urlscan.io logo urlscan.io
SecurityTrails logo

click.pagina.ninja Open in urlscan Pro
2606:4700:3033::681f:46a7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Effective URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Submission: On March 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3033::681f:46a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.pagina.ninja.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 31st 2020. Valid for: 8 months.
This is the only time click.pagina.ninja was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 185.199.109.153 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
15 8
4    2606:4700:3033::681f:46a7 (United States)

ASN13335 (CLOUDFLARENET, US)
click.pagina.ninja
2    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
netdna.bootstrapcdn.com
1    185.199.109.153 (United States)

ASN54113 (FASTLY, US)
pingendo.github.io
2    2606:4700:3035::681c:b51 (United States)

ASN13335 (CLOUDFLARENET, US)
leadlovers.com.br
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3034::6818:6710 (United States)

ASN13335 (CLOUDFLARENET, US)
blob.contato.io
1    2606:4700:20::681a:b28 (United States)

ASN13335 (CLOUDFLARENET, US)
blob.leadlovers.com
1    2606:4700:3031::6818:72a9 (United States)

ASN13335 (CLOUDFLARENET, US)
blob.llimages.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 click.pagina.ninja 1 redirects click.pagina.ninja
2 fonts.gstatic.com cdnjs.cloudflare.com
2 blob.contato.io click.pagina.ninja
2 fonts.googleapis.com click.pagina.ninja
2 leadlovers.com.br click.pagina.ninja
2 cdnjs.cloudflare.com click.pagina.ninja
1 blob.llimages.com 1 redirects
1 blob.leadlovers.com 1 redirects
1 pingendo.github.io click.pagina.ninja
1 netdna.bootstrapcdn.com click.pagina.ninja
15 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-31 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2018-06-27 -
2020-06-20		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Frame ID: D9B146B45E88A4430F3153FC39235063
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR HTTP 302
    https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

8
IPs

3
Countries

523 kB
Transfer

774 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR HTTP 302
    https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://blob.leadlovers.com/machine-user-images/img-18341-20160727155753.jpg HTTP 301
  • https://blob.llimages.com/machine-user-images/img-18341-20160727155753.jpg HTTP 301
  • https://blob.contato.io/machine-user-images/img-18341-20160727155753.jpg

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request descadastro.aspx
click.pagina.ninja/redirect/
Redirect Chain
  • https://click.pagina.ninja/redirect/redirect.aspx?A=U&u=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
  • https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:46a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a2f770c587a9a46d55b8a008e108ea033338a3b35f19f26b146973b57728b562

Request headers

:method
GET
:authority
click.pagina.ninja
:scheme
https
:path
/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d5d95206a4052142052684d95250272771585171736; ASP.NET_SessionId=deqwylioog5sqv4ph0afcnkd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Wed, 25 Mar 2020 21:28:56 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-methods
*
access-control-allow-headers
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579bb976bbeb6479-FRA
content-encoding
br

Redirect headers

status
302
date
Wed, 25 Mar 2020 21:28:56 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d5d95206a4052142052684d95250272771585171736; expires=Fri, 24-Apr-20 21:28:56 GMT; path=/; domain=.pagina.ninja; HttpOnly; SameSite=Lax ASP.NET_SessionId=deqwylioog5sqv4ph0afcnkd; path=/; HttpOnly; SameSite=Lax
cache-control
private
location
/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-methods
*
access-control-allow-headers
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579bb9761b606479-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
HIT
age
21130871
cf-ray
579bb9770fcabf00-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-14696"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 15 Mar 2021 21:28:56 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9538
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
HIT
age
12665960
cf-ray
579bb9770fc9bf00-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-5cbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 15 Mar 2021 21:28:56 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
bootstrap.css
pingendo.github.io/pingendo-bootstrap/themes/default/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pingendo.github.io/pingendo-bootstrap/themes/default/bootstrap.css
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8201ff75eb49daeca150e69eabbafb557975fdfa7ac2562d89eb8e5de0fcf478

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

x-fastly-request-id
c8beb47ed0c4d5d2b19746ecffd80b5520673b8c
date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
gzip
age
581
x-cache
HIT
status
200
x-cache-hits
1
content-length
22017
via
1.1 varnish
x-served-by
cache-lon4262-LON
last-modified
Mon, 28 Sep 2015 13:51:08 GMT
server
GitHub.com
x-github-request-id
E15C:560B:FC453:14D057:5E7B2823
x-timer
S1585171736.228473,VS0,VE1
etag
W/"560945cc-2357d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
expires
Wed, 25 Mar 2020 09:55:11 GMT
bootstrap.min.js
leadlovers.com.br/scripts/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadlovers.com.br/scripts/bootstrap.min.js
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8073a7901a06c9aa7dd59c29800b9e4f7ec54c0ab02bfb92ef490e9fbc1677f4

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Oct 2015 13:58:56 GMT
server
cloudflare
age
5701
etag
W/"66fa-523025cb7a800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
579bb977696ad6f1-FRA
jquery.countdown.js
leadlovers.com.br/squeeze/countdown/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadlovers.com.br/squeeze/countdown/jquery.countdown.js
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:b51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ab023691eeed8f1eff1479fb882b115dd905ca3dabd01171f0896c6a2e52dc

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 16 Mar 2015 14:12:10 GMT
server
cloudflare
etag
W/"1444-511686f972280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
579bb977696cd6f1-FRA
font-awesome
click.pagina.ninja/redirect/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://click.pagina.ninja/redirect/font-awesome
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:46a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
404
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
cf-ray
579bb9770c226479-FRA
access-control-allow-headers
*
css
fonts.googleapis.com/ 		2 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Mar 2020 21:28:56 GMT
server
ESF
date
Wed, 25 Mar 2020 21:28:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Mar 2020 21:28:56 GMT
machine-unsub-304976-.jpg
blob.contato.io/machines-logo/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blob.contato.io/machines-logo/machine-unsub-304976-.jpg
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb2de945644336fc4016102ae01c11e4953e8477b8f527d6f54efc669b0fbf42

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 25 Mar 2020 21:28:57 GMT
cf-cache-status
MISS
content-md5
zYBrRIIzq7rFZLc51X7oVw==
status
200
content-length
132221
x-ms-lease-status
unlocked
last-modified
Mon, 23 Sep 2019 17:38:41 GMT
server
cloudflare
etag
0x8D7404CDFBB9523
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
x-ms-request-id
cd40dc61-b01e-0016-52ec-02896e000000
cache-control
max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
579bb9772bfdc2b8-FRA
css
fonts.googleapis.com/ 		767 B
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Lato
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Mar 2020 21:28:56 GMT
server
ESF
date
Wed, 25 Mar 2020 21:28:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Mar 2020 21:28:56 GMT
font-awesome
click.pagina.ninja/redirect/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://click.pagina.ninja/redirect/font-awesome
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:46a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 25 Mar 2020 21:28:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
404
access-control-allow-methods
*
content-type
text/html
access-control-allow-origin
*
cf-ray
579bb977ccc46479-FRA
access-control-allow-headers
*
img-18341-20160727155753.jpg
blob.contato.io/machine-user-images/
Redirect Chain
  • https://blob.leadlovers.com/machine-user-images/img-18341-20160727155753.jpg
  • https://blob.llimages.com/machine-user-images/img-18341-20160727155753.jpg
  • https://blob.contato.io/machine-user-images/img-18341-20160727155753.jpg
290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blob.contato.io/machine-user-images/img-18341-20160727155753.jpg
Requested by
Host: click.pagina.ninja
URL: https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaaabd39bd8fbd6c9c56d9f085d69866a89b0c8327c5d33b72a8b17eb3e0ca4d

Request headers

Referer
https://click.pagina.ninja/redirect/descadastro.aspx?u_guid=D649B0E1-FB92-41B0-A247-F2E9B9504313&I=BR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 25 Mar 2020 21:28:56 GMT
cf-cache-status
REVALIDATED
content-md5
g1f8tY98OqKgq8ZQCLEARA==
status
200
content-length
296663
x-ms-lease-status
unlocked
last-modified
Wed, 27 Jul 2016 18:58:20 GMT
server
cloudflare
etag
0x8D3B64FF9F79F7F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
x-ms-request-id
354839a9-301e-0043-6cf2-d16219000000
cache-control
max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
579bb9795934c2b8-FRA

Redirect headers

date
Wed, 25 Mar 2020 21:28:56 GMT
server
cloudflare
location
https://blob.contato.io/machine-user-images/img-18341-20160727155753.jpg
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
301
cache-control
max-age=3600
cf-ray
579bb9793d741f25-FRA
expires
Wed, 25 Mar 2020 22:28:56 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato|Lato
Origin
https://click.pagina.ninja
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:02:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1805188
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:02:28 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
https://click.pagina.ninja
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2378510
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
click.pagina.ninja/ Name: ASP.NET_SessionId
Value: deqwylioog5sqv4ph0afcnkd
.pagina.ninja/ Name: __cfduid
Value: d5d95206a4052142052684d95250272771585171736