urlscan.io logo urlscan.io
SecurityTrails logo

www.casadoscontos.com.br Open in urlscan Pro
2a01:4f8:151:7162::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://contoseroticos.casa/
Effective URL: https://www.casadoscontos.com.br/
Submission: On August 20 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2a01:4f8:151:7162::3, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.casadoscontos.com.br.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.
This is the only time www.casadoscontos.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.230.85.241 16509 (AMAZON-02)
5 2a01:4f8:151:... 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 2a03:2880:f21... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
21 8
1    44.230.85.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
contoseroticos.casa
5    2a01:4f8:151:7162::3 (Germany)

ASN24940 (HETZNER-AS, DE)
www.casadoscontos.com.br
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    2606:4700:3031::ac43:b025 (United States)

ASN13335 (CLOUDFLARENET, US)
msgose.com
9    2606:4700:3036::ac43:9608 (United States)

ASN13335 (CLOUDFLARENET, US)
webstats1.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
yfetyg.com
Domain Requested by
9 webstats1.com www.casadoscontos.com.br
webstats1.com
5 www.casadoscontos.com.br www.casadoscontos.com.br
4 www.instagram.com 2 redirects www.casadoscontos.com.br
www.instagram.com
2 www.google-analytics.com www.casadoscontos.com.br
www.google-analytics.com
1 yfetyg.com msgose.com
1 msgose.com www.casadoscontos.com.br
1 contoseroticos.casa 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
www.tufos.com.br
www.instagram.com
Subject Issuer Validity Valid
casadoscontos.com.br
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-08-12 -
2021-11-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-20 -
2021-11-19		 a year crt.sh
yfetyg.com
R3		 2021-07-22 -
2021-10-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.casadoscontos.com.br/
Frame ID: 9651482992199A3EEC24195C7D1C654E
Requests: 11 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=123
Frame ID: 6DCF1B8F488C9471C804E2B338103941
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=124
Frame ID: AEAB7D56949A212C57AFD47016A7B3B8
Requests: 3 HTTP requests in this frame

Frame: https://webstats1.com/www/delivery/afr.php?zoneid=122
Frame ID: 46A6722E54E3508BE07742665F05800F
Requests: 3 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: 073E83EB91868B4FCF46B1454B655368
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Casa dos Contos Eróticos

Page URL History Show full URLs

  1. https://contoseroticos.casa/ HTTP 301
    https://www.casadoscontos.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

95 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

281 kB
Transfer

424 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://contoseroticos.casa/ HTTP 301
    https://www.casadoscontos.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 13
  • https://www.instagram.com/p/CQW89TKjS94/embed/captioned/?cr=1&v=13&wp=377&rd=https%3A%2F%2Fwww.casadoscontos.com.br&rp=%2F HTTP 302
  • https://www.instagram.com/accounts/login/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.casadoscontos.com.br/
Redirect Chain
  • https://contoseroticos.casa/
  • https://www.casadoscontos.com.br/
32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6191d329fdf6e02429d3b00af1bd1471e2c103efe52548f21614bb6622870bf1

Request headers

:method
GET
:authority
www.casadoscontos.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.18.0 (Ubuntu)
date
Fri, 20 Aug 2021 02:32:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
CDC-Authenticated=0; path=/ CDC-VIP=0; path=/
x-pagecache
Catalyst
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 20 Aug 2021 02:32:10 GMT
content-type
text/html
content-length
166
location
https://www.casadoscontos.com.br/
x-frame-options
sameorigin
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4709
date
Fri, 20 Aug 2021 01:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Fri, 20 Aug 2021 03:13:41 GMT
style-202107290419.css
www.casadoscontos.com.br/static/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/static/style-202107290419.css
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f9aea5cd1507f072a66c994d477444f78dd01a5fd09e0d77ae8545c1e34a456

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 20 Aug 2021 02:32:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 07:22:53 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6102574d-6bc8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800 public
expires
Fri, 27 Aug 2021 02:32:10 GMT
logo.png
www.casadoscontos.com.br/static/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casadoscontos.com.br/static/logo.png
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
66f951d5d95b5883831ac8222a22f4812535b613bfdfb21f6890571b235665e4

Request headers

:path
/static/logo.png
pragma
no-cache
cookie
CDC-Authenticated=0; CDC-VIP=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.casadoscontos.com.br
referer
https://www.casadoscontos.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 20 Aug 2021 02:32:10 GMT
last-modified
Mon, 30 May 2016 02:50:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"574baa6b-1a32"
content-type
image/png
cache-control
max-age=604800 public
accept-ranges
bytes
content-length
6706
expires
Fri, 27 Aug 2021 02:32:10 GMT
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 06:50:54 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Fri, 20 Aug 2021 02:32:10 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
cln
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
casa-202107290419.js
www.casadoscontos.com.br/static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casadoscontos.com.br/static/casa-202107290419.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b5bdf0987c86d073af47022a7ed25717288cde3dc8b3ef867204a59d674e3ed8

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 20 Aug 2021 02:32:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 20:41:14 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"6103126a-fc7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800 public
expires
Fri, 27 Aug 2021 02:32:10 GMT
waWQiOjEwNzc1NTUsInNpZCI6MTA5NjE4NCwid2lkIjoxOTg3MzEsInNyYyI6Mn0=eyJ.js
msgose.com/pw/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msgose.com/pw/waWQiOjEwNzc1NTUsInNpZCI6MTA5NjE4NCwid2lkIjoxOTg3MzEsInNyYyI6Mn0=eyJ.js
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
581b3fd9fb8b161393044a483a2f0b6c77f7b7ee32c29cf02b293bffe15c34bb

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
6d0e26713edb4c0ff616427d5a8c96c8
age
3055
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 20 Aug 2021 01:41:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxsIAmZkMa%2FsmbHZFRbhHlc4xlNmLpA98LAOr8g0TWp0YwWnpOJsaRdQHXVE69WZPzNRBk1KQcGHn%2Bd8OpMtxBMktdho22hjlur4FyZUvtfRSyO7SGwNuUCtpsommRNSWockZat6cen%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.casadoscontos.com.br
cache-control
max-age=14400
cf-ray
681835a95a8205bb-FRA
afr.php
webstats1.com/www/delivery/ Frame 6DCF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=123
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8abacc3192a6e0461cb7b8c4a69f406eddb985b5a047ca89e8e29e606eba6556
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

:method
GET
:authority
webstats1.com
:scheme
https
:path
/www/delivery/afr.php?zoneid=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.casadoscontos.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.casadoscontos.com.br/

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=558dc89c46e7cf539c43e66eea585ab4; expires=Sat, 20-Aug-2022 02:32:10 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuBvZaXjozgQMN8TRBzJes4mscfGQPp3b%2Bx6%2Be5Y5PIpgBKIHuIbuhqoXNfGmE%2Fbg8pnCU3eN0S7JCZdg3zCOYEVmpXIWeQy9cMjgCZQwP23W4b05vAQ8lrwoZBH2JjCR3gxA5214BS5sbQH"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
681835a9796b1762-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
grass_pattern.png
www.casadoscontos.com.br/static/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casadoscontos.com.br/static/grass_pattern.png
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/static/style-202107290419.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:151:7162::3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b7fa9f08757c5b1af8919504b0f909cca5ed8201244dc17e418065fd5f06371

Request headers

:path
/static/grass_pattern.png
pragma
no-cache
cookie
CDC-Authenticated=0; CDC-VIP=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.casadoscontos.com.br
referer
https://www.casadoscontos.com.br/static/style-202107290419.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.casadoscontos.com.br/static/style-202107290419.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 20 Aug 2021 02:32:10 GMT
last-modified
Mon, 30 May 2016 02:50:19 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"574baa6b-9259"
content-type
image/png
cache-control
max-age=604800 public
accept-ranges
bytes
content-length
37465
expires
Fri, 27 Aug 2021 02:32:10 GMT
afr.php
webstats1.com/www/delivery/ Frame AEAB 		1 KB
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=124
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7969c5e34ae5945dfe087dd3152ab7abdb63f3ebd65a76156494fe8006f8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

:method
GET
:authority
webstats1.com
:scheme
https
:path
/www/delivery/afr.php?zoneid=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.casadoscontos.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.casadoscontos.com.br/

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=7b98fa4964528185a09c2c0474167cb5; expires=Sat, 20-Aug-2022 02:32:10 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0UWMtKS%2BIUeqgOwiu%2Fg1aC2N7ea4l%2Fkp%2BYCmq%2B8RRQIFvRedn8KC58XvUzr12fOGey%2FylH8jbrnGX6APdkWZUBBLJafeGrHbcSwoHkzd%2Fg%2FMpG5w4dEdCW%2FuZLeABGX2DdF0feGHqsPhi6Q"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
681835a9c9991762-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
afr.php
webstats1.com/www/delivery/ Frame 46A6 		1 KB
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://webstats1.com/www/delivery/afr.php?zoneid=122
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a346e3e18ad325aea9621c2d93f25eec3f87ee241c2d4fda95e0f0d51302e23
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

:method
GET
:authority
webstats1.com
:scheme
https
:path
/www/delivery/afr.php?zoneid=122
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.casadoscontos.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.casadoscontos.com.br/

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=59792f9a86ed19c572179318e27adc6e; expires=Sat, 20-Aug-2022 02:32:10 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=15768000;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTwNqqXvaO34Aw7So9tJuAajIPA7r7C%2Bvq2JZhyfeRCjZtmsYE79hqWqYgDiz8xcL47e6TvpfODnky6hcTRWmCUXqBPRUBm%2FNABuo33uO117wjC5447pSXE1fzgYbBwDARRSlWsvmt26oktc"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
681835a9c99c1762-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1560712417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casadoscontos.com.br%2F&ul=en-us&de=UTF-8&dt=Casa%20dos%20Contos%20Er%C3%B3ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1286865291&gjid=2027670994&cid=1929108127.1629426731&tid=UA-1133373-1&_gid=1592732870.1629426731&_r=1&_slc=1&z=556412993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 02:32:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casadoscontos.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
wnload
yfetyg.com/ 		0
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNzc1NTUsInNpZCI6MTA5NjE4NCwid2lkIjoxOTg3MzEsImQiOiJjYXNhZG9zY29udG9zLmNvbS5iciIsImxpIjoyfQ==&tz=2&if=0
Requested by
Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNzc1NTUsInNpZCI6MTA5NjE4NCwid2lkIjoxOTg3MzEsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casadoscontos.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 20 Aug 2021 02:32:10 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
d0be620a-10e1-44e7-bd8d-ff7a4077fe85
https://www.casadoscontos.com.br/ 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casadoscontos.com.br/d0be620a-10e1-44e7-bd8d-ff7a4077fe85
Requested by
Host: www.casadoscontos.com.br
URL: https://www.casadoscontos.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
/
www.instagram.com/accounts/login/ Frame 073E
Redirect Chain
  • https://www.instagram.com/p/CQW89TKjS94/embed/captioned/?cr=1&v=13&wp=377&rd=https%3A%2F%2Fwww.casadoscontos.com.br&rp=%2F
  • https://www.instagram.com/accounts/login/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/embed.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/accounts/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.casadoscontos.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.casadoscontos.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Fri, 20 Aug 2021 02:32:10 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options
SAMEORIGIN
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial
AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop"
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
46
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
20800
x-ig-origin-region
cln
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
proxy-status
http_request_error; e_clientaddr="AcLEOT0btxamGbxV6XNQKUi-OfMQFLfADtnusuurwuzmt_5xbeFFT1zGZDjgeWqjmcVqt0XAwYVH5Aa3xsFRS29ocP80kA"; e_fb_binaryversion="AcKIEG6q3pFuru2zpMu5z9SjgGpBTOS0u1u23nEaQAKcJ-_g0OllT9o6Tj19us49PE1n_0KUJQefSu6d2hJIQA7I_Yce23KU_to"; e_upip="AcK2gPrOgVIVJ6CAGuX_QKm0IgINVyzF9AG5mB3zL1Q4OOsiK9STPDOobRky5jHmWDMjwkboeb5N9WmT0NCwF3j3cMK2g7iFVXt20LE"; e_proxy="AcI6tGvjbhdPAi9mnYaNeOo9y-MlPkXtGW1GD910a6fYzHHhGvA6y6MmmEOoVotXzbYNo4t2hcH5dbU"; e_fb_builduser="AcJGXaUsi2jWBuY5oQVmVlTngfurfgLkRhD1nxKJXK_XIQ0ukTGuTxoAlunGBrYbI8I"; e_fb_vipaddr="AcJtuOs5dsMtNIYEM5MvI3jMqYc50zoyxCnw0jj3_NJacU85EV7diQhfKOoXRl0P6cBuK_gVrytH7CUdZH-MTyMM7UABpkWRIo7jGTo1", http_request_error; e_clientaddr="AcJzjYIpzkMVZFtV66VDGI1RzA-0Dzu63LAdoTXHN2mHzGzNfhJqc2JWJhTcr_onOIYS4agHv0j0peA-fdEAfyeZ54jjfS5LeONyL5RpRpG04Q"; e_fb_binaryversion="AcItAlIhUN1IXd2c8ezl7oKq_T0KMLLQFHvM48n6p-rtvAKo8vQ7ABO1bR_wJBEA6ORT3_bu6SDzIj82cd_WfHnBG6AdCQlOoNU"; e_upip="AcLcRpIHg1hs2AzL3WX69bFjBed-2tOxo9EwkQqhoh1DyowZ9qvAxWrL8waGD9hrxTUqxBkP28_3_HxqvHEVcvxwppNydVi5SrM"; e_proxy="AcIGBbwR_2ShOphGtgKMzBJLFUQsmjcQ7-264GJniIa-ZN3NV02hZgrwSNy1pigoH6iTelN-6dzoyz60D3kp"; e_fb_builduser="AcLPMIIf44GIc4IfxMZJR_QT-cfwiN7rEFePaJZ5ZhZ3kKEC0WAdVyufuaXJU06dqlA"; e_fb_vipaddr="AcJdzcPtvsfy1R1BcO5bx3FyFoZSP3A7qksqiaTT_7nZ7gsz2XzSKK5ylyt7wU_0K3E0G7e4J7VWC57JZoj-SEt8styEs8Vgp8hy_gg"
priority
u=3,i

Redirect headers

content-type
text/html; charset=utf-8
location
https://www.instagram.com/accounts/login/
vary
Accept-Language, Cookie
content-language
en
date
Fri, 20 Aug 2021 02:32:10 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
46
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
0
x-ig-origin-region
cln
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
69ee3bcda59a2a533e2489a0fb57ee4c.gif
webstats1.com/www/images/ Frame 6DCF 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/69ee3bcda59a2a533e2489a0fb57ee4c.gif
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51967413e7d9710fa726bae1e607083dc64d1b0e7b1fd68a1b23d063fa1f5a86
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4431779
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
62207
last-modified
Tue, 29 Jun 2021 19:29:07 GMT
server
cloudflare
etag
"60db7483-f2ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUOA4h74sGLRSfHbvVS%2FFUIb7BCORf0vLOKlkN2%2Fej4MZhLbrJuRODwcgDXSjn82j3nRbuUzajjfbMGAA22rCykAKCAKQSxiVQCS8lZROVEMXaCbvovLTy2peHgq%2F%2BjSX4ky0RaxsWp10nSk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
681835aa7ee44321-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame 6DCF 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1283&campaignid=5&zoneid=123&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=ac69eef545
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 02:32:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY3kaDYcZY8qzZazaQD5n6dAW8mjEG4aLV4S3%2F8BPlzoHMo462uAwzVp8vXM%2BRg6LXFMlkYtpERywBM4yhvdUUYwgnyrw1hJzaVIAt%2Bs%2FyiTPhy3dmT4i5F7uWeQn6Q07CpqwVAbpQfiYNS8"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-ray
681835aa7ee24321-FRA
content-type
image/gif
expires
0
69ee3bcda59a2a533e2489a0fb57ee4c.gif
webstats1.com/www/images/ Frame AEAB 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/69ee3bcda59a2a533e2489a0fb57ee4c.gif
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51967413e7d9710fa726bae1e607083dc64d1b0e7b1fd68a1b23d063fa1f5a86
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4431779
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
62207
last-modified
Tue, 29 Jun 2021 19:29:07 GMT
server
cloudflare
etag
"60db7483-f2ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWbZPPWP8eSb6ti43zOsiWYYObfIkEqajPc2fG4T8a9gJlLInCc4TSGMfxYRwyWT88H90QGKfYmszbpvJZ2Ky8MZsM5jAr9hrAI5MdqJTMcWo0GXQcaGBB7srxRpJZK4jroRjfd2uxZ%2FvpX0"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
681835aa7ef64321-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame AEAB 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1435&campaignid=2&zoneid=124&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=6f02f613a0
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=124
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 02:32:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvxWelVlRFC3EWb%2BZrHy98G%2FIyo5LmvlTUoPQcUcrXT29B6gASiHSSRNwXLMbBqP4yokPD37vldBkjcowz7cSDKSKum%2B4b25RQVcMlYs8NQMYWsJMKwLggwfpwmvdcjWVICLAvstWrRWrkXP"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-ray
681835aa7ef84321-FRA
content-type
image/gif
expires
0
39f538ab785dcbde3bcdcc63ceff38ea.jpg
webstats1.com/www/images/ Frame 46A6 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/images/39f538ab785dcbde3bcdcc63ceff38ea.jpg
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a9b009cd85c0376628e29ea0cd64a58fd5a020b9aa47048c35a49cc065a991
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 02:32:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12478460
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26804
last-modified
Sat, 10 Oct 2020 17:01:29 GMT
server
cloudflare
etag
"5f81e8e9-68b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5UuiVU2PjLjQRW0bmmTK140BdJU66bt2LSLLjDGTkZPpdTcqLTiJaAcml4SYo1AJpbHQr9V%2BZVQfL0NQ536qVuvVM92DaE9Z%2FVOUWPbogPFXYVQVdjI0YAthjRjZEUJPkg6mxWgCk6xwmA8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
681835ac89be4321-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
webstats1.com/www/delivery/ Frame 46A6 		43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstats1.com/www/delivery/lg.php?bannerid=1256&campaignid=21&zoneid=122&loc=https%3A%2F%2Fwww.casadoscontos.com.br%2F&cb=3fc9177703
Requested by
Host: webstats1.com
URL: https://webstats1.com/www/delivery/afr.php?zoneid=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://webstats1.com/www/delivery/afr.php?zoneid=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Aug 2021 02:32:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2hNDZvAQIo1NjpIE%2FkYO%2Bn5iMeKucXWMYb4ldwdmifBxUxB7xjjr9ZoPrTqvkMSv8a3NRIN6BvSu5710dqpfeoYAn1Dt3GDF5uFfkq3%2BdxrFWV%2FfHi9m9hW8f0D1IyA%2F%2BiHOMPbvQZQPqSL"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-ray
681835ac89bf4321-FRA
content-type
image/gif
expires
0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ga function| menu_toggle function| submenu_toggle_mobile function| exibir_notificacoes function| esconder_notificacoes number| lastScroll number| minimumScroll function| createCookie function| readCookie function| eraseCookie function| adTufos function| comentar function| texto_links_logado function| remove_general_ads function| favoritar function| seguir boolean| cdcauth boolean| cdcvip object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __s object| instgrm

5 Cookies

Domain/Path Name / Value
.casadoscontos.com.br/ Name: _ga
Value: GA1.3.1929108127.1629426731
www.casadoscontos.com.br/ Name: CDC-VIP
Value: 0
.casadoscontos.com.br/ Name: _gat
Value: 1
.casadoscontos.com.br/ Name: _gid
Value: GA1.3.1592732870.1629426731
www.casadoscontos.com.br/ Name: CDC-Authenticated
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contoseroticos.casa
msgose.com
webstats1.com
www.casadoscontos.com.br
www.google-analytics.com
www.instagram.com
yfetyg.com
2606:4700:3031::ac43:b025
2606:4700:3036::ac43:9608
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a01:4f8:151:7162::3
2a02:b4a:1:7::9165:1
2a03:2880:f21c:81e5:face:b00c:0:4420
44.230.85.241
0a346e3e18ad325aea9621c2d93f25eec3f87ee241c2d4fda95e0f0d51302e23
20a9b009cd85c0376628e29ea0cd64a58fd5a020b9aa47048c35a49cc065a991
2b7fa9f08757c5b1af8919504b0f909cca5ed8201244dc17e418065fd5f06371
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51967413e7d9710fa726bae1e607083dc64d1b0e7b1fd68a1b23d063fa1f5a86
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
581b3fd9fb8b161393044a483a2f0b6c77f7b7ee32c29cf02b293bffe15c34bb
6191d329fdf6e02429d3b00af1bd1471e2c103efe52548f21614bb6622870bf1
66f951d5d95b5883831ac8222a22f4812535b613bfdfb21f6890571b235665e4
8abacc3192a6e0461cb7b8c4a69f406eddb985b5a047ca89e8e29e606eba6556
9f9aea5cd1507f072a66c994d477444f78dd01a5fd09e0d77ae8545c1e34a456
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b5bdf0987c86d073af47022a7ed25717288cde3dc8b3ef867204a59d674e3ed8
b7b7969c5e34ae5945dfe087dd3152ab7abdb63f3ebd65a76156494fe8006f8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd