urlscan.io logo urlscan.io
SecurityTrails logo

www.casadoscontos.com.br Open in urlscan Pro
2a01:4f8:151:7162::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.casadoscontos.com.br/
Submission: On June 09 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 2a01:4f8:151:7162::3, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.casadoscontos.com.br.
TLS certificate: Issued by R3 on May 11th 2023. Valid for: 3 months.
This is the only time www.casadoscontos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2a01:4f8:151:7162::3 (Germany)

ASN24940 (HETZNER-AS, DE)
www.casadoscontos.com.br
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    2606:4700:e6::ac40:c127 (United States)

ASN13335 (CLOUDFLARENET, US)
webstats1.com
1    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
plaitvaccination.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
21 webstats1.com
webstats1.com
161 KB
5 casadoscontos.com.br
www.casadoscontos.com.br
48 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5056
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121
260 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3028
260 B
1 plaitvaccination.com
plaitvaccination.com
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
85 KB
30 8
Domain Requested by
21 webstats1.com 3 redirects www.casadoscontos.com.br
webstats1.com
5 www.casadoscontos.com.br www.casadoscontos.com.br
2 www.google-analytics.com www.casadoscontos.com.br
www.google-analytics.com
1 www.google.de www.casadoscontos.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 plaitvaccination.com www.casadoscontos.com.br
1 www.googletagmanager.com www.casadoscontos.com.br
30 8

This site contains no links.

Subject Issuer Validity Valid
casadoscontos.com.br
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
webstats1.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
plaitvaccination.com
R3		 2023-04-22 -
2023-07-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.casadoscontos.com.br/
Frame ID: DF9807829CB718D214AB0A2B219D1970
Requests: 12 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=122
Frame ID: C1735BC923663C6D9C26F47AB451224A
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=124
Frame ID: 96F3D27D699F162655EC63FDC98C34F9
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=123
Frame ID: A4E783E04A0FBD3B5F14ACD38BC5AAA7
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: BF30658E2DCD658A679619E9189180C8
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: 6F9420504C176C51C7A0E279602F6C19
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Frame ID: BD9DF376E2354F5DF7BBD2F2090463D4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Casa dos Contos Eróticos

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

90 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

314 kB
Transfer

613 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Request Chain 19
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Request Chain 22
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.casadoscontos.com.br/ 		51 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6728f14b784a602cd61804ea6f233fb7a3e736d24a6558194b0fa13344b3dc3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 09 Jun 2023 05:42:29 GMT
link
</static/logo.png>; rel=preload </static/style-202108240506.css>; rel=preload </static/casa-202107290419.js>; rel=preload </static/grass_pattern.webp>; rel=preload </static/casa.png>; rel=preload
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-pagecache
Catalyst
js
www.googletagmanager.com/gtag/ 		251 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K971KD8MT5
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7767702edf6f511715616be96e4cbd36f5256e937134e116d7033aafc5df0212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87116
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 09 Jun 2023 05:42:29 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Jun 2023 04:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4022
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 09 Jun 2023 06:35:27 GMT
style-202108240506.css
www.casadoscontos.com.br/static/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/static/style-202108240506.css
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0022bb934f31a6f8d0cb3134cfc15eac7f27ee3b94729d788d2ddf4822fe05ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Jun 2023 05:42:29 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 22:32:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6233b701-6e41"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
expires
Fri, 16 Jun 2023 05:42:29 GMT
logo.png
www.casadoscontos.com.br/static/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casadoscontos.com.br/static/logo.png
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a2e8757a8c6cde067df223500eeb0238918f76c61d26f2863e062758c65a8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Jun 2023 05:42:29 GMT
last-modified
Thu, 14 Oct 2021 05:51:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6167c557-4211"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
16913
expires
Fri, 16 Jun 2023 05:42:29 GMT
casa-202107290419.js
www.casadoscontos.com.br/static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/static/casa-202107290419.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b5bdf0987c86d073af47022a7ed25717288cde3dc8b3ef867204a59d674e3ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Jun 2023 05:42:29 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 20:41:14 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6103126a-fc7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Fri, 16 Jun 2023 05:42:29 GMT
grass_pattern.webp
www.casadoscontos.com.br/static/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casadoscontos.com.br/static/grass_pattern.webp
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/static/style-202108240506.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cc66b9d247c6deb97793bffaee12c2d9bef46b78b285c09830f62289c62cf1f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/static/style-202108240506.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Jun 2023 05:42:29 GMT
last-modified
Sun, 19 Sep 2021 05:23:29 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6146c951-fa6"
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
4006
expires
Fri, 16 Jun 2023 05:42:29 GMT
afr.php
webstats1.com/www/delivery/ Frame C173 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=122
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a91e7be7800998faba84603d2ec1bd0d260d2dbedb0b5ede5db8449301b4f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://www.casadoscontos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d470d332cbc1cc5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Jun 2023 05:42:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ihn1C0sgWRliLJ3SYgXhC2IAnIFWIWfnhZL05wp3mK8mLJcg2HGUrSkp5q7oipzobyAaoZWUC3X8d8rbig7ldsJD1LKT0%2B2PtKaUE5Dnr2r1xsEeFlwjjm1EOGykmBupDmMyUbZMkjdV4GuS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
afr.php
webstats1.com/www/delivery/ Frame 96F3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=124
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d598a7450c9ef049aacc2f055152dec44b57d88146bc413de460acd21978ebeb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://www.casadoscontos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d470d332cbe1cc5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Jun 2023 05:42:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElNkkWUxSDvxvggbeXdDfN6%2FKjsjgvRiv8zeArbPKfQhsvkDaBRIllUr4Cu0TdECU9qcYIIASjDT2HB3w5MVSxgBud4YCOdNGtNY%2BtzI%2F9%2BMuJ2tf5MM61YajDd2AEZvflBMf8E2FlEpFV9A"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
afr.php
webstats1.com/www/delivery/ Frame A4E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=123
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995512c7351b7194c0b4fa0ab3c20a801643efd539ecc2d6ba014e4199d32106
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://www.casadoscontos.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d470d332cc11cc5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Jun 2023 05:42:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utoHrDJW7VwfH%2FI7%2BDw6fZPK%2Bwb9xZMkBKfBX0GDRKHnxGbIJueASzXbrrl0yJ7nuYTZjDqi36OmqKVOHQkf7zabCyhYgX%2B2QskALjqVdV62SAr0QGRj51PdGPow9eLD4IXtn6MlSMGIPniC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
44120ebab0b46af97fa4633c720e738d.js
plaitvaccination.com/44/12/0e/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plaitvaccination.com/44/12/0e/44120ebab0b46af97fa4633c720e738d.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 05:42:31 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=944742328&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casadoscontos.com.br%2F&ul=en-us&de=UTF-8&dt=Casa%20dos%20Contos%20Er%C3%B3ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1791084257&gjid=1620984163&cid=1126779094.1686289350&tid=UA-1133373-1&_gid=654968259.1686289350&_r=1&_slc=1&z=1592135465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casadoscontos.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casadoscontos.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K971KD8MT5&gtm=45je3671&_p=944742328&_gaz=1&cid=1126779094.1686289350&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686289349&sct=1&seg=0&dl=https%3A%2F%2Fwww.casadoscontos.com.br%2F&dt=Casa%20dos%20Contos%20Er%C3%B3ticos&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K971KD8MT5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casadoscontos.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K971KD8MT5&cid=1126779094.1686289350&gtm=45je3671&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K971KD8MT5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casadoscontos.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K971KD8MT5&cid=1126779094.1686289350&gtm=45je3671&aip=1&z=1224317422
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
72d52907e0d62ee31f5611007655fcfa.jpg
webstats1.com/www/images/ Frame C173 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/72d52907e0d62ee31f5611007655fcfa.jpg
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e2b466505fc9fbb77fe754d2b78f53e448a04848aaa05f7471475560c86ea6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1850112
alt-svc
h3=":443"; ma=86400
content-length
35344
last-modified
Tue, 23 Aug 2022 18:31:07 GMT
server
cloudflare
etag
"63051ceb-8a10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MhVDOAnk%2FwQ7RgCY0PkXMvHoXdF6OYlwY%2BKtfrXqtM3utmW5WhyVnuzS7%2F0IMt%2B3am2Rfx%2BwU3i9NAHV%2BmZuIXAnvO34Xc99eUmDNt4bwAueexNAQ278blBGmafr5ZMedzFwTsQo6QCHPG7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7d470d36c8431cc5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame C173 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1325&campaignid=21&zoneid=122&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=b34af334c3
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZoegrseo8igUbK0V1yQVW1oqFGefcuCHMOnVX5K7BTcNsyA6kyFygEFgUe6y7IBFFWcEKFHPCAAXhj4DxUvry%2BXZYZVf3v3scFj8F2nJGjYm6x5l9tYgptEQpw4NCkC7la2AxbQhA%2FNQMgs"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7d470d36c8451cc5-FRA
alt-svc
h3=":443"; ma=86400
expires
0
fd0b5b33276115980ae084e01073ebd7.jpg
webstats1.com/www/images/ Frame A4E7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/fd0b5b33276115980ae084e01073ebd7.jpg
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc0f63d3dc2e1c5e57166946282dd7d2eac9179db265cff947391f939bf1daa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
905184
alt-svc
h3=":443"; ma=86400
content-length
39311
last-modified
Mon, 29 May 2023 18:15:09 GMT
server
cloudflare
etag
"6474ebad-998f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=estE9i0oR5r9HThz6M8nQh%2BXfwGBL3o4n5GyZs9QD4NvuVcdx%2FgUBxFAJ%2FXr%2BpXJu%2BZTUOYVs4n6vVzkTbsSOzDC2gK2re6ulrYH1w69Dur%2BNAx8l9DIJqnZM5Li2gwH1Eb%2B1SyX02HvuWXu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7d470d36e8621cc5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame A4E7 		43 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1566&campaignid=21&zoneid=123&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=ad4921c5bb
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qT8ji7OHgrIr77JE8dXIeO2W8F5v9cI4c1YkNWP1fYhCV2VxL%2FTcqOoxFvEi%2F%2FNtuwR9%2F4J6D3MFW7DpLh9Blk5jQJalBWcSqDl%2FmMFlE3iGtsvOM%2FOo5kCdFZT4pxtykPEhWC7fYhJ77gg"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7d470d36e8641cc5-FRA
alt-svc
h3=":443"; ma=86400
expires
0
invisible.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame BF30
Redirect Chain
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H3
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ef6a4deccdaaf37192b250c588209b7494c965d9bfe9c97ca86ae15f5ed38c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugtiw8lpFgpfkL0q%2BzBc8lXi9I5lQcmJDDoxwkcZO9ySNh9TnQ9LO4MSfXyccrb8Tf2XG3byrLfx7GkM4htffbkmCckWCYY0OpLtvl%2Bi6mSm1HYNTmSXuic%2FbKi3r1Ey0PKSby%2BtJv1%2BmDzE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d372e0d2c63-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Jun 2023 05:42:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydcrGw0lyScGKMLiDgTWxYCcKnDR1vo25FHv2iWNUHWLW%2B%2FljhEmNodXwdTWaue%2F2K3OBZYQYfZEV7uHnwfwlV7sKDAlktpqV0wRs6E3CE8iEaFVUEjlHwJ4k0O6CxZmIaHKBmWU6LioQXA5"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7d470d36e86e1cc5-FRA
alt-svc
h3=":443"; ma=86400
invisible.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame 6F94
Redirect Chain
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H3
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5e040dd2df466e98df59e8f1c8273e8506a62c8228260a6d1c2cae60365975
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkC%2FyGg%2Bz7EHQ9tpyX69IRM91Hoy4n%2FjV1zJfn62VN4Mwe8MvAb7QnkWkbFphhZyEn2QvM48ueaUaKBPCfZc8DUcAMIWo%2BOG3RwVJJtHvVkoRZji5W93ooVPHUerq%2BSQXYtdQ%2BSuEslmc3xq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d372e102c63-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Jun 2023 05:42:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yczmQVSX5kGRLjCmORwrH7A91C%2F26W7fO0RZBnGJrP4MKTpQXCG9H845kvR1HNNa0xd8%2ByeR9KEItrB7Wju7o1ILgjXOOuCP1ejUOqYGonOPQnd6ZoebADFDGBXFy5ncgt2Ntf%2BWIeoGlF82"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7d470d36fde22c63-FRA
alt-svc
h3=":443"; ma=86400
43bff691b841b06098acceece7087b41.jpg
webstats1.com/www/images/ Frame 96F3 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/43bff691b841b06098acceece7087b41.jpg
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b8f07cadcf2926803cffd0cba00ac674c16afdddabd25f081635f02624e40f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1849516
alt-svc
h3=":443"; ma=86400
content-length
31067
last-modified
Mon, 22 Aug 2022 17:36:02 GMT
server
cloudflare
etag
"6303be82-795b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjTP54ZqSHCUR%2FrMYyu%2FxyOv6OdYj%2F2fX9MCI89q%2Fv0H404AQ8pBwNTUrKhBChKpu%2FnPG6g%2BrNceJDOvmI9sDdCulwfM9a69q%2FQaCIcf71DWWQlr2R0%2FDAV6vFIlgpb2FrlEiFEN5tD2SR5f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7d470d36fde62c63-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame 96F3 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1337&campaignid=21&zoneid=124&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=8b93c16318
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webstats1.com/www/delivery/afr.php?zoneid=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jun 2023 05:42:30 GMT
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFVGNosR%2Fw7Z%2F%2FSQHMI3gQYFU%2Bark38wd7xdIR%2BkgLchyVwUg00yQbRzDfag9Ik3MkN18p5pgSsLjMrJSJ8xQAbXvXmnOQFxUJpsLalHIPfD%2FYE2Qub83fP4QQEPGJBTfPGGrALeEnEMGp7s"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
7d470d36fde72c63-FRA
alt-svc
h3=":443"; ma=86400
expires
0
invisible.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/ Frame BD9D
Redirect Chain
  • https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ef6a4deccdaaf37192b250c588209b7494c965d9bfe9c97ca86ae15f5ed38c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lFlZiRHhhBLSuIeS5EGj0hmvZ0FupesDjOV6NtxvHUMFUCAVDUsbV0pXX7YT3pXI0uybFKTRjmf7oFVbkkNUL%2BoQVQmRfVKiDbEQvbO9y5en4Mua6rlbpFY65mDrOM13wfhsL06QFIiOg6D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d374e342c63-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Jun 2023 05:42:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52rsmAkIZTkPYIPMzjWXseAFcyAIa04l2A3YV8oJmOahNLePXKAdtDRtWY1kYOm3tMBKN4mz5CMoUX2ADYn7gWcTrp%2FMorWIVo4e3h96tNB7O3oWrjyIqCcKkxLOzICErlEzB2o6RUZ6wKtf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/5da7637f/invisible.js
cache-control
max-age=300, public
cf-ray
7d470d370df82c63-FRA
alt-svc
h3=":443"; ma=86400
pica.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame BF30 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cf627ac722a1b565573a08ec6c3c82a4524a5672a26465aff754d76a209d42b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3tkmN7HBU5wqaZWQi%2FuKs%2F3vog3buxHMEkIBUI89GVjsl7VRHVkTz4XgaKGpxAu6lkWXwq5az5rdQ%2B6qn%2BNM1YwJWgIf2Gt7KyxjzfEo7noVauDn6UMD2m2GQf%2F0GfBzdm0Wkin9WIsIe0M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d377e592c63-FRA
alt-svc
h3=":443"; ma=86400
pica.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 6F94 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c464cccea77ff07af6b69dae8548ac1c02ad75ee8ea48ed2e10f78b583ebbd02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPNgAqIe36jZYo6iVHrFPd9rljBaRQTxcryaogo9DX35z1aQltxnNyIG3o5Pt4V%2F35t3oGLGsEE0NST3%2FIEPXEvjqSWkGbdnJJBweP6qtlRiEAB4L7oKtgHwAbKWU1wTCsjBKV1JHzCO%2BCui"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d377e5c2c63-FRA
alt-svc
h3=":443"; ma=86400
pica.js
webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame BD9D 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9c72983bd5a3d4bc12761c0af605b9e81e90e0738ba43931a7284fc2cedb37
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s949aFvfeocKhiiLOBasq8b1pyCynUr8uVKRGnDnZ6GduJf4fnDmN9M3mgDJf9KgmpRjvgMgnQepNqkALYRJ5UqvFrs2Nahn8Q118oysn4Lz6WGLg98a1ujwVIllCWKbeBmj2%2Fx0ExMbeLVM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d470d379e6d2c63-FRA
alt-svc
h3=":443"; ma=86400
7d470d332cc11cc5
webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 6F94 		2 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/7d470d332cc11cc5
Requested by
Host: webstats1.com
URL: https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tahbJ%2BAughs3%2B5cNREIzKn9%2FJ4WhrAwKneFH4vyAFqOD2bByBzRm40tcsvhhoxxxXWj%2BfOG6e79gZLqhO020EaIIH0x7xItOrkPc7EVbtZUNkHoYtIPldZ%2Fz7wFQcPrwwicDQZj8mrnKI%2BIA"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d470d388f532c63-FRA
alt-svc
h3=":443"; ma=86400
7d470d332cbc1cc5
webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame BF30 		2 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/7d470d332cbc1cc5
Requested by
Host: webstats1.com
URL: https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK%2F%2F7X73V27G9nya2VWRrhL%2BAH83eXRmZeHp6H8TZFsg15%2B%2Bc9%2BCwe48chSlS9PpKhIEFk1fMOEh9og%2B314vUT5v%2B1i2r5JV%2B%2BD1Fi%2BHS643TVquWevFcIalf%2BOFMACmKfj3bIQoNBwOEBWP"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d470d39883e2c63-FRA
alt-svc
h3=":443"; ma=86400
7d470d332cbe1cc5
webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame BD9D 		2 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/cdn-cgi/challenge-platform/h/b/cv/result/7d470d332cbe1cc5
Requested by
Host: webstats1.com
URL: https://webstats1.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:c127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 09 Jun 2023 05:42:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DWbCaeKdw31RkM67JbZocbATXQl6Bq1Be259IIYtGQAsQ%2FyQWzZbQooRo9uGNyVZFDBu9CRKRoxAtZ24dDA1vuxxn%2F4mbDIc6QzAyVmFzEGaRK%2BFWGFCDXTtcPmr6ibHXn3OQmzM5AQ2ynp"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d470d3a89632c63-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend function| gtag object| dataLayer function| ga function| menu_toggle function| submenu_toggle_mobile function| exibir_notificacoes function| esconder_notificacoes number| lastScroll number| minimumScroll function| loadScript function| loadScriptInline function| sortearPorPeso function| createCookie function| readCookie function| eraseCookie function| adTufos function| comentar function| texto_links_logado function| remove_general_ads function| favoritar function| seguir boolean| cdcauth boolean| cdcvip object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady

9 Cookies

Domain/Path Name / Value
www.casadoscontos.com.br/ Name: CDC-VIP
Value: 0
www.casadoscontos.com.br/ Name: CDC-Authenticated
Value: 0
www.casadoscontos.com.br/ Name: push1234
Value: 1
.casadoscontos.com.br/ Name: _gid
Value: GA1.3.654968259.1686289350
.casadoscontos.com.br/ Name: _gat
Value: 1
.casadoscontos.com.br/ Name: _ga_K971KD8MT5
Value: GS1.1.1686289349.1.0.1686289349.60.0.0
.casadoscontos.com.br/ Name: _ga
Value: GA1.1.1126779094.1686289350
webstats1.com/ Name: OAID
Value: 01000111010001000101000001010010
.webstats1.com/ Name: __cf_bm
Value: rcgC45XLqpfjjUkeKg.uU4wfwOUMxQG9N0pyW9AXIkk-1686289350-0-AYRZbgCF2tEYHPblsKwXoeQtbtq+v/I+G1oAXcAjlCqWvQY+RRP4FzWDm5lYG0lU0w==

6 Console Messages

Source Level URL
Text
other warning URL: https://www.casadoscontos.com.br/
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://www.casadoscontos.com.br/
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://www.casadoscontos.com.br/
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://www.casadoscontos.com.br/
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://www.casadoscontos.com.br/
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://plaitvaccination.com/44/12/0e/44120ebab0b46af97fa4633c720e738d.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

plaitvaccination.com
region1.analytics.google.com
stats.g.doubleclick.net
webstats1.com
www.casadoscontos.com.br
www.google-analytics.com
www.google.de
www.googletagmanager.com
173.233.139.164
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700:e6::ac40:c127
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c0b::9a
2a01:4f8:151:7162::3
0022bb934f31a6f8d0cb3134cfc15eac7f27ee3b94729d788d2ddf4822fe05ac
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a5e040dd2df466e98df59e8f1c8273e8506a62c8228260a6d1c2cae60365975
5a9c72983bd5a3d4bc12761c0af605b9e81e90e0738ba43931a7284fc2cedb37
5cf627ac722a1b565573a08ec6c3c82a4524a5672a26465aff754d76a209d42b
60a91e7be7800998faba84603d2ec1bd0d260d2dbedb0b5ede5db8449301b4f0
7767702edf6f511715616be96e4cbd36f5256e937134e116d7033aafc5df0212
995512c7351b7194c0b4fa0ab3c20a801643efd539ecc2d6ba014e4199d32106
9a2e8757a8c6cde067df223500eeb0238918f76c61d26f2863e062758c65a8e2
9fc0f63d3dc2e1c5e57166946282dd7d2eac9179db265cff947391f939bf1daa
a2ef6a4deccdaaf37192b250c588209b7494c965d9bfe9c97ca86ae15f5ed38c
b5bdf0987c86d073af47022a7ed25717288cde3dc8b3ef867204a59d674e3ed8
c464cccea77ff07af6b69dae8548ac1c02ad75ee8ea48ed2e10f78b583ebbd02
c5e2b466505fc9fbb77fe754d2b78f53e448a04848aaa05f7471475560c86ea6
c6728f14b784a602cd61804ea6f233fb7a3e736d24a6558194b0fa13344b3dc3
cc66b9d247c6deb97793bffaee12c2d9bef46b78b285c09830f62289c62cf1f2
d598a7450c9ef049aacc2f055152dec44b57d88146bc413de460acd21978ebeb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8f07cadcf2926803cffd0cba00ac674c16afdddabd25f081635f02624e40f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629