rastreamentocorreios.info Open in urlscan Pro
2606:4700:20::681a:2c6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rastreamentocorreios.info/
Effective URL:
https://rastreamentocorreios.info/
Submission: On November 17 via api (November 17th 2023, 1:40:33 am UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 21 domains to perform 123 HTTP transactions. The main IP is 2606:4700:20::681a:2c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is rastreamentocorreios.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2023. Valid for: a year.

This is the only time rastreamentocorreios.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	2606:4700:20:... 2606:4700:20::681a:2c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e0:... 2606:4700:e0::ac40:6114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
11	35.227.207.122 35.227.207.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	104.237.62.212 104.237.62.212	18450 (WEBNX) (WEBNX)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4003:c05::78	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:5e::8	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
123	34

27 2606:4700:20::681a:2c6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

rastreamentocorreios.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e0::ac40:6114 (United States)

ASN13335 (CLOUDFLARENET, US)

player.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.227.207.122 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.207.227.35.bc.googleusercontent.com

pixel.gliacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.237.62.212 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn-gliacloud.urekamedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4003:c05::78 (Tulsa, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:5e::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	rastreamentocorreios.info 2 redirects rastreamentocorreios.info	197 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com — Cisco Umbrella Rank: 301	290 KB
17	gliacloud.com player.gliacloud.com — Cisco Umbrella Rank: 35329 pixel.gliacloud.com — Cisco Umbrella Rank: 31855	200 KB
15	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	204 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	206 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	406 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359	114 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4223 onesignal.com — Cisco Umbrella Rank: 1433	82 KB
3	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 12945	7 KB
3	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r3---sn-4g5e6nss.c.2mdn.net	17 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 25910 ui.cleverwebserver.com — Cisco Umbrella Rank: 26783 call.cleverwebserver.com — Cisco Umbrella Rank: 27405	47 KB
2	ipify.org api.ipify.org — Cisco Umbrella Rank: 3028	444 B
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	160 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	13 KB
1	urekamedia.co cdn-gliacloud.urekamedia.co — Cisco Umbrella Rank: 47023	672 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	91 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
123	21

	Domain	Requested by
27	rastreamentocorreios.info	2 redirects rastreamentocorreios.info static.cloudflareinsights.com
14	pagead2.googlesyndication.com	rastreamentocorreios.info imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
11	pixel.gliacloud.com	rastreamentocorreios.info
7	googleads.g.doubleclick.net	rastreamentocorreios.info pagead2.googlesyndication.com
6	csi.gstatic.com	imasdk.googleapis.com
6	player.gliacloud.com	rastreamentocorreios.info player.gliacloud.com
5	fonts.googleapis.com	player.gliacloud.com
3	cdn.plyr.io	player.gliacloud.com rastreamentocorreios.info
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	imasdk.googleapis.com	player.gliacloud.com imasdk.googleapis.com rastreamentocorreios.info
2	ade.googlesyndication.com	rastreamentocorreios.info
2	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
2	pubads.g.doubleclick.net	imasdk.googleapis.com rastreamentocorreios.info
2	securepubads.g.doubleclick.net	player.gliacloud.com securepubads.g.doubleclick.net
2	api.ipify.org	player.gliacloud.com
2	www.google.de	rastreamentocorreios.info
2	onesignal.com	cdn.onesignal.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googletagmanager.com	player.gliacloud.com www.google-analytics.com
2	cdn.onesignal.com	rastreamentocorreios.info cdn.onesignal.com
2	www.google-analytics.com	rastreamentocorreios.info www.google-analytics.com
1	googleads4.g.doubleclick.net	rastreamentocorreios.info
1	r3---sn-4g5e6nss.c.2mdn.net	rastreamentocorreios.info
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	lh3.googleusercontent.com	rastreamentocorreios.info
1	cdn-gliacloud.urekamedia.co	rastreamentocorreios.info
1	cdnjs.cloudflare.com	player.gliacloud.com
1	s0.2mdn.net	imasdk.googleapis.com
1	call.cleverwebserver.com	rastreamentocorreios.info
1	cdn.jsdelivr.net	player.gliacloud.com
1	ui.cleverwebserver.com	rastreamentocorreios.info
1	www.google.com	rastreamentocorreios.info
1	region1.analytics.google.com	www.googletagmanager.com
1	scripts.cleverwebserver.com	rastreamentocorreios.info
1	static.cloudflareinsights.com	rastreamentocorreios.info
0	sync.search.spotxchange.com Failed	rastreamentocorreios.info
123	38

This site contains links to these domains. Also see Links.

Domain
transparencyreport.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
gliacloud.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-02`	a year	crt.sh
pixel.gliacloud.com GTS CA 1D4	`2023-10-08` - `2024-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
1065237104.rsc.contentproxy9.cz R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://rastreamentocorreios.info/
Frame ID: 31F394D3E2C5D82A3D50E7EF1D88DC11
Requests: 89 HTTP requests in this frame

Frame: https://rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 2F489981F0E1B21FC248F9F8DDB42AAA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 90C2456761802690E06174FAFE517D3A
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 383A1CA0B7B0BE8DDA63B00992CE5524
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 543C0893E3AAEDC02AFBB12123C130E6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 1E99ABC6F187A6FC3DDE10FA2CA0E4FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rastreamento Correios

Page URL History Show full URLs

http://rastreamentocorreios.info/ HTTP 301
https://rastreamentocorreios.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

98 %
HTTPS

85 %
IPv6

21
Domains

38
Subdomains

34
IPs

3
Countries

2735 kB
Transfer

8935 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Frastreamentocorreios.info%2F&hl=pt_BR

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rastreamentocorreios.info/ HTTP 301
https://rastreamentocorreios.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://rastreamentocorreios.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 97

https://gcdn.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A48D99CF8DC670BF5A08C556081C24264CB0E493.7BABCE4FD34CB2C00840E6799F145EDBC71AACEC/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/380F98738D94EB378191FBFCABCBE0FCECBDE117.7FF0E293C8D8094019A01A49802C57202A996D03/key/cms1/cms_redirect/yes/mh/L1/mip/2001:ac8:20:3a00:1011:13eb:7e3d:5c19/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1700184753/mv/m/mvi/3/pl/50/file/file.mp4

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rastreamentocorreios.info/
Redirect Chain

http://rastreamentocorreios.info/
https://rastreamentocorreios.info/

22 KB
7 KB

853ms
829ms

Document
text/html

2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd064f3a3d6415f324a5d0d8ef2d63e2e01e7bc42b6b34ae6b9e5dd174fda460

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: EXPIRED
cf-ray: 827443ed598871bf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 01:40:24 GMT
last-modified: Tue, 14 Nov 2023 14:47:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqMuMdnJ110AXaKr1mrMOcMC0b8NQjGayjWHHrcAcj63ucUPNkkrygGRPJZyG1UT%2F1hy0gb2M0M3OgFeCF9jRS0ka2R0xEKcGew9063eMCSdLJX5oe%2FjKyBRzC4w5PCC2fM6hIIjNy5ElNfd8h%2FKT7D%2FTnf7%2FGs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 827443ed18099013-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 17 Nov 2023 01:40:23 GMT
Expires: Fri, 17 Nov 2023 02:40:23 GMT
Location: https://rastreamentocorreios.info/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOurU7lyGrWdu5C5R69IzNsbGdWCopnf1yfx%2BvW4EOUe1fQ5tA1ZAjo8cWYflZjDnmSd2WkPsCtDQ75mWr9ckLpJ%2B%2BMTTNaDc8RbBrLMUTJi2CCh0YxWyTVgqZRdTKg9Ilo8haRbM4WWzFk0yiA27U6rxjzQrYU%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.css
rastreamentocorreios.info/css/ 157 KB
25 KB 1010ms
1008ms Stylesheet
text/css 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/css/bootstrap.css
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Aug 2020 03:24:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f34b25b-27293"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmdcDWBr9oal1AIfuXmWq2oH6%2B2RdQ5wmUZ7kXCmAq%2Fyu9PdRWPiThjYS%2FJNjygNRhtBAFAR6RDOeUa3F5BbSaAOZeQwOTafecyppkgfZ3HUMmNMmKN%2FJdLQ8%2F6R1sjaxzAJYYBuTwNpfTfX0Tz9DcdSPxCkHRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 827443f61e4d71bf-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 base.css
rastreamentocorreios.info/css/ 9 KB
3 KB 823ms
821ms Stylesheet
text/css 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/css/base.css?1698248986
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4861a025083135cad33d50a56c3fb5a529891e970e72c93373927b88e055e49d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Oct 2023 15:49:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6539391a-2401"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D4IxoNzAOSqsNplQmdYgkiVIgID7OhEGSWmSowBY3e1Cgkaho3sqF%2BqwPXGIgiW8BVXqNpoUsgSXo4ZnIECOY8%2FRTWH7%2F4iOE%2B1v8vUPsmWxbmdeNwvq4CkmFrtG2JUXW%2Bh%2BjE%2BWy5WgIVS8whIQZsd6%2F63Uv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 827443f62e4e71bf-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 2965ms
2941ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9605da04203a4e619f9440f276586fbffd578cf106debe2d2278ec13efdbec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52754
x-xss-protection: 0
server: cafe
etag: 7847110035375157603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:40:28 GMT

GET
H3 200 chevron-circle-right.svg
rastreamentocorreios.info/img/ 490 B
827 B 22ms
20ms Image
image/svg+xml 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/chevron-circle-right.svg
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f0ef73c5ce34218004854d57a15591e0493e073f3f82bcd8cc9c0866dd16344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 22:06:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24277
etag: W/"65417a60-1ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FX26xPD%2F6ZGhkabqMp1ZaKbX2baE%2FqxzP1UhCyPTgApaPcmLNK%2FHrQ%2F2UgF08JqL61zAPzFIQfPZib7sSG7F1gsHQHvZmUQaDAVvoaGYdhFNSZBVDN6K%2Fu1jmwgSBngjDUF%2BJrd8k%2Fq9LtAIUj0KKKYOj8vrjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 827443fc78000404-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo-tiny.png
rastreamentocorreios.info/img/ 3 KB
3 KB 821ms
819ms Image
image/png 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/logo-tiny.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e332dbec9116d0c7f90063eb478e80028c1ebb357af194b9b6a9f1d480b139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
cf-cache-status: MISS
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f395f04-cb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oafHExtOaEe%2B6R3gPqe4CDPK%2BJxSHLvvyU%2FjFQrPAtSV2aoiDFucoi4e3nuO97wJvU0f1H0jjBBN2sD7mEGIkLse1I6KaQGoKi9%2B8D2WSwCHJgWeQhJq%2BumkShKCVGxDXE8QTpBwmXjQCKja8s6%2BjpoUfBQ9BjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443f62e4f71bf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3253
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-bell.png
rastreamentocorreios.info/img/ 836 B
1 KB 807ms
805ms Image
image/png 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/icon-bell.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c51e8e49c0803060cd50f212c3f70bc85ca2e137f9d79c8844635d71b1fa55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
cf-cache-status: MISS
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f395f04-344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmZNb6Aa0ZyB9UNk9sdA3crDDBbhATa1nUhW9ey5RHxzVYoGQfCKgLoBafny2OhWiiUZH5K0YlfmysAViE%2Fdd8s3xsLNY1wP7tOvRliLSN1ufo5oUoycBjHWqtsUF6HQG71jgiA9EMOINICo464XNNruiJbKgYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443f62e5071bf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-free.png
rastreamentocorreios.info/img/ 1 KB
2 KB 805ms
805ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/icon-free.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1b5ebc71a5b5863fe3bafd44c97e512610a2c657c61b16f6a1dc75f1773908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1397
content-disposition: inline; filename="icon-free.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1130
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-575"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQBlY4aHxhPDGxIIonkGT707jVkI%2F12sxSqrcsOBIHY6ARBw8qgyixXAx9i8Jqn43ZQhpHQhx9ZtsMOCEf5oVrxFL9M1LDdPo08bYvFsqGKCDkgTNKi8V9%2Bz1M4qBBGPgsupeaAe7Zwm%2BPlu%2F3l%2FtuPgH7eU5W0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fb2f700404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icon-platform.png
rastreamentocorreios.info/img/ 506 B
1 KB 803ms
803ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/icon-platform.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c3a5a61c3c1588b818cbbfab25cef49737c677e13d287bebbfa0b5e45b5a24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=736
content-disposition: inline; filename="icon-platform.webp"
alt-svc: h3=":443"; ma=86400
content-length: 506
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-2e0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cOSJr2QqHMHIs25lff50hFGTtl5djDua7jNJneRd8EiF%2FSVpvnHgr3MJM422yOanZlTz0LzOgmF%2F2nCD2ZCT3lLbeubhU3LHVMW7E2qpbX5Ob578FhKD1ipvs%2Fx7saluJxhjwKJq4MUY9RUPMoT2lqGVUrzkdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fb4f870404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.js Show response
rastreamentocorreios.info/js/ 87 KB
32 KB 814ms
813ms Script
application/javascript 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/js/jquery.js
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46582e87c27668d65b6c7be67fdea099e1193d59bb1c93ef974a69d37454478f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=89476
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Aug 2020 03:24:13 GMT
server: cloudflare
etag: W/"5f34b25d-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBty0fXQ69l1lsjEfXhe%2FYkGGSP6DLqpPFsaO0JUPA2khpbmrrnucHb9unKVl7QGHe5wbAED9NnnrJO%2Bnh2jnC6n%2BgUUOlyZm0vtLQDtVLVlSbO%2BQP%2BfyBdh3Ga5K3NEL18uOoILPcN90%2BZLO7z71zS3BUGTZnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 827443fc7ff30404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 base.js Show response
rastreamentocorreios.info/js/ 425 B
814 B 807ms
805ms Script
application/javascript 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/js/base.js?1638117895
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b0dca3266e9c8e15ca104b4983a39326fb5c523a132bbdedb461bada0dc5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=555
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 28 Nov 2021 16:44:55 GMT
server: cloudflare
etag: W/"61a3b207-22b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ9vlganeL2ppS3HT6RyO%2BG%2F8skncuFOHtBPPzAAg3rj1wCMghoqSOspSTTBzsGZx0AHDi96AQn5ooBDlLxGRONPyqsMhfNWWt6PxPi%2FC5UORrkLd5C0aBFANF1d0WXHc9loWFvPAumsOrBM89bUMKT2h0DwEcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 827443fc7ff70404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 popper.js Show response
rastreamentocorreios.info/js/ 21 KB
8 KB 815ms
813ms Script
application/javascript 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/js/popper.js
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbc070caf449d82dce9a6fa43a352806d9988f248bcefba8b875cd4ca79f114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=21257
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Aug 2020 03:24:13 GMT
server: cloudflare
etag: W/"5f34b25d-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6LXFTMSX6b2mI4P0Q3jUF4%2BsqpnD2HklFbkp6qvuuVr7hqpl9dpp08TVnYB%2FrcEYxW6q1jvpILsdurSllOd82S8J48PNEboKIl%2BNdjOgnf%2FujQyXdooo6F0ErPPqGJZ8imEtBFJq3LzIQtYE1Zjv3zqf5etGp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 827443fc7ffa0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.js Show response
rastreamentocorreios.info/js/ 59 KB
16 KB 828ms
826ms Script
application/javascript 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/js/bootstrap.js
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d41e81bbb2b67d9076bc23a1ca17df400454c5d01924433781db20a8a3629cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=60174
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Aug 2020 03:24:13 GMT
server: cloudflare
etag: W/"5f34b25d-eb0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJOl47YOcD3jWh5COwQVhB8u9CSdYa1ivBiyABkBj57RJeVPXtM0bkU9L22KTdH49%2BIjesHFYDNfHiu%2BZB1Q5rXpBG%2F8L19Rf7iQS47xxiBH%2B%2Br4QSNBSCQsZGRz%2FQBD4Nmir46YKVkicY7NHCe%2FnYInG7cTxPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 827443fc7ffd0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazy.js Show response
rastreamentocorreios.info/js/ 5 KB
3 KB 826ms
824ms Script
application/javascript 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/js/lazy.js
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de144e4d815368a5756c81d72fcbd7c9ddd12a725bd49df19164ca50cef0675d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5022
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 13 Aug 2020 03:24:13 GMT
server: cloudflare
etag: W/"5f34b25d-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOF4Zc5H1BM4NLj291F4OFPUqUrBPZvfqgwO4gzyokzYvxas4ArEHTEbNQYNNKVvmVb5F5SYEP%2BCLoEQhiD7AJwZrlSlmAuUa4MRvCR19g4GdHD29ASAFFgWKHKh7mn4Cg%2F6A%2FG15OufitOmgKwfo1UbHf0Gw0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 827443fc7ffe0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 23:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6644
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 01:49:41 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 45ms
20ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1880
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 827443fc9ff79118-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 01:40:25 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 55ms
37ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://rastreamentocorreios.info/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 827443fc99ae2be5-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 2992ms
2969ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3d84fb75a93f10da4286fa46fdd75ebc6274a8adf0749834026e8294d866c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52695
x-xss-protection: 0
server: cafe
etag: 1558568930180368879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:40:28 GMT

GET
H2 200 rastreamentocorreios_desktop Show response
player.gliacloud.com/player/ 123 KB
45 KB 446ms
416ms Script
application/javascript 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/player/rastreamentocorreios_desktop
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2ba241edbe2ca4f4500641aff87e4ef2ceb189a7b44a9f0f8bd0e6ec74c62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: Public
date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 16 Nov 2023 23:09:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s0S99gDWX6T4IGjl49cjrP8ydmo47kHh3kGdip4CFYpcMEH5QO8NLwGUgUkDm4UOEJfbiNkh1BleHEjOSUECaaJ4AQpgtpian%2FwF5lfka%2FfPOs0wLw%2FktqMcQTNjqOhnyBlWQZ%2BT3SY9aEPkQqg7jT49w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 2eb1cdd43de5b6cc899dad6a89603d5e
cache-control: public, max-age=900
cf-ray: 827443fcab083a6c-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Nov 2023 01:55:25 GMT

GET
H3 200 bg-map.png
rastreamentocorreios.info/img/ 24 KB
25 KB 812ms
811ms Image
image/png 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/bg-map.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/css/base.css?1698248986
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff0ef0170d8abacade04936c68cd5dc2cc19b6ae671839085ea49802af1717b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/css/base.css?1698248986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 24991
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-619f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQTt3wybrqiuSK8xM8m8GHK%2FKF%2F4Yztoof%2BnLNGflBNTF1VZtP%2FYBHuWK%2FxJwp5Bx5%2B7ZAgNK6602dPtXP9jvyukgHmaF3EIqK1ZpeTtDVMuqpT%2FQlLjB7MljMTAuiJgD45DSSKcKIIXKSh4sSWcH469ssLBgaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc78010404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.png
rastreamentocorreios.info/img/ 5 KB
6 KB 804ms
803ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/logo.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/css/base.css?1698248986
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c434d06b7a4556c8312160c04903c0cbb692578b264d076914143bf86a84a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/css/base.css?1698248986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=6226
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5452
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-1852"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpLE72Cue7ZCAETXshIrH%2FFAGNQ4bxg%2FHaOXqrrkZZjjqhnxRnc34KlUh9JfS1zoGZ6k28E6xbKUS6i9DgnC%2FbA7xVWIWzv6GhDAvBv3F3zOLD3ILu6236hsD6DJEUshAIwZEr9pK6%2BFZG0sUWpmfrE%2BHP2tLjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc78030404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg-newsletter.png
rastreamentocorreios.info/img/ 16 KB
16 KB 803ms
803ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/bg-newsletter.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/css/base.css?1698248986
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb30fac818388c7d7ae9bfd9d49362495d23c304d29350a6b982cc5c8e86fac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/css/base.css?1698248986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=17290
content-disposition: inline; filename="bg-newsletter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16176
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-438a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Lxl3nh6djUoO%2Bvg2jVqlZxTNOhnbbuPak5pieagTcC2KUMEHqOR9wkzJ4bVQQTnUesM5yt%2F%2FfW83K6nnnWOZ2K17YqNYvHIBQfo9DpjqUcWbL0S%2BopzqOWgPieKXcc233YR1tIhmKrpYP67RQD3jIKeS6R%2BgpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc78040404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 normal.woff2
rastreamentocorreios.info/cf-fonts/s/roboto/5.0.11/latin/400/ 15 KB
16 KB 61ms
61ms Font
application/octet-stream 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer: https://rastreamentocorreios.info/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdr5KynEAnGQlR6eqdSYAKgpE6qdoXN0Y68dzG8zvN22KeO98l8a5UwWp3BIZ4zTxfEMaJAGzEtQoa4I0NBkRz5ypyUIbfIff%2BEiNvLSKSwvR5h7YFaAlXCHZbIErwC4Y%2B5LYth80a1pnaZBNQ1Q9MMc1i7lns4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 827443fc78060404-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15744

GET
H3 200 normal.woff2
rastreamentocorreios.info/cf-fonts/s/roboto/5.0.11/latin/700/ 15 KB
16 KB 50ms
50ms Font
application/octet-stream 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/cf-fonts/s/roboto/5.0.11/latin/700/normal.woff2
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer: https://rastreamentocorreios.info/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnswYuGp8lL9GKTR98KIZ8Hte3fsBW7gak60BFXIai7SMtWLSbHPf203co8VUWh7swjVPd4wyFSvXAvqg0tuJxGDI%2F8jaVTDEH454M3v6nFfwJs9otVkZ4rx%2FTo6A1dRlgu2PAAOVZAeQDn33Ln%2FnbFpzr65PdQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 827443fc78080404-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15860

GET
H3 200 icon-newsletter.png
rastreamentocorreios.info/img/ 1 KB
2 KB 803ms
802ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/icon-newsletter.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef60ed48e380decf7ef53214e7f1c05164c4743d268fd1d1c3dcd2b785af099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1446
content-disposition: inline; filename="icon-newsletter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1174
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-5a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhZpglakapIlxWJXSXlHJJYQyHqiJPmxfvxZqyoX%2FN0%2BPlbLoT8hns2gEocgjOwho7nbDvpR%2Fudm0Wif7jw5IJBNrpxukzPU6UPdREATQS3YqESgxU5%2F8440VaKu2P9SNJcwDVDbIvRI9MzLThK7xudF85gcinQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc98190404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-white.png
rastreamentocorreios.info/img/ 4 KB
5 KB 808ms
807ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/logo-white.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ded5ceb981ba9cfe102f1f633fc96eaa68a42ae86ba76a90e5a7d7e7fcecdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=5308
content-disposition: inline; filename="logo-white.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4478
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-14bc"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PcsjvqsF3U1FGdLFGDwfwLVcDkXQx1oZ3M5FJCsA66iMe6rPeBLJae%2BoW7QFJldPhRYw9DseVsyY0uyNqXY2vXPbtTs%2F50fRTKwrI8PIL8H7pSKRTJ2bbTNyKwZU3RqzuFL6JJRf15FxRKl%2FQyiYZz46mXH0xc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc981b0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 img-safe1.png
rastreamentocorreios.info/img/ 1 KB
2 KB 806ms
805ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/img-safe1.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8c146cad19776685827391437241df8f14ca4e56688481dc198f42036c8a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1362
content-disposition: inline; filename="img-safe1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1112
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-552"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv78TEIUCWldSEbqRMJW8koZLE8DaT%2BkJyKHiYKY%2BLt2H9gxejpnNC64wTlV9roqM9z%2B0N%2F4J2spjov9osmXx6RT48NPPKJbw7aUVKK%2BJ8AagzmA%2FcHh%2B0bOP2YCOR8kCsgIjEdszJDq%2BvPMsVzoFqgky%2BTs8Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc981c0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 img-safe2.png
rastreamentocorreios.info/img/ 1 KB
2 KB 804ms
803ms Image
image/webp 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rastreamentocorreios.info/img/img-safe2.png
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff14012dfce26518e8112524d55cd2761c5aa3cc373244564c366db0efb7da39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=1756
content-disposition: inline; filename="img-safe2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1390
cf-bgj: imgq:85,h2pri
last-modified: Sun, 16 Aug 2020 16:29:56 GMT
server: cloudflare
etag: "5f395f04-6dc"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldrb8E2bAAuxu0S9AT0BTnweOTcpBcvYbzsls3vSF4v72F1vhRyoU22pxB2W6s5pxxNCYNZgZuZJHHaXM7L8iSkeWMCK6vPvN3G5aKda03ghmGXggEK0R0JJVgiEcobinWrm%2F2zs8iu8QaMR0UyfVO1rgQTOVG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 827443fc981d0404-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
76 KB 42ms
15ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=170018

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/rastreamentocorreios_desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2eaf4ea8d8081d0d507e79284aa1c698d2c5864dadef7642310969a174081f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77567
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 gc-instream-plyr.js Show response
player.gliacloud.com/p/embed/ 490 KB
140 KB 31ms
30ms Script
application/javascript 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/rastreamentocorreios_desktop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa541b87fac45c9011c61279b08c38adcfd7250d7a6ef5bf2e33dbf4c3737e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76734
cf-polished: origSize=501258
alt-svc: h3=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 04:21:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaN3a0AITCwJZnzdiXWoUMI%2By1DObmkK%2BEC1BYwyRN9a3bPrO0UyJ3Yi4yo3KSzh4TPrOMtPC6jzGSL9CQVjNcxVL78KLW72pCxjpmwFbpFaO1De006QDgGADfFNfrkYe3i5YOAxsSemPLM2lwu8P8LY0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 23c03abf504ea7850f41da5d29cf4d9f
cache-control: public, max-age=86400
cf-ray: 827443ff9c9c3a6c-FRA
expires: Thu, 16 Nov 2023 05:23:31 GMT

GET
H2 200 gc-instream-plyr.css
player.gliacloud.com/p/embed/ 63 KB
10 KB 18ms
17ms Stylesheet
text/css 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.215
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/rastreamentocorreios_desktop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b5f4ea1a857b7b1e211f2ae6cc2913a67201c1566d344536339ff66b249a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69447
cf-polished: origSize=65593
alt-svc: h3=":443"; ma=86400
pragma: Public
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 06:22:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in%2FZdjhqpW7HpMEzCgg%2FxBX7jz4W5%2Bl6fIasYqkxY%2BY7VEe2jH5iVY%2FueuIBFa4xEjbbhICuGPCpeD%2B8%2FRnwiEk8d0y6sFFh0lq1YU9n%2BRr3UkntEJOmnHroZkc21eK%2B0lNy3D7lR4TLxsD%2FusZMjwIyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-cloud-trace-context: 9dd68835a2db4e97cd2f2469d86a2bc4
cache-control: public, max-age=86400
cf-ray: 827443ff9c9a3a6c-FRA
expires: Fri, 17 Nov 2023 05:59:05 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
200 B 302ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=725669089&payload=ea%3Dloader.init%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET partner
sync.search.spotxchange.com/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1002 B 58ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:48:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 119 KB
33 KB 63ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba90288b4328e4f27503fac163d9bc43db970cb64d9fbd3bbc7cd1878411c443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 01:40:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
744 B 59ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 00:40:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 59ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.css?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.gliacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 01:40:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 0fda7cda39198664818ea8074e8810a0.js Show response
scripts.cleverwebserver.com/ 127 KB
46 KB 252ms
217ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/0fda7cda39198664818ea8074e8810a0.js
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca00cd8c6f9dca561bfa6b92f3725082b57b8ea93ca219475129a6add6f8666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
x-amz-version-id: PrN4fhnLQwxCgp7fk0ZOo8bTkT.rgf7o
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 15:52:14 GMT
server: cloudflare
x-amz-request-id: B6FZPS30ZGZAX550
etag: W/"51ffdd4f8175f7c4e68ec83060795517"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 82744401eec89b98-FRA
x-amz-id-2: p0jU7rKGO0VZ4+sl6W4YRU4a99IZ+ygE/qXc05CPh7/+pITrvVTXZwg6CJULWx8QeivrV1rzv78=
expires: Fri, 17 Nov 2023 02:10:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
228 B 15ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=266881444&t=pageview&_s=1&dl=https%3A%2F%2Frastreamentocorreios.info%2F&ul=en-us&de=UTF-8&dt=Rastreamento%20Correios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1191250692&gjid=1816457033&cid=432745707.1700185227&tid=UA-77461539-2&_gid=1142911173.1700185227&_r=1&_slc=1&cd1=online&z=631377238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8adf4849a55eeebbe106badef7ab628ff8abe12fcd4128312948a0ada443ccff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rastreamentocorreios.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rastreamentocorreios.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 27ms
27ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1881
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82744401ca299118-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 Nov 2023 01:40:26 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 278ms
277ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=1902840549&payload=ea%3Dslot.init%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 276ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=318115799&payload=ea%3DcustomScript.beforeLoaderInitDomStart%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 rastreamentocorreios.info%7CCDN Show response
player.gliacloud.com/playlist/ 2 KB
1 KB 179ms
161ms Fetch
application/json 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/playlist/rastreamentocorreios.info%7CCDN
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f4600ee4c063054d9de15df88ea8c358ea87454e728acede864ef9e03011d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: Public
last-modified: Fri, 17 Nov 2023 01:20:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNyAvAM1F1U0QqvVZC9LGfBKuQTCe18rXM0FSI4lp0idrJfKgVLAccCrLUziZMSj0yMRy9vNeDGi1a8n5rGYfum2XrpqaGML2QPEgqFY%2FC4rxvb4UiJxypOXBRy5N92%2FyDW9tktZf5tD1StRO9dvtPZkxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 11a9f0b61abf6b58b27bc3bd1ec57691
cache-control: public, max-age=900
cf-ray: 82744401fc4a0a48-AMS
priority: u=1,i
expires: Fri, 17 Nov 2023 01:55:26 GMT

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 308ms
307ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=876882594&payload=ea%3DcustomScript.beforeLoaderInitDomEnd%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
102 B 277ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=247261452&payload=ea%3Dplayer.init%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3

200

main.js Show response
rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 2F48
Redirect Chain

https://rastreamentocorreios.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

14ms
13ms

Script
application/javascript

2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Server

2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0d3e13fe0074ccb6252008e990416cb101076182a43e9d82819808119051ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV4%2BLUyHsZAWybjN%2B2mhFGWWeT7F4Ahh1DDRmXsK2JpRF5hAvqWwhpzJG7rng6jbrxTSrLAsXXDNcQUf1HbYqtkncXRAl0Makb7VBbHVO5e9Z3RgEKcRriYsfR5fV5AeqfQbE2OfybgCT7miDUkXVfbJzDSP9pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82744402db0d0404-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 17 Nov 2023 01:40:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FWwPj2%2BCrGuGyuo3GwRIftVZGiKToqikeZR8tOQ3BxMoIMK6OWeVah4ksxjrfcNF7Gftm3LEJS0BJrFZnzjAWarAD2C%2B9Jb8OoB0M19vXNRQIIdIFGqEr3eny97LKxtLVZ2T%2FbDRqGl5Y%2FxEfOZw7ycx5p341Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 827444020ab90404-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 146ms
21ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77461539-2&cid=432745707.1700185227&jid=1191250692&gjid=1816457033&_gid=1142911173.1700185227&_u=YEBAAEAAAAAAACAAI~&z=444021346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rastreamentocorreios.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Nov 2023 01:40:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rastreamentocorreios.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MSKQB1KNZ9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07a33e0aba6936efbb4538cfdf2136101ab8d124b6e2aff40d124864cae19cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86098
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/3a7e4402-49dc-4a23-b60a-7fa5f5980276/ 3 KB
2 KB 77ms
68ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3a7e4402-49dc-4a23-b60a-7fa5f5980276/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e53c9c5a1ac42201000b3bfef4ac01450a7ba9424ab6dc9a9bc2d6bdf4d7147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 89a31902-72af-4bd6-ab29-08d9cf855391
x-runtime: 0.038247
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6e53c9c5a1ac42201000b3bfef4ac014"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 827444023a539118-FRA
access-control-allow-headers: SDK-Version
expires: Fri, 17 Nov 2023 02:40:26 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 20ms
20ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1879
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 82744402eec365c4-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 17 Dec 2023 01:40:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 37ms
12ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MSKQB1KNZ9&gtm=45je3b81v9123010741&_p=1700185226566&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=432745707.1700185227&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frastreamentocorreios.info%2F&dt=Rastreamento%20Correios&sid=1700185226&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=online&tfd=3539
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MSKQB1KNZ9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rastreamentocorreios.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MSKQB1KNZ9&cid=432745707.1700185227&gtm=45je3b81v9123010741&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MSKQB1KNZ9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rastreamentocorreios.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 44ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MSKQB1KNZ9&cid=432745707.1700185227&gtm=45je3b81v9123010741&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=921694726

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 44ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77461539-2&cid=432745707.1700185227&jid=1191250692&_u=YEBAAEAAAAAAACAAI~&z=1307969143

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 42ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-77461539-2&cid=432745707.1700185227&jid=1191250692&_u=YEBAAEAAAAAAACAAI~&z=1307969143

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 827443ed598871bf Show response
rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2F48 0
577 B 25ms
25ms XHR
text/plain 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rastreamentocorreios.info/cdn-cgi/challenge-platform/h/g/jsd/r/827443ed598871bf
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUXKfRY6xIc3sHIclTa6jdaI%2B7nwK58k%2FHiyE21F1McaQK%2FFWxcJJpiAMfxQpv6VpBRAn0mzxli4OhGoQhycHNUjnOrw%2FW1t%2FQgCmIu6cF1egRVhAWLDFc%2B613ExlhTkcJkDXqNkWq2775jKmW75hMTr8gYTI%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 82744403cb7a0404-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 483ms
154ms Fetch
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: bb3e6805c49a69e254692f39973f90dafe0e09cdc7684770962a8688c97f8879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 01:40:27 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfdbc59f5343ccf8ad807b4c6d417d15e7fe472dffb2816350394b2e11dc714d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30344
x-xss-protection: 0
server: cafe
etag: 592 / 19678 / 31079744 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:40:26 GMT

GET
H3 200 draggable-icon.svg
player.gliacloud.com/embed/img/ 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player.gliacloud.com/embed/img/draggable-icon.svg
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"fW6j0A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhPWGxmiyqZUVUtTA7qzLoz6qLUB6mn1PQ9RivfK2x0gBerf5zKFL34%2BDWFSbzyX0m2vAnBR3aqn4IErXouUj0lmExtDN%2BFGUYrXWXuo8NtH13zxTOHtfyDB4%2BBbTc4PHAhWcgUnMOExQ47xnGfPwwwz4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 325be93c81559e65a2ca84e910db342a
cache-control: public, max-age=900
cf-ray: 827444040ed98fe2-FRA
priority: u=3,i
expires: Fri, 17 Nov 2023 01:40:43 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
383 B 46ms
37ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3270cda92bdaec9b380b658f675745f0542be3dfb6d5fcf2fc91fca6c866afa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 827444043fe59b98-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 44ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 538326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 20:08:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:37:07 GMT

GET
H2 403 adScriptBlocking.min.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 0
0 63ms
15ms Script
text/plain 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 rastreamentocorreios.info Show response
player.gliacloud.com/violations/ 26 B
580 B 172ms
171ms Fetch
application/json 2606:4700:e0::ac40:6114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.gliacloud.com/violations/rastreamentocorreios.info
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: Public
last-modified: Fri, 17 Nov 2023 01:20:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP1C4pB8XyRHAdfQi1U79S5H9LRMXFNggDO%2BZL4GhM5ARCd8dZ%2FqNsn0ZM8mag1y8pROg5LzsLamQ6e0kiBUUOs0JocuHuSGGnxf4z3Q10Yx6z9BB3BYRGqT6pMkgezzAhDXG2vT8WM7P%2FgDvQrt5iSzbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: d2c98acfec0e8467bd4932a00bc9c26e
cache-control: public, max-age=900
cf-ray: 82744404ceab0a48-AMS
priority: u=1,i
expires: Fri, 17 Nov 2023 01:55:27 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
128 B 42ms
32ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=57495&c=DE&r=HE&l=99&b=Chrome&os=Win10&mob=0&v=1.55.1&ref=aHR0cHM6Ly9yYXN0cmVhbWVudG9jb3JyZWlvcy5pbmZvLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82744405184f9b98-FRA
content-length: 43
content-type: image/gif

GET
H2 200 5791373 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 81ms
39ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5791373?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7eb35dff5f277a5d092fa1bd166ca72b9767f016729ef8a9d39d8e5bd732e6ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U_hbBEb9eFZslVSdQcDThg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-U_hbBEb9eFZslVSdQcDThg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 22 B
222 B 338ms
153ms Fetch
application/json 104.237.62.212
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.212 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: api.ipify.org
Software: nginx/1.25.2 /
Resource Hash: bb3e6805c49a69e254692f39973f90dafe0e09cdc7684770962a8688c97f8879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 01:40:27 GMT
Server: nginx/1.25.2
Connection: keep-alive
Content-Length: 22
Vary: Origin
Content-Type: application/json

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 277ms
277ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?pp=300%2C168.75%2C1300%2C931.25&bp=1600%2C1200&wp=1600%2C3256%2C0%2C0&sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=072065811&payload=ea%3Dwaterfall.fallStart%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 90C2 752 KB
241 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rastreamentocorreios.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 168345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 02:54:42 GMT
expires: Thu, 14 Nov 2024 02:54:42 GMT
last-modified: Wed, 15 Nov 2023 02:49:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:41:35 GMT
x-content-type-options: nosniff
age: 187132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:41:35 GMT

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 119ms
71ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 01:40:27 GMT

GET
H2 200 hls.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.10/ 366 KB
91 KB 32ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.10/hls.min.js

Requested by

Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2f57bd8668c0222e299540b077e8d4f4ada840976122e421bbccd57af420c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 603805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92797
last-modified: Tue, 18 Jul 2023 21:04:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64b6fe72-16a7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqLiQA3RHzZdINydyoaU%2BkSwq5knrfVJv4YDBh3VVvFZ3O%2FjOluswLckVMfqRm7O1p22tyC9k1k45z6QFk94EPP%2FaGsog2x%2F80if1XTnl%2BHVweWG7IHIeKOLWaBBXuK%2BHQh6aBQnjkvt1IFY6WXAaGJw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 827444061ba1695b-FRA
expires: Wed, 06 Nov 2024 01:40:27 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 383A 40 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 17 Nov 2023 02:12:43 GMT

GET
H2 200 AGSKWxVlF1FLTPqJooV-RIfCRqLn0_XqYUcWqjHUycD6TSxEnAwVYifiAJo8E9YbDA2R_e5X3JYgVNmhhUEGOLDNHlo16mFnVKhmyJBsCx1c2J81EYWAi3oK8z-90bYiuyBERe_6OZjetg== Show response
fundingchoicesmessages.google.com/f/ 387 KB
60 KB 105ms
104ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVlF1FLTPqJooV-RIfCRqLn0_XqYUcWqjHUycD6TSxEnAwVYifiAJo8E9YbDA2R_e5X3JYgVNmhhUEGOLDNHlo16mFnVKhmyJBsCx1c2J81EYWAi3oK8z-90bYiuyBERe_6OZjetg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwMTg1MjI3LDIzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yYXN0cmVhbWVudG9jb3JyZWlvcy5pbmZvLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1adcc078122ab1d4e0ce8cd5c9775c9097c89e01abf2efbb59b37b8477f9c90d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4F9e3ADNCy3C_PbI116BpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4F9e3ADNCy3C_PbI116BpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.3/ 6 KB
2 KB 236ms
210ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.3/plyr.svg
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA%2B6dx8FBymlaNvBhBeUkEu9hD6jH2Rfe6kukhCF%2B37E1QZphjIaaMim%2BwR4y5dY3nZwrl00WUJO3%2Bv9GDBBA%2BOOJPE8rhfM3Yjo76kpFK6%2F%2FOB963OR%2FyCvh2Z5%2BOS1lXWln%2BWNCBzL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 82744407aa553829-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.3/ 6 KB
2 KB 604ms
585ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.3/plyr.svg
Requested by: Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-plyr.js?v=0.3.215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn5DpoEvMdcFwp4R7ajOSSUEpGEIzD5kvI8F7QibqP0zeVhFikdrOfYM7QGVKt2%2BWIhP%2FfyRZLhI%2BezGq62TbjY7m5Lmq8JHSDplawHnL7PASctkB6q1gfqVJ8PHjFiksgoaHUzkLQuu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 82744407aa533829-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 276ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=7079100096&payload=ea%3Dplayer.inited%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 277ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=421771851&payload=ea%3Dslot.inited%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 206 blank.mp4
cdn.plyr.io/static/ 2 KB
2 KB 30ms
15ms Media
video/mp4 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/static/blank.mp4
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98

Request headers

Referer: https://rastreamentocorreios.info/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1453027
etag: "08fc2557b6c938f1a251e59b016e90e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOqg8KjK9ewrUCo7TVd99ll19n2s8bzfdpO0UfMLYMPTgziIgV12Bdu16E9Jao4LT98%2FGDuaLAKejmnjU0DachgXoWQbb6q2WgngxoGTVvyMgzdlYUFYmtonzzlkhcWjN6qFM8jBe0BJ"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-1776/1777
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 82744407dac337f1-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1777

GET
H2 206 rastreamentocorreios.info-1697532122.176074.mp4
cdn-gliacloud.urekamedia.co/studio_backend/rastreamentocorreios.info/ 671 KB
672 KB 225ms
86ms Media
video/mp4 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gliacloud.urekamedia.co/studio_backend/rastreamentocorreios.info/rastreamentocorreios.info-1697532122.176074.mp4
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fc544819d28d5b34a7a7c863199575aae540febded5b6f8a70412c885a247ef6

Request headers

Referer: https://rastreamentocorreios.info/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Nov 2023 01:40:27 GMT
x-77-cache: HIT
Content-Range: bytes 0-687314/687315
x-accel-date: 1700137584
Content-Length: 687315
x-77-nzt: ApySIYg3Nzeh1GY4nDc3N/8bugAA
x-accel-expires: @1701174384
x-77-age: 47643
x-cache-lb: MISS
last-modified: Tue, 17 Oct 2023 08:42:08 GMT
server: CDN77-Turbo
etag: "652e48e0-a7cd3"
x-77-nzt-ray: f6587a1d1d080e7d8bc456657fed3925
content-type: video/mp4
access-control-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 01:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 01:40:27 GMT

GET
H2 200 xXfOLWYSpxz3MO4uTddrODaZ2QMXbdq-55hmhf2ObozURhmnJZpgAIH1UXh1YahxtBgTFCkCBeOQh1m5UOx0c5BoBNFW46Cer7yth483yRnkwy7PNATD=h60
lh3.googleusercontent.com/ 13 KB
13 KB 38ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xXfOLWYSpxz3MO4uTddrODaZ2QMXbdq-55hmhf2ObozURhmnJZpgAIH1UXh1YahxtBgTFCkCBeOQh1m5UOx0c5BoBNFW46Cer7yth483yRnkwy7PNATD=h60

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3617f896e8870399a7b2ea1efa597c4e44ea09dfdbc874e5f8433cdc1596d2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:09:53 GMT
x-content-type-options: nosniff
age: 9034
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12804
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Nov 2023 23:09:53 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 90C2 58 KB
14 KB 291ms
248ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22825748039%2C5791373%2Fstudio_admin%2Fdormknight_content_mcm_5_rastreamentocorreios_desktop_1697545418.815396&description_url=https%3A%2F%2Frastreamentocorreios.info%2F&ad_type=video&tfcd=0&npa=0&sz=640x480&gdfp_req=1&unviewed_position_start=1&env=vp&correlator=3881689901835395&ppid=488280f0-84ea-11ee-a4df-2da2ed40ec9c&output=xml_vast4&ad_rule=0&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2814039486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=EB459D3C-0799-4874-BC79-100B21FF16F8&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&url=https%3A%2F%2Frastreamentocorreios.info%2F&dt=1700185227541&cookie_enabled=1&scor=4281789350541537&ged=ve4_td3_tt1_pd3_la3000_er931.1300.1085.1600_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75d2d23b923b1f508e011d509fe84c62929298e64f7e4061170a4d7cf498c118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13399
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rastreamentocorreios.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 558659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:29:28 GMT

POST
H3 204 AGSKWxUl7yeMP-c2SpPdPSagPHTDxeKw5BAkxXCHNYmWS4fnIVkthwGMWYHeUuTZCtEfiBcyx8rhxFEMfC3ZxIZGqXjEB0cqHizwUB_5364bcD5Da-6EBVtF2H1Xfz6p1cuoGZnH-DYnag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
18ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUl7yeMP-c2SpPdPSagPHTDxeKw5BAkxXCHNYmWS4fnIVkthwGMWYHeUuTZCtEfiBcyx8rhxFEMfC3ZxIZGqXjEB0cqHizwUB_5364bcD5Da-6EBVtF2H1Xfz6p1cuoGZnH-DYnag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QcIIsoJIW6urssA9BW6BjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rastreamentocorreios.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-QcIIsoJIW6urssA9BW6BjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rastreamentocorreios.info
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 90C2 0
45 B 356ms
119ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp1ydxff&c=2046703589681&slotId=1023351794840.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 90C2 40 KB
19 KB 120ms
62ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BlL56p2ssivNdDSPccucoFkPz_SNnGr-YuSK-ayIZpAuhr3Lssq5tfYEd3VJd9d1Bap3_xFX2f-FTxJIhTxNAoDaFqbA&cry=1&dbm_d=AKAmf-ApyMnhieKserJSwoyQ7xBAjNPr_f5W2k8okzK3QIHcVXqbShG5MOATqStiJ5tL0GyDP-6WFWKM5IvJ0x-c0J6uBpZqECSg9CtboEHYwACEbrCVbG29Y6m7MlRP4XiXhxlhjHsVoqIdbxDvsfoIz9mGGvfe1QsFKf02dQ0KhSxTQR9Y_v5B7X9qNus7DhjANG4otXUtaw746669qg0eHe5KkuyFvYTDPdFmdxHizpD4PxfwEZ_t6GElCgMdUO2Acs9GXqGke-If5Fj-lHC1zstSVkp9Op4T-7wa4ZchRFmKmcF76W99MgOTqpLFuEgWzEtSi_j-4ld3V-W3xYL-0siP3zRi0CK-BBrZzHjJqN6Ix60A1zS5U0ZQbXSszPrOagLR-68B2mFJNELBEIZmuIiDFUn7iAKOBWtyiDnspUhNpkS-qERoegF1MKZmbU8bQc0t3DkhmIrCkP-VrgpYamCnOrFGpooerN0qZmrfrsSNnjG3NtQTV5DhWmgrCUXzkNPZ31ULzwYqekBLKwbdw7oMtAJzkLBaKbxf00YazJssZw0Fwq8K5DyotCwmY8fb5t0qwftCE81LKtZnRUuIFDyJP5pmHPHM_iFVPisZu2j2Fg4hVnkSfnB2ClF-hZr90WcZdFtkYXOdDchtF4bFpMmq8xwmyhCQUQhLVGhBNOXN1lj38vqRCJ3Mf_fNHj2Ss7v6owiCl8B7_9HLO-LgWSQQpEeIzbJn4B5KRsIvCYzBSIJ-k-FpuMT89N5fF0yTI48wrjdDoNetBzInUME454jjGX9j5M8gJEVWzcXbpX1OT2o8dtMg8xOgx65N43psPm4AaXfQ1oGpc_eve9dWt0QrsCFipYUNn923njyGJ5TKxUQB-zykVjO92lRp0LrIJ47NcKXfLzm7w1m6CrwMSJ79sKsrlDjBDa4AdsvWvIXqjzk5SaoOC5chDhsFMNBF_ZCLXyltKlNLONOH5rzBXXM732KfWiMI5nkCs-2Prv1HTeb12pDOfpTJCdXpmMQ6PpWX0uC56glc0hNoK3chA1U9EAuxVDeQFhcao8GFb72-3h3sMKJ3xYNJwp7oK715Da4EMW1Q7CPHKbNOds7OWPoDnLKzJ6xoG_ZB5d92RM0qhPEy5BQA3QyB26p1oy7KCCSbKxgqavpXAjbipd2SrXhuBjfz9t1amp0xe2dET_1UeZYxxNlWERle0QVpUMXgkR383Q3iY5L5VdAtWCC_RcFM2UOmQ2HWTPCP8lpRRUaAJFmw1If-EUaEny1i4hap2PlwA3BZE5p-YtY0CWh7OJOHJFO1v76MGojbOKS-dgdrnNPARbbh-EL0AFCKg0ilVCYR4SzgTa0r4WJqk1hjdNk7O1A22CpHioYrVgbCXA1iXISxxcu_PoB41KuHd0gmgGdgjOQFkVOLOYEqNoV5na8PS1Fg2gjWTo83BcAK_PZnHhYBfRHjyu9epzw7jj-WJ4a74t2LrINKCnXRjHwon_f1shfgxHDID3R8_Y4TDeo7zcAIGfRYEINRapq3UvrFAjUdkmvn5ouR9MZKDLR3jWDzxTXFBRbqjXCrUPOnNpGeCvV16daC0O-Zcs0O3sXYEmx0_zjI55QHzQmlJVTlsPi7IC9t_is45COhaHy44qCD2mRgI8kolfuinuC8QSMMHY9CWOW9IlzvoW32En3T_dmk8jzBWaKbLuF8Xwelq4K-a4ktatB3NrzuMbbUF__AewgbC1PKMrRcI7UogsI1YIGs0PvIeW6nOlcfsC2JX7MxJ0P0OI_TdUH_DruFYM4ZM1YjSlaFDm803_7O1RdKcBkMzhLeFyk3fovFA7g7-iXX8Rs1tncKe6oGthZfBKsRLEdj6EzR4SmUxwgpXaSQoLbuy-MMvawtam39qQulztvXOL1McvbR7lIdhOhseKWQlejhxcDEB9QzqSfMIK5K_0LO0Bd6zzZfXzuUj6aSKiqVrI7MDsTkarykN_K6L0VWo22Qg0Nrsvd8kEn7gVOk1_e4qy2CwcQX1yxZ0nWCzI9ShtVtzOAy1I_uMbBGQaxHMjTKy0uHslHFjPf59SoJAforWlGW_R9kgHiK2kMDXyRtpxJZbKJxr1aWoxuS3sFMD3nKFgiKGtAvLcl0ftAnrVS-r1CZ3Bt6VpKqeaVS96XgNPqZ886oCjJGHUux0CkeEzH1wP23ApyqHAPJinGtuI8QEYCWpx89DgEXcToDsrXrjqKjwU2D6cNhKWdx4ayqgSbgdy_u-LB4v4uiS7imDaUDX9J4IDktV0C_-sqmzl6PV7ijHgOBHNxPTSBzZx0nSOPHqjmKxYFelPmTrn3Zl1qmR3KTvgHsaL53Lut_6f4HJqpLWpNS-su326urOLRLfQF5ApJ52ZokJqVSjFhc4qe85tKoGzZeuXzWqBaTgAAsce3wmQV03rgrPFnfbBvk6tTSqmP_j-5SUFDhXcZWywEQ7bJX6YUM2c-rumj-1VtW-HfvPscOLwQvrXpTYdihpxAs-tBLHmgg3pR8tuAe5k6h8dX516gD1YT6lJnInpRlnjP1Yl_oUYHgIUgZpxuTFisLWkUJ3vlT8ZyNB8uwVAb0wghfipj5w4e-v1i4mtzlGeABkaO0HVqfk_SabB3h3dwjIqc2-eGD3CJk8SJJOTZ_M7nc4j_yHii9cP-lOtZzVagmM4vaITjMXGY6DvDSEOhK5pvUN9TnTBNX4oOMz3TG8mRwTUREfZmrwFD_HGtmD2AFtTcYGPuyInn5KxqwULTCyenhZi-3Ine7YQFtcZPiMO8Z-Ltz7c8syhW2tVNUty9psHclpBFjZ2lpemDILu0ZK9-TXU2MB8_PWGoTvle87fU1gu3pCwwtVlUGFg9MZCOl272BhV9ijCy1Eqokq0dpy0Ix5D_q4bLPYbhHi2KfkpY8UrUns1Ue7Hi4SKtfBG-vdg-I8--17nU_rXtBPkGFdt7fqS_30fCHAY23u0mhGjumd7oluBQ-vb76ZmQQzLRhjMdZJ8HnqQquEL110o-Xehi4oVSBRGnfEWMjPP__VyGOKvZjBwwXaWJlQS02ruP-KiSGeZf82umcF5yS4zR9gq4Z66wJ8Sb45EFt6QVTd5meM8OOEOlb5KcJr32S5jVt2DFeHRUWu7ZElbZaYGX0f4K-abAAgjNYFb6LeaKCZRQIzviTN1JcHcL-zyCY7UhSGcu-1gCIuL5Cek4DzUWjsRkdChxukHju2aBOlJjtmFR5LDSQmmVMld2kza4_x4YRVlrvEqz18p7iFpDkNU1lZxmKDGTgj2czTTLVRwsrxExqfk3TvOF_J8jZMqQRr3RFDQMD61iXFh_elth_zsYJVO9LQ9u5KPG6ic1mPdRSs-jzwEW1_JMx9kzDeo9i5j0k5k88i48BVHwlLrJAc_c6u2PycGpNfg5wxo2fWyMXnV6nAwrnzzwswAe8kHWF5SqXxWbC1vV3CBjmQHRebrSx04V3yQAyLAExTLAUk865fnbrp5hKsgvckL2GeFwfdJnf9gJAzHv2JkbCO-QmpvCr1pNdD_HBfbdiXhj5M7ohjbYM0p9rUQtK7wKPPaXaVdDWvt6lFOoj83kY7o3FSMDHYBqTRXyRX0fZgzDjvIT0OVYQq3axvQnLVABFWrP7M3kCGaxLZnB8WIxth75ZWfcuC47wu1WuwBtmEW6LT1jSM6UxleS_rT2qnb9nPC8qZ6nag0NGrZOV2q23rhWH3ndkFwHWEDTq-NmSnPo4KKpBAw8G5xLkkSwBhQjxCyTb4IceP__I9rXkaKFZIg57qWqpsA0rjdCxnW9N5CaA_ccG2zqsE0Bgyg7Xmoizrdk5gRvRNnxb8vpevswlFrXfyBJz1i4NkOfxXwI28tILJyOhExCLR6BOqGNwFzclmo1CY5UVnq-igawTnrF-JvUhaYWBy3GNIEcvyUpV59_x3sDtmUqTHcwRuOb_iK1IAgCfWDnJM-c9iQgkC3HylHzO1DnRg9VXysDhnq3JK3YNBPedNdz9pxVAHjpnMZYQ3EJg5fpnFtHEvJ8sFOSLLpySQpfnTrbC6GF340S1NYrPttObT6BbjJrTSKArnNy38q4PLw0c5J8&cid=CAQSYQDICaaNG2pVcM55xAeBe93vQGWQ3dUlCcS0k9NvrWf5ra3lCNFP8QvJhme2u_46deQbGF7Rh4nHsTO8c9JvfimbnClFmwLcswnEwyTuQ5wQePswJYRrgWGyNxK2OXZbGZgYAQ&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&nel=0&psd=%5Bobject%20Object%5D&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=2814039486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=EB459D3C-0799-4874-BC79-100B21FF16F8&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&url=https%3A%2F%2Frastreamentocorreios.info%2F&dt=1700185227852&ged=ve4_td3_tt1_pd3_la3000_er931.1300.1085.1600_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

708d58bcf6091ee5516a65de958458b636e52bc9d22d9d7edae4cf558f2ccaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19088
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 90C2 0
45 B 219ms
119ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp1ydxs4&c=2046703589681&slotId=1023351794840.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 59ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=vl&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 90C2 0
225 B 202ms
118ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp1ydxvy&c=2046703589681&slotId=1023351794840.5&qqid=CIWzrcTzyYIDFRIl4AodQQAEbg&gqid=i8RWZfeEJJLigAfavpHYBg&fb=ima_html5-lima&sdkv=h.3.605.0&mrd=4&aab=1&itv=1&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 48ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=omo&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=oms&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 90C2 453 B
478 B 8ms
7ms Image
image/png 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-6726631800845520

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:07:55 GMT
x-content-type-options: nosniff
age: 1953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:57:55 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 90C2 42 B
443 B 41ms
17ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7kwGi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAcgDE5gEAKoEjgJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWAATHGGztgUv9aCPhAHoYQXtl-YZbLyAy1S_QJaIyfGKBcvfuiFPjyDB-jN3Og190akfxu_8F6zh3CYPigYsZ6FJtE0nABOCh3pXYBOAEA4gF25vqqU2QBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjByazE88mCAxUSJeAKHUEABG6wE8W-vBXIE4X07-MD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&sigh=QKUojX7u4gU&label=show_ad&sdkv=h.3.605.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzEwNzk5NTQyCTIwNDIwNjM2MEB_UjMI2gsQDyUAAKBBKAE6CzUzMDUxNDEwMS0xQgRHREJNUABaEGhNMUF6SmJ0WHVESjFHSzUYAQ..

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 90C2 0
0 46ms
45ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CUklDi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAZgEAKoEiwJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWWAVlBGTXF3lv8qsyOufLRtfH7ir5MJTWypscK4Y4wGioalp_dExXDoJQosVrDeVjxsdDldMdc4W8Mx7EPP3XFznABOCh3pXYBOAEA4gF25vqqU2SBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyByQQ976IAxi1gfz8ASoXEgpzYjp0bHlpNnY5gAEBiAGr7fHq-xHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCMHJrMTzyYIDFRIl4AodQQAEbrATxb68FcgThfTv4wPQEwDYEwqIFAfYFAHQFQGAFwGyFx8KHQgAEhRwdWItNzM3MzM4MDAxMjI1NjYyORillIsB6BcF&sigh=fVwp26MoP4E&cmd=Ch1jYS12aWRlby1wdWItNjcyNjYzMTgwMDg0NTUyMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSYQDICaaNG2pVcM55xAeBe93vQGWQ3dUlCcS0k9NvrWf5ra3lCNFP8QvJhme2u_46deQbGF7Rh4nHsTO8c9JvfimbnClFmwLcswnEwyTuQ5wQePswJYRrgWGyNxK2OXZbGZgYAQ&vt=10&sdkv=h.3.605.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQIKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NzEwNzk5NTQyCTIwNDIwNjM2MEB_UjMI2gsQDyUAAKBBKAE6CzUzMDUxNDEwMS0xQgRHREJNUABaEGhNMUF6SmJ0WHVESjFHSzUYAQ..
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 276ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?pp=300%2C168.75%2C1300%2C931.25&bp=1600%2C1200&wp=1600%2C3256%2C0%2C0&sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=33581566&payload=ea%3Dvideo.begin%26vk%3Dgs-453040-rastreamentocorreios.info%257CCDN-sub0%26vt%3Dcollection%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 166ms
119ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lp1ydx4l&c=2046703589681&slotId=1023351794840.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/acao,ctier,expire,id,ip,ipbits,itag...

2 MB
0

105ms
37ms

Media
video/mp4

2a00:1450:4001:5e::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/380F98738D94EB378191FBFCABCBE0FCECBDE117.7FF0E293C8D8094019A01A49802C57202A996D03/key/cms1/cms_redirect/yes/mh/L1/mip/2001:ac8:20:3a00:1011:13eb:7e3d:5c19/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1700184753/mv/m/mvi/3/pl/50/file/file.mp4

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:5e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 01:40:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Nov 2023 12:36:45 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-4414844/4414845
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4414845
Expires: Fri, 17 Nov 2023 01:40:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/022716e3e81e33aa/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731721227/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/380F98738D94EB378191FBFCABCBE0FCECBDE117.7FF0E293C8D8094019A01A49802C57202A996D03/key/cms1/cms_redirect/yes/mh/L1/mip/2001:ac8:20:3a00:1011:13eb:7e3d:5c19/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1700184753/mv/m/mvi/3/pl/50/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=ss&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=oml&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 90C2 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7kwGi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAcgDE5gEAKoEjgJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWAATHGGztgUv9aCPhAHoYQXtl-YZbLyAy1S_QJaIyfGKBcvfuiFPjyDB-jN3Og190akfxu_8F6zh3CYPigYsZ6FJtE0nABOCh3pXYBOAEA4gF25vqqU2QBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjByazE88mCAxUSJeAKHUEABG6wE8W-vBXIE4X07-MD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&sigh=QKUojX7u4gU&label=video_ad_loaded&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQJaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KigEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcxMDc5OTU0MgkyMDQyMDYzNjBAf1IzCNoLEA8lAACgQSgBOgs1MzA1MTQxMDEtMUIER0RCTVAAWhBoTTFBekpidFh1REoxR0s1Whtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=i&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 90C2 41 KB
16 KB 284ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 15:06:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1792351127&message=ps&sdkv=h.3.605.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90C2 0
234 B 46ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 90C2 0
557 B 106ms
55ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0WGwjO6Pl2LmA5qnB-87a6mjGP6bABUxvwYCAj-3BzBz6uQ1-P96foDjkv4vr38tbaxN3HZsR4g1Y7fphhuZ-AJ0VOBiqq0_UCD96Rqxxu4BXilyqmrP0JpK94XXPl94ztg19ixutVYlgzpw_tYXGTLr1U971yS0Qy7mvZKajRQoGebO30c2he8Z3NwGBIHy_U5uJbUb1ufwACza2xYh5sJ-f28WmVmHcT8RdJ9yBguxKLcvj5NJGIPmZTBlzjyJ9VDx0nA0w4QqvUYqiw4Q3J30PrusKPZCkUqOLG4iousR4_weXjVn4lg5czxamXRKuZ64cBH8ONuxzkV69DaOdukEF35Kom_ZIRDrs5GnKKexC-qp_3WfHf0LwijhoZRjuaCUIvLZy9By71ttHr4cmwPKgnq8FrCjsf3iwn9ypy5VEwpAAI6aufDSdkUYQeQ-q28gXXe_pW-yrFhzNl-JiA5vEw1ZG1qIEWSmJOjkkcCyrfURG8Dll6V204VYUQktYzMF49bpxufhDVt_H78cbdTjWbdN9BmrrYO2BTHq2cR2xgB0l8lDdK4ho2GBHl28zRIyLsd8Qy1VUbIdouCndzuyCkg4_dOIAJhyQfyLcaOY_5GEXbeTTTaNlXjbp4aGeaJCVOhGgEl9odkmdZWC6S7TFZhCgM61kAKNLEkTXlONDLn4jrzdSSHaisNB9-gPnMmXcgAtbAy2FYviBiu771Ug5jD_Vda5ZJhJcZiMlpBQaPEUw8LEXKgWMyqTJpeYtuc8V93xvG201qWmJYpPONsk-hINQjxUgsBKRsJPH_7cfzZd48fYgDdWyF1UjLb8Kefto-h3Ey36QED4_D8OB5UXJrwDstfmBS-wrvJN7JG6ZANXVwH4Tyu6iz9SJ6ZpACsp9BzeHXQQZlcGJHJQsv0ygABQiNtoiZzAACiM1wlx0NWFeXH-X9GXm_Edb67HZlbYLAGYL6HKvSlmIIytBCP9X2eAu9xO_kYYby2Bk93Co6wl7pw7ywtpylbqU1OBMhZuIQv4hJJAcKbzHem53A7fZfELvjk3AbQ62Jhwo4o2SX_9ZFmcwLtJBe9MVS29H17EjebvrjDJW-09JtP_2S4WUHZUZcCQQYqAXsZrr4jQsB5Ivv--hHvTpqz1gV2KKKz0nLMMjCDjRfdS5fhqC-ODpn_QCe4TQQL8CP6ZER_f038EzAM7DN72VDQlo3tAojerZYOVXzXC0SXcACB3St_dP60_iBG8-0ZqjGUpd03r-d3jfHGzQmzX8uKZaXIBbd-aKFXsDoPWLn-0ATSs61o_HLQmSf40j6RyyEoAHLtkCv3qt4wFAOg8sSgTaGcFb5EhxTBRU15ro5CFjuQinvi13APU_RzvQXuuaArmX6fEOWy5suQ&sai=AMfl-YQR9LV1YcQLOyhEa5lJ1HPudrGd6kzEZ-McfRb3bQn7h6r6e8W7n50tqhahedu6PzwQa--jA4JnGBP2MMMAILjTbNJosDrIYq7ZRCKezyqc1kiYUOTEpueNSa7_H8vQtD9rs5ExyGtsbRDDIr4fzHriLBIGTsY0D-RDDP9PX8HZqKx2_MYM_4oVSFGkaqZolfl2uuVsXTpTdAkHo81GEpyFCMQH-TDZFdPPdDqxkn59HobyJU6mgq7q8m_vuF8i2b5hTbgEnmCjKY_H0dg4EaG-NgQ2zyGd2FbF3FseWjrHYSiBvvcm7By7n6H5c_L-a845GrjRsjoOPchKZu4VSIBlv93LRDeHStO0J0I&sig=Cg0ArKJSzBbMjlHs-FjKEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.605.0&adurl=

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 90C2 0
0 35ms
32ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPv9zqgFEOak-s0FGLWB_PwBIAEwAQ&v=APEucNWabhv2hRXT1VuHzLWLKsVL_RSMNQmXyq4fYamY_Mz_g4Opcavx14ucBLuvl4tiqedeUyWE68CBW5FOXG8XNPBVbORhZw
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 90C2 42 B
108 B 33ms
30ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7kwGi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAcgDE5gEAKoEjgJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWAATHGGztgUv9aCPhAHoYQXtl-YZbLyAy1S_QJaIyfGKBcvfuiFPjyDB-jN3Og190akfxu_8F6zh3CYPigYsZ6FJtE0nABOCh3pXYBOAEA4gF25vqqU2QBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjByazE88mCAxUSJeAKHUEABG6wE8W-vBXIE4X07-MD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&sigh=QKUojX7u4gU&label=vast_creativeview&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQJaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcxMDc5OTU0MgkyMDQyMDYzNjBAf1I2CNoLEA8lAACgQSgBOgs1MzA1MTQxMDEtMUIER0RCTUjhAVAAWhBoTTFBekpidFh1REoxR0s1Whtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIwp7AxPPJggMVlFj2CB2RrguPEAAYACCY4q9hOhoI5qT6zQUQ4KHeldgEGIX07-MDIKvt8er7EUITCIWzrcTzyYIDFRIl4AodQQAEbg;dc_rmcid=CAQSYQDICaaNG2pVcM55xAeBe93vQGWQ3dUlCcS0k9NvrWf5ra3lCNFP8QvJhme2u_46deQbGF7...
ade.googlesyndication.com/ddm/activity/ Frame 90C2 42 B
401 B 96ms
45ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwp7AxPPJggMVlFj2CB2RrguPEAAYACCY4q9hOhoI5qT6zQUQ4KHeldgEGIX07-MDIKvt8er7EUITCIWzrcTzyYIDFRIl4AodQQAEbg;dc_rmcid=CAQSYQDICaaNG2pVcM55xAeBe93vQGWQ3dUlCcS0k9NvrWf5ra3lCNFP8QvJhme2u_46deQbGF7Rh4nHsTO8c9JvfimbnClFmwLcswnEwyTuQ5wQePswJYRrgWGyNxK2OXZbGZgYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;ecn1=1;etm1=0;eid1=11;

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 90C2 42 B
108 B 33ms
31ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7kwGi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAcgDE5gEAKoEjgJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWAATHGGztgUv9aCPhAHoYQXtl-YZbLyAy1S_QJaIyfGKBcvfuiFPjyDB-jN3Og190akfxu_8F6zh3CYPigYsZ6FJtE0nABOCh3pXYBOAEA4gF25vqqU2QBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjByazE88mCAxUSJeAKHUEABG6wE8W-vBXIE4X07-MD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&sigh=QKUojX7u4gU&label=part2viewed&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQJaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcxMDc5OTU0MgkyMDQyMDYzNjBAf1I2CNoLEA8lAACgQSgBOgs1MzA1MTQxMDEtMUIER0RCTUjhAVAAWhBoTTFBekpidFh1REoxR0s1Whtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIwp7AxPPJggMVlFj2CB2RrguPEAAYACCY4q9hOhoI5qT6zQUQ4KHeldgEGIX07-MDIKvt8er7EUITCIWzrcTzyYIDFRIl4AodQQAEbg;dc_rmcid=CAQSYQDICaaNG2pVcM55xAeBe93vQGWQ3dUlCcS0k9NvrWf5ra3lCNFP8QvJhme2u_46deQbGF7...
ade.googlesyndication.com/ddm/activity/ Frame 90C2 42 B
107 B 97ms
46ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 90C2 42 B
108 B 33ms
31ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C7kwGi8RWZcXBJZLKgAfBgJDwBvC00450q-3x6vsR3YqI7-sBEAEgiq3FlgFgleKQgqAHoAHGoO-6KsgBBagDAcgDE5gEAKoEjgJP0FoHHk3gUxPBsXaK6UWe2SH3_NNfQd3O6bodD-2cmZoEp3VgAGuubEG6CambnNy3YFCY8TayEKzPxm6y2ngj3yDUEYAXgKEhRz4rDNQK5q6ulw2m4t6FZ9rpTANbvWtq1PRem0voKMVxEl8TvZCXPBDW6aRgisy_D8fBqL4DrxVezFm5GDNz7oNsiGDV9jq0lWp9e8FAmEDA4CKwL8n9b0yHg9Di8YRGzq5GFASoM22GpL6Vi-4FQDWojUxPTDrc-pbFSaq31evWAATHGGztgUv9aCPhAHoYQXtl-YZbLyAy1S_QJaIyfGKBcvfuiFPjyDB-jN3Og190akfxu_8F6zh3CYPigYsZ6FJtE0nABOCh3pXYBOAEA4gF25vqqU2QBgGgBnaAB8bYv5oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjByazE88mCAxUSJeAKHUEABG6wE8W-vBXIE4X07-MD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&sigh=QKUojX7u4gU&label=admute&ad_mt=0&sdkv=h.3.605.0&vci=CmAIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Nzk0NzM1ODAwMzJAqQJaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNTcxMDc5OTU0MgkyMDQyMDYzNjBAf1I2CNoLEA8lAACgQSgBOgs1MzA1MTQxMDEtMUIER0RCTUjhAVAAWhBoTTFBekpidFh1REoxR0s1Whtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..

Requested by

Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 277ms
276ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?pp=300%2C168.75%2C1300%2C931.25&bp=1600%2C1200&wp=1600%2C3256%2C0%2C0&sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=2866992004&payload=ea%3Dad.request%26aui%3D179038%26aup%3Ddormknight_content_mcm_5%26auo%3D0%26aut%3Dgoogle%26ofst%3D-1%7C%7Cea%3Dad.start%26aui%3D179038%26aup%3Ddormknight_content_mcm_5%26auo%3D0%26aut%3Dgoogle%26ofst%3D0
Requested by: Host: rastreamentocorreios.info
URL: https://rastreamentocorreios.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 90C2 0
54 B 119ms
118ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp1ydxw9&c=2046703589681&slotId=1023351794840.5&qqid=CIWzrcTzyYIDFRIl4AodQQAEbg&gqid=i8RWZfeEJJLigAfavpHYBg&fb=ima_html5-lima&sdkv=h.3.605.0&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=6000&br=1498&mt=video%2Fmp4&vs=1920x1080&ua_e=1&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=37&vsrc=web_video_ads&fas=1&met.4=ff.lp1ydy32
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 543C 23 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 337497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 03:55:31 GMT
expires: Tue, 12 Nov 2024 03:55:31 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 543C 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8841836379731193&plah=rastreamentocorreios.info&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7e99d75c54aacb49d2f9715a60a65a3b56b41885c9098e57bf89a2c01015b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137285
x-xss-protection: 0
server: cafe
etag: 11166202024353991920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:40:28 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1E99 9 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rastreamentocorreios.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:19:37 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 17:19:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 543C 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.605.0&bgai=BO1o-i8RWZYKtOJSx2fcPkd2u-AgAAAAAOAHgBAI&bg=!Y2ClYC_NAAZxrfrxUa07ADQBe5WfOK0jfGVqlnf5HTL5slcXddx4W4DgjSd96_wk_xsB6mBzifGD2ebRgtCjd3oEVNzXAgAAAJdSAAAABWgBBwoAJJfwI0JN3L9Cd7Iyr4xwN9vVgFGUi5r2yGuathEKtQqudXoWUZkC2yA7n3N5Jz45mPj2XYkqi6VKDJlHd-b0bEDJwu0Qvn1mc6ppZMV_5E5XajOhDj2nX2ReoCeh3Szk712kpa-a3aDm6SmzRnQ06q6U6Nn5cnGifAHy1W33zpQA68t9iSMnwFYbOUDYIpK65Nex8_mlk6skPy5_l7wmOPLklVdqm1k43ILPR2QhMYnmj1I9D0mmvGEWM2GK8-9yb_S3a9Q_Ycwxc1bm85iKwtrwLrAUpnwwMeuYzATlvt4K_DMidS93QBtHw7AXKXl6mO_F9zpK-cZvtbFgyDuCJgl4bEZE6JseI2ONDzt3CjK12IBZgASJ_wUwZty5b-PVIjSMS3AIbjW859h9TPG92vUlmfaCUgXyTH6mkgedrfENMhSkfyRSGNWUSnk5pP8WbaoiDPRGP_BnCQp1K6KZ9_871iUKopEiFcESlJFxcM7I_8CUHf_c_0Q2pPBex8lqHJtJG9HhT1MAvaUQkgAto2LxWMuR14eXlyFhwC2FNbjrH5WyWpjXPS-gQPMoQqovJGtrtMQ7GPDygoPNcGASXc9rRYTMMKQ4lqJsXbO6MCrYXMLwFsCSp3OETAA0OE35Bw9oa2lB6K09Y5b2Ze3vkctw9Gwl78mTxS12sCthyyXQJ34bKh4kTEliBGjnfeadCmrPpOUDZW6EIDc_K5tZB2Apb1yUSYixo7Ih9okrBEeJLDKUHmXM4Ja3vB62rYuj7V7Karlo1GYd3tEmSLaFEx8XOdodaoRI_viGI2NsT8utAIbsaNC9sTzYKV4_qz978Bx4fSNQS4pCgR39kGwVthdLovARVegbfKNyBj31i8_143g8h1eRW8lnMYHHN6sCZjf17Pk6sJzcg_eKra3zkOZ6RC3ZxqVqWIcffrOaBXjKfj_YZ8VXUgRtcIsrD8mm7fqhAgTyisykdoHPbSph2EfI7LRI1o6q_izb_zTTMu7-OnreyKZLaSxxrCKqbTuSMQT1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
rastreamentocorreios.info/cdn-cgi/ 0
147 B 15ms
15ms XHR
text/plain 2606:4700:20::681a:2c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rastreamentocorreios.info/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2c6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rastreamentocorreios.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Nov 2023 01:40:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://rastreamentocorreios.info
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8274440fc9870404-FRA

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 118ms
118ms Ping
image/gif 2607:f8b0:4003:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lp1ydxxe&c=2046703589681&slotId=1023351794840.5&met.4=hvd_lc.lp1ydxxe~hvd_src.lp1ydxxe&ps=300x169
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4003:c05::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 01:40:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel.gif
pixel.gliacloud.com/glia_player_media2/ 43 B
57 B 268ms
267ms Image
image/gif 35.227.207.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.gliacloud.com/glia_player_media2/pixel.gif?pp=300%2C168.75%2C1300%2C931.25&bp=1600%2C1200&wp=1600%2C3256%2C0%2C0&sid=glia-rastreamentocorreios_desktop&sk=rastreamentocorreios_desktop&si=rastreamentocorreios_desktop&sa=monetizem_rastreamentocorreios&pt=SimplePlayer&ab=0&ta=0&pgu=rastreamentocorreios.info&pv=0.3.215&ul=en-US&cb=217424622&payload=ea%3Dad.viewable%26aui%3D179038%26aup%3Ddormknight_content_mcm_5%26auo%3D0%26aut%3Dgoogle%26ofst%3D0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.207.122 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.207.227.35.bc.googleusercontent.com
Software: nginx/1.23.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rastreamentocorreios.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:40:30 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.23.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rastreamentocorreios.info/	1970-01-21 01:52:25	Name: _ga Value: GA1.2.432745707.1700185227
.rastreamentocorreios.info/	1970-01-20 16:17:51	Name: _gid Value: GA1.2.1142911173.1700185227
.rastreamentocorreios.info/	1970-01-20 16:16:25	Name: _gat Value: 1
.rastreamentocorreios.info/	1970-01-21 01:52:25	Name: _ga_MSKQB1KNZ9 Value: GS1.2.1700185226.1.0.1700185226.60.0.0
.rastreamentocorreios.info/	1970-01-21 01:02:01	Name: cf_clearance Value: JewUaizTzTsUDDwyBoaCQsmbiC2iqUTQmtnDsoN7JDY-1700185226-0-1-3a83c0a2.23ec8e0f.f3786710-0.2.1700185226
rastreamentocorreios.info/	1970-01-21 01:02:01	Name: jiyakeji_uuid Value: 488280f0-84ea-11ee-a4df-2da2ed40ec9c
rastreamentocorreios.info/	1970-01-20 16:59:37	Name: clever-last-tracker-57495 Value: 0
.doubleclick.net/	1970-01-21 01:38:01	Name: IDE Value: AHWqTUlt-sEA4Ya8gOMc7aT3VPdUPYaYxMGQPdhWhE85pkibMjAFie_BmO7tEhKyvjo
.doubleclick.net/	1970-01-20 20:35:37	Name: APC Value: AfxxVi7hYOty4peXC0sBH33XZ-D4h0-5E5oeoWgiFeRe7uVnZWR27Q
.rastreamentocorreios.info/	1970-01-21 01:38:01	Name: __gads Value: ID=b9ecae14324e8277:T=1700185227:RT=1700185227:S=ALNI_MaRr5nwYhq8s2wl0HAvvEjR8ofBAg
.rastreamentocorreios.info/	1970-01-21 01:38:01	Name: __gpi Value: UID=00000cca2dfd515f:T=1700185227:RT=1700185227:S=ALNI_MYOdxBFuJVEsoU5avtfNnbdIrK26A
.onesignal.com/	1970-01-20 16:16:27	Name: __cf_bm Value: mZ41qx7LCU05fbqCo_NOgEZkXylB1M0Kow1ofuFCAwE-1700185228-0-AU7nZS0B2l6+Rct/lO/1b3wp/Ud4+92QIn3sWcpZX4geAb6qRncpmAIjLtyQVvLklQ2+OyDsqscwBZPpHxuGMyw=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.ipify.org
bid.g.doubleclick.net
call.cleverwebserver.com
cdn-gliacloud.urekamedia.co
cdn.jsdelivr.net
cdn.onesignal.com
cdn.plyr.io
cdnjs.cloudflare.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
lh3.googleusercontent.com
onesignal.com
pagead2.googlesyndication.com
pixel.gliacloud.com
player.gliacloud.com
pubads.g.doubleclick.net
r3---sn-4g5e6nss.c.2mdn.net
rastreamentocorreios.info
region1.analytics.google.com
s0.2mdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tpc.googlesyndication.com
ui.cleverwebserver.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
sync.search.spotxchange.com
104.237.62.212
142.250.185.162
142.250.185.98
2001:4860:4802:34::36
2606:4700:20::681a:2c6
2606:4700:21::681b:c358
2606:4700:4400::ac40:919c
2606:4700::6810:3965
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:d63b
2606:4700:e0::ac40:6114
2607:f8b0:4003:c05::78
2a00:1450:4001:5e::8
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:6ea0:c700::17
35.227.207.122
74.125.133.157
03c434d06b7a4556c8312160c04903c0cbb692578b264d076914143bf86a84a8
07a33e0aba6936efbb4538cfdf2136101ab8d124b6e2aff40d124864cae19cd1
0b2ba241edbe2ca4f4500641aff87e4ef2ceb189a7b44a9f0f8bd0e6ec74c62c
0c3a5a61c3c1588b818cbbfab25cef49737c677e13d287bebbfa0b5e45b5a24b
0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1adcc078122ab1d4e0ce8cd5c9775c9097c89e01abf2efbb59b37b8477f9c90d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3270cda92bdaec9b380b658f675745f0542be3dfb6d5fcf2fc91fca6c866afa6
3617f896e8870399a7b2ea1efa597c4e44ea09dfdbc874e5f8433cdc1596d2c5
3f0ef73c5ce34218004854d57a15591e0493e073f3f82bcd8cc9c0866dd16344
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
46582e87c27668d65b6c7be67fdea099e1193d59bb1c93ef974a69d37454478f
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4861a025083135cad33d50a56c3fb5a529891e970e72c93373927b88e055e49d
49b5f4ea1a857b7b1e211f2ae6cc2913a67201c1566d344536339ff66b249a7d
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
53b0dca3266e9c8e15ca104b4983a39326fb5c523a132bbdedb461bada0dc5a6
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58c51e8e49c0803060cd50f212c3f70bc85ca2e137f9d79c8844635d71b1fa55
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268
6a1b5ebc71a5b5863fe3bafd44c97e512610a2c657c61b16f6a1dc75f1773908
6ca00cd8c6f9dca561bfa6b92f3725082b57b8ea93ca219475129a6add6f8666
6d41e81bbb2b67d9076bc23a1ca17df400454c5d01924433781db20a8a3629cb
6e53c9c5a1ac42201000b3bfef4ac01450a7ba9424ab6dc9a9bc2d6bdf4d7147
6f4600ee4c063054d9de15df88ea8c358ea87454e728acede864ef9e03011d67
708d58bcf6091ee5516a65de958458b636e52bc9d22d9d7edae4cf558f2ccaca
75d2d23b923b1f508e011d509fe84c62929298e64f7e4061170a4d7cf498c118
7c8c146cad19776685827391437241df8f14ca4e56688481dc198f42036c8a19
7eb35dff5f277a5d092fa1bd166ca72b9767f016729ef8a9d39d8e5bd732e6ac
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8adf4849a55eeebbe106badef7ab628ff8abe12fcd4128312948a0ada443ccff
8ff0ef0170d8abacade04936c68cd5dc2cc19b6ae671839085ea49802af1717b
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ded5ceb981ba9cfe102f1f633fc96eaa68a42ae86ba76a90e5a7d7e7fcecdbd
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a3d84fb75a93f10da4286fa46fdd75ebc6274a8adf0749834026e8294d866c44
a7e99d75c54aacb49d2f9715a60a65a3b56b41885c9098e57bf89a2c01015b2d
a9e332dbec9116d0c7f90063eb478e80028c1ebb357af194b9b6a9f1d480b139
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa541b87fac45c9011c61279b08c38adcfd7250d7a6ef5bf2e33dbf4c3737e37
acbc070caf449d82dce9a6fa43a352806d9988f248bcefba8b875cd4ca79f114
b9605da04203a4e619f9440f276586fbffd578cf106debe2d2278ec13efdbec4
ba90288b4328e4f27503fac163d9bc43db970cb64d9fbd3bbc7cd1878411c443
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb30fac818388c7d7ae9bfd9d49362495d23c304d29350a6b982cc5c8e86fac1
bb3e6805c49a69e254692f39973f90dafe0e09cdc7684770962a8688c97f8879
bd064f3a3d6415f324a5d0d8ef2d63e2e01e7bc42b6b34ae6b9e5dd174fda460
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
cd2f57bd8668c0222e299540b077e8d4f4ada840976122e421bbccd57af420c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdbc59f5343ccf8ad807b4c6d417d15e7fe472dffb2816350394b2e11dc714d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d3e13fe0074ccb6252008e990416cb101076182a43e9d82819808119051ae6
d2eaf4ea8d8081d0d507e79284aa1c698d2c5864dadef7642310969a174081f2
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de144e4d815368a5756c81d72fcbd7c9ddd12a725bd49df19164ca50cef0675d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fc544819d28d5b34a7a7c863199575aae540febded5b6f8a70412c885a247ef6
fef60ed48e380decf7ef53214e7f1c05164c4743d268fd1d1c3dcd2b785af099
ff14012dfce26518e8112524d55cd2761c5aa3cc373244564c366db0efb7da39

rastreamentocorreios.info Open in urlscan Pro 2606:4700:20::681a:2c6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

85 %IPv6

21 Domains

38 Subdomains

34 IPs

3 Countries

2735 kBTransfer

8935 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rastreamentocorreios.info Open in urlscan Pro
2606:4700:20::681a:2c6 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

85 %
IPv6

21
Domains

38
Subdomains

34
IPs

3
Countries

2735 kB
Transfer

8935 kB
Size

12
Cookies

123 HTTP transactions
0 data transactions