content-type: image/jpeg
content-length: 735
cache-control: public, max-age=31557600
expires: Mon, 05 May 2025 11:43:08 GMT
last-modified: Tue, 23 May 2023 18:17:27 GMT
etag: "2df-646d0337-6e989b3fc0fe9b77;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 208661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtIR4DF98t%2F0A9W6srPuCPXISlyTxq26nLFSMgof1GQTH%2FtU7fDn29w5D0FJw5hE3u9hxwq6%2B6yA71pyl4SlJH6WmxVH2VOIuN5r%2BBkxWfDViJhr3MkA5%2BtN21rI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f87997b0b06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/uploads/2024/03/scott-graham-5fNmWej4tAA-unsplash.jpg | 104.21.81.183 | 403 Forbidden | 787 B |
URL GET HTTP/3rfadvs.com/wp-content/uploads/2024/03/scott-graham-5fNmWej4tAA-unsplash.jpg IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with very long lines (818), with no line terminators Hashcc519965fb8b0abd554b640cdd27c970 fab0dd8a659e59a856b6dc94d133e7bc54b28d6e 644494e8e07e5053a1ffc8d3246e8035e80b1feb752943bfea5c01279876d0d5
GET /wp-content/uploads/2024/03/scott-graham-5fNmWej4tAA-unsplash.jpg HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctZzSo3JddLJwb51G9RnqzqIb4GVJET1WuvjrjI25qbalptCsEb4etHGZHNxX8oTEBmfFW%2Fi0APJVOQw1DavXizFdPKAzeFtjfOcWMmVWxI8jmzp78fUR5sAudmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f824a5d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jquery.restartyourchoices.com/cdncollect?r1=rfadvs.com | 172.67.185.53 | 200 OK | 10 kB |
URL GET HTTP/2jquery.restartyourchoices.com/cdncollect?r1=rfadvs.com IP172.67.185.53:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerLet's Encrypt Subjectrestartyourchoices.com Fingerprint1E:64:C0:EA:CA:57:4F:66:CB:2A:33:CF:E5:2D:8D:F5:B1:21:CE:D6 ValidityThu, 02 May 2024 15:04:04 GMT - Wed, 31 Jul 2024 15:04:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10370) Hasha670ec3dd6fa757de5d5aab7abddfe59 07efb08354a342ae821e52b60728a31945c95759 a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
GET /cdncollect?r1=rfadvs.com HTTP/1.1
Host: jquery.restartyourchoices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:40:48 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: Tue, 07 May 2024 15:40:48 GMT
set-cookie: _subid=376l60jifss8t; expires=Fri, 07 Jun 2024 15:40:48 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTcxNTA5NjQ0OH0sXCJjYW1wYWlnbnNcIjp7XCIxM1wiOjE3MTUwOTY0NDh9LFwidGltZVwiOjE3MTUwOTY0NDh9In0.gfepYRiE5ZE3YYvO0eJ7SF4HR3OieADtSM_WhrM8cek; expires=Tue, 13 Sep 2078 07:21:36 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JgXowb5mrPkDnaHih6CQXcFuEG%2BdGoJnLnJVGBWUatP8nO6oo4R%2FwQO%2BgRZ65lHrtkkrhMANzu%2BQ57yoNk4OIMnNhxI1In7Pqij0EnlMqsLZuqJIgZNjWyPn2w%2BMzHQp7g4JZ3kcNmaV4KkxQ%2Fp5yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f847fd9b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rfadvs.com/endividamento-empresarial-blog/ | 104.21.81.183 | 200 OK | 108 kB |
URL User Request GET HTTP/2rfadvs.com/endividamento-empresarial-blog/ IP104.21.81.183:443
CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
Size108 kB (107912 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /endividamento-empresarial-blog/ HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
x-dns-prefetch-control: on
link: <https://rfadvs.com/wp-json/>; rel="https://api.w.org/", <https://rfadvs.com/wp-json/wp/v2/pages/5871>; rel="alternate"; type="application/json", <https://rfadvs.com/?p=5871>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CatuFMBZjbnyHV%2F%2FaVoYp5RzhnZfVvAJNlorqwqBgT%2FMt2OEppU7QxhXIF2LARGDMIUJv%2FZVxB%2F084wmv%2FbYSygXgmPcCaqR1Lw6zphG2lkoI1yVVVZkZsrr5gQt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f7deed9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-419551596&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 227 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-419551596&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size227 kB (226818 bytes) Hash3cf1ae0e0e24837d157cb298fce4631e ee2fce1660bc742cbbb7d29721404c7134333550 430a3315bd4a42ad8b295b25e77e5ac25bd07506634c4f60ee3dbb24d188c299
GET /gtag/js?id=AW-419551596&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 15:40:48 GMT
expires: Tue, 07 May 2024 15:40:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| done.restartyourchoices.com/stepone | 172.67.185.53 | 200 OK | 0 B |
URL GET HTTP/3done.restartyourchoices.com/stepone IP172.67.185.53:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerLet's Encrypt Subjectrestartyourchoices.com Fingerprint1E:64:C0:EA:CA:57:4F:66:CB:2A:33:CF:E5:2D:8D:F5:B1:21:CE:D6 ValidityThu, 02 May 2024 15:04:04 GMT - Wed, 31 Jul 2024 15:04:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stepone HTTP/1.1
Host: done.restartyourchoices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 15:40:49 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: Tue, 07 May 2024 15:40:49 GMT
set-cookie: _subid=376l60jifss9t; expires=Fri, 07 Jun 2024 15:40:49 GMT; path=/
a4fba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxXCI6MTcxNTA5NjQ0OX0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE3MTUwOTY0NDl9LFwidGltZVwiOjE3MTUwOTY0NDl9In0.d8PLrE0vkSwdAjZqtbihhgjQQ0__cUXMK3Ag_qMSfXI; expires=Mon, 12 Sep 2078 19:21:38 GMT; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEjAUhMAs4F9sAdW2J2TDnC%2BKmamVLWG0F9%2FF5poPjPBibMA27hzM5YhyL7ipXLOA8IOME6cx7u1uxMtAN7JOl0BWTuJ%2FaDZngeACds%2B5ia%2Fwsit%2BqU2%2BU27WsOXC4%2BtmKN%2Fuh6Ikd9RqKUESQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f868ba6b50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js | 104.21.81.183 | 200 OK | 12 kB |
URL GET HTTP/3rfadvs.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1392) Hash9593c634b81c031342cbe0fa03903d47 dd68ee9d73731b22fb7252f66be8bea5d17227c7 d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 15:40:48 GMT
content-type: application/x-javascript
cache-control: public, max-age=31557600
expires: Wed, 07 May 2025 15:27:02 GMT
last-modified: Sat, 04 May 2024 20:07:32 GMT
etag: W/"2da9-66369584-4c7cc9b09cafc8d0;br"
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 22426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPazI1OeKVpnYUS3EfmURH5pi2bE9IgcfmCpTErI973AyGSyrXxPHmvZIdGvzetFz2yOfZmnZPSw7CUhKgn5mk32FodXlZaBQ72a8CSRcdzPeO3oc%2FgPztPLcKHF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88024f824a540b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rfadvs.com/wp-content/uploads/2023/01/money-rfadvs-e1680813473792.webp | 104.21.81.183 | 403 Forbidden | 787 B |
URL GET HTTP/3rfadvs.com/wp-content/uploads/2023/01/money-rfadvs-e1680813473792.webp IP104.21.81.183:443
Requested byhttps://rfadvs.com/endividamento-empresarial-blog/ CertificateIssuerGoogle Trust Services LLC Subjectrfadvs.com Fingerprint32:8F:C7:50:D9:F9:1C:65:3A:71:E2:A1:B9:6F:17:B2:B2:FB:14:F9 ValidityTue, 30 Apr 2024 17:27:29 GMT - Mon, 29 Jul 2024 17:27:28 GMT
File typeHTML document, ASCII text, with very long lines (818), with no line terminators Hashcc519965fb8b0abd554b640cdd27c970 fab0dd8a659e59a856b6dc94d133e7bc54b28d6e 644494e8e07e5053a1ffc8d3246e8035e80b1feb752943bfea5c01279876d0d5
GET /wp-content/uploads/2023/01/money-rfadvs-e1680813473792.webp HTTP/1.1
Host: rfadvs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rfadvs.com/endividamento-empresarial-blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 15:40:48 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZ8We5Q%2FWFekpVfuHjjBdrOFbII401J9RTB5cFZ7bHU905GxOhue90SLtPvWlbMdPFvYabljCsY40iZqy3uiFdyv4DCsZrjNQcxIQ4Ed8wxTxeKz%2BJy6FjGhCIE8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88024f824a560b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|