remboursement.10f6fd0.wcomhost.com Open in urlscan Pro
209.17.116.165 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cp...
Effective URL:
https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cp...
Submission: On June 06 via api (June 6th 2024, 5:52:41 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 209.17.116.165, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is remboursement.10f6fd0.wcomhost.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 14th 2023. Valid for: a year.

This is the only time remboursement.10f6fd0.wcomhost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
22	209.17.116.165 209.17.116.165		19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
23	2

22 209.17.116.165 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)

remboursement.10f6fd0.wcomhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	wcomhost.com remboursement.10f6fd0.wcomhost.com	52 KB
23	1

	Domain	Requested by
22	remboursement.10f6fd0.wcomhost.com	remboursement.10f6fd0.wcomhost.com
23	1

This site contains links to these domains. Also see Links.

Domain
apps2.correios.com.br

Subject Issuer	Validity	Valid
*.wcomhost.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-08-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Frame ID: 5728758F409BFE5DB823926F37E1789F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entrega de encomendas dos Correios

Page URL History Show full URLs

http://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_pr... HTTP 307
https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_pr... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

23
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

52 kB
Transfer

80 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://apps2.correios.com.br/faleconosco/app/cadastro/reclamacao/index.php?codigo=NDY2
Title: Problemas para acessar o Meu Correios?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 HTTP 307
https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request delivery.php Show response
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/
Redirect Chain

http://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0

13 KB
7 KB

708ms
171ms

Document
text/html

209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

58bb83d92cde0e77560283ec1db1f3b18ada71dc3359529501fbe44c76aeab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Jun 2024 17:52:37 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Webcom-Cache-Status: BYPASS
X-XSS-Protection: "1; mode=block"

Redirect headers

Location: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK bunker.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 3 KB
2 KB 115ms
114ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

fd513e37d0b54d0f2a63d39dda8f8b0c552a8f7709dc6dd922724b57b7973e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:06 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"cf0-61a12aee843d6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK menu.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 9 KB
2 KB 228ms
112ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

ac81e1a6c058250569dbcee1dfe9909c386ccbb739f08f9ed88c9211027a65ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:08 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"232a-61a12af06fef6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK global.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 4 KB
2 KB 325ms
110ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/global.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

83e253368f87196b501afb6102ebe1ce5cd3cbee423f8714ce906ec7251f64ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:07 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"e0c-61a12aef64982"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET loginform.css
remboursement.10f6fd0.wcomhost.com/ect/ 0
0

GET
H/1.1 404
Not Found jquery.min.js
remboursement.10f6fd0.wcomhost.com/webjars/jquery/3.4.1/ 0
0 439ms
111ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/webjars/jquery/3.4.1/jquery.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 232
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found jquery-ui.min.js
remboursement.10f6fd0.wcomhost.com/webjars/jquery-ui/1.12.1/ 0
0 443ms
115ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/webjars/jquery-ui/1.12.1/jquery-ui.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 239
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found bootstrap.bundle.min.js
remboursement.10f6fd0.wcomhost.com/webjars/bootstrap/4.3.1/js/ 0
0 452ms
114ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/webjars/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 248
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found head.min.js
remboursement.10f6fd0.wcomhost.com/webjars/headjs/1.0.3/ 0
0 450ms
111ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/webjars/headjs/1.0.3/head.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 230
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found cas.js
remboursement.10f6fd0.wcomhost.com/js/ 0
0 554ms
112ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/js/cas.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 207
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found bunker.js
remboursement.10f6fd0.wcomhost.com/ect/js/ 0
0 551ms
110ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/ect/js/bunker.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 214
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found alertaerro.js
remboursement.10f6fd0.wcomhost.com/ect/js/ 0
0 557ms
113ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/ect/js/alertaerro.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 218
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found menu.js
remboursement.10f6fd0.wcomhost.com/ect/js/ 0
0 555ms
111ms Script
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/ect/js/menu.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 212
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK menu.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 9 KB
2 KB 210ms
112ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css?2

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

ac81e1a6c058250569dbcee1dfe9909c386ccbb739f08f9ed88c9211027a65ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:08 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"232a-61a12af06fef6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK footer.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 974 B
1 KB 209ms
112ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/footer.css?2

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

f6f9478d8a02d071b8498616213f361c2d50af9c697b7e2b82037a6689a0ac08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:06 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
ETag: "3ce-61a12aee92a5c"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK forms.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 4 KB
2 KB 219ms
114ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/forms.css?2

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

7cd3d75fa77a22c70e7b35e8de7d7d4a59f0c1b97dbf17c432317cef82cd4330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:07 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"11dc-61a12aef5443c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK botoes.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 7 KB
2 KB 221ms
110ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/botoes.css?2

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

05b96152b939f39751ca1504ed7eef7f570b6c73f83e74c63cdefbfb4dc86bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:05 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"1c5a-61a12aedb8dcc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK alerta.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 774 B
1 KB 323ms
112ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/alerta.css?2

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

fee7f2f020ed34cd722cc7c5c9057f1f822fcd03c74c39dc473c691145976fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:05 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
ETag: "306-61a12aeda78e3"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 774
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK tabelas-bunker.css
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 1011 B
978 B 327ms
116ms Stylesheet
text/css 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/tabelas-bunker.css

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

d110a463ad7d3aa255fd0c061ae2ba00ccf695a7cd6b80411c7ce9bbbc973a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/bunker.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:09 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
ETag: W/"3f3-61a12af138a18"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK menu.svg
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 198 B
668 B 114ms
113ms Image
image/svg+xml 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.svg

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

bf480c9d86f40a5370657c54b1c2314ee60612cc0800a707a06f5004d3daa798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:09 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
ETag: "c6-61a12af12073f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 198
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK logo-ect.svg
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 14 KB
14 KB 112ms
112ms Image
image/svg+xml 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/logo-ect.svg

Requested by

Host: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

3d4d1248538a874e2851f95f66d6f8af1520adb4da3d31dbdbdb4bcb6336e7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/menu.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:08 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
ETag: "37d5-61a12af050325"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14293
X-XSS-Protection: "1; mode=block"

GET
H/1.1 404
Not Found favi-ect.png
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 268 B
636 B 112ms
112ms Other
text/html 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/favi-ect.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

39454bd9bf7c0798cc38e19281a9998769ad9e660d92c5e1db5437e8ec236059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: openresty/1.25.3.1
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Content-Length: 268
X-XSS-Protection: "1; mode=block"

GET
H/1.1 200
OK logo-ect.svg
remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/ 14 KB
14 KB 114ms
114ms Other
image/svg+xml 209.17.116.165
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/logo-ect.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.17.116.165 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

Software

openresty/1.25.3.1 /

Resource Hash

3d4d1248538a874e2851f95f66d6f8af1520adb4da3d31dbdbdb4bcb6336e7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 17:52:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Jun 2024 16:10:08 GMT
Server: openresty/1.25.3.1
X-Webcom-Cache-Status: BYPASS
ETag: "37d5-61a12af050325"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14293
X-XSS-Protection: "1; mode=block"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: remboursement.10f6fd0.wcomhost.com
URL: https://remboursement.10f6fd0.wcomhost.com/ect/loginform.css

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to apply style from 'https://remboursement.10f6fd0.wcomhost.com/ect/loginform.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/webjars/jquery/3.4.1/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/webjars/jquery/3.4.1/jquery.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/webjars/jquery-ui/1.12.1/jquery-ui.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/webjars/jquery-ui/1.12.1/jquery-ui.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/webjars/headjs/1.0.3/head.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/webjars/bootstrap/4.3.1/js/bootstrap.bundle.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/webjars/bootstrap/4.3.1/js/bootstrap.bundle.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/webjars/headjs/1.0.3/head.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/ect/js/bunker.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/js/cas.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/js/cas.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/ect/js/bunker.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/ect/js/menu.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/ect/js/alertaerro.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/ect/js/alertaerro.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/delivery.php?mc_phishing_protection_id=28396-cpgu647s2tutjda06dq0 Message: Refused to execute script from 'https://remboursement.10f6fd0.wcomhost.com/ect/js/menu.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://remboursement.10f6fd0.wcomhost.com/correios-com-br/5ff0e56e99e26345474c037403b25965/II/files/favi-ect.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	"1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

remboursement.10f6fd0.wcomhost.com
remboursement.10f6fd0.wcomhost.com
209.17.116.165
05b96152b939f39751ca1504ed7eef7f570b6c73f83e74c63cdefbfb4dc86bd2
39454bd9bf7c0798cc38e19281a9998769ad9e660d92c5e1db5437e8ec236059
3d4d1248538a874e2851f95f66d6f8af1520adb4da3d31dbdbdb4bcb6336e7b3
58bb83d92cde0e77560283ec1db1f3b18ada71dc3359529501fbe44c76aeab1e
7cd3d75fa77a22c70e7b35e8de7d7d4a59f0c1b97dbf17c432317cef82cd4330
83e253368f87196b501afb6102ebe1ce5cd3cbee423f8714ce906ec7251f64ce
ac81e1a6c058250569dbcee1dfe9909c386ccbb739f08f9ed88c9211027a65ea
bf480c9d86f40a5370657c54b1c2314ee60612cc0800a707a06f5004d3daa798
d110a463ad7d3aa255fd0c061ae2ba00ccf695a7cd6b80411c7ce9bbbc973a88
f6f9478d8a02d071b8498616213f361c2d50af9c697b7e2b82037a6689a0ac08
fd513e37d0b54d0f2a63d39dda8f8b0c552a8f7709dc6dd922724b57b7973e70
fee7f2f020ed34cd722cc7c5c9057f1f822fcd03c74c39dc473c691145976fae

remboursement.10f6fd0.wcomhost.com Open in urlscan Pro 209.17.116.165 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

52 kBTransfer

80 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

18 Console Messages

Security Headers

Indicators

remboursement.10f6fd0.wcomhost.com Open in urlscan Pro
209.17.116.165 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

52 kB
Transfer

80 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions