www.rastreamento-correios.sa.com Open in urlscan Pro
172.66.0.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rastreamento-correios.sa.com/
Submission: On December 03 via automatic, source certstream-suspicious (December 3rd 2024, 1:22:00 am UTC) — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 13 HTTP transactions. The main IP is 172.66.0.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rastreamento-correios.sa.com.
TLS certificate: Issued by WE1 on December 3rd 2024. Valid for: 3 months.

This is the only time www.rastreamento-correios.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.66.0.102 172.66.0.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3034::ac43:b2f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
2	142.251.179.94 142.251.179.94	15169 (GOOGLE) (GOOGLE)
2	172.67.178.249 172.67.178.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	9

3 172.66.0.102 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rastreamento-correios.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:b2f9 (United States)

ASN13335 (CLOUDFLARENET, US)

admlony.morecustomers.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.178.249 (United States)

ASN13335 (CLOUDFLARENET, US)

datacenter.morecustomers.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	morecustomers.click admlony.morecustomers.click datacenter.morecustomers.click	612 KB
3	sa.com www.rastreamento-correios.sa.com	25 KB
2	gstatic.com fonts.gstatic.com
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	135 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39
1	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	166 KB
13	6

	Domain	Requested by
3	www.rastreamento-correios.sa.com	www.rastreamento-correios.sa.com
2	datacenter.morecustomers.click
2	fonts.gstatic.com
2	admlony.morecustomers.click	cdn.jsdelivr.net
2	cdn.jsdelivr.net	www.rastreamento-correios.sa.com cdn.jsdelivr.net
1	www.googletagmanager.com	cdn.jsdelivr.net
1	js.stripe.com	cdn.jsdelivr.net
13	7

This site contains no links.

Subject Issuer	Validity	Valid
rastreamento-correios.sa.com WE1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
morecustomers.click WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.rastreamento-correios.sa.com/
Frame ID: 773CD629D5832835CD5B0C712BF875A5
Requests: 15 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=G-RQQQV6KVCB
Frame ID: E083326BCAC48DD58A4709841B58AEE3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fest Delivery

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

9
IPs

1
Countries

938 kB
Transfer

1816 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
www.rastreamento-correios.sa.com/ 4 KB
2 KB 422ms
309ms Document
text/html 172.66.0.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rastreamento-correios.sa.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0ce0849057900490b5de4a61aa327ed9603a4e235f3d9dafa7e940196cbb405

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ebfbe1c7eed21f9-MIA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 01:21:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyG07r3Wrg7WK8Dju1cMOG%2Fak4EFSN0qn0FgRPQSKhrOIw77TltTC8xB5vDw4CLAVvgjmk6YDNnEl6cfPHA9R4OaV77o%2FBp1tc2pzaMq70%2F9UJPT5quQDtbwEzD%2Fdg6vAe%2FmZF%2FOaTD2n%2BjPDY3CfuSX%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 logo.png
www.rastreamento-correios.sa.com/ 21 KB
21 KB 201ms
201ms Image
image/png 172.66.0.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rastreamento-correios.sa.com/logo.png
Requested by: Host: www.rastreamento-correios.sa.com
URL: https://www.rastreamento-correios.sa.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92dc5295fd689f3203621d2df8c3eba487bc1cfa302e262743a7312cfc5f53bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.rastreamento-correios.sa.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "67376b94-52f9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2Lf7axPhdtefjETjRZC0DwkuSBJdUiHIjfeCs37BcvIEiuUk5B7QddvmJJcKonzcTdxFQW1Z3PF%2Fe3jU5H0%2B72aucxA%2FaplD2Ol18KRX2HlTu8sITxrPRYkXbKFje2gK0k3%2BCbLbMw75mI6vLEyUo7o9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ebfbe1e7eee21f9-MIA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 21241
date: Tue, 03 Dec 2024 01:21:55 GMT
content-type: image/png
last-modified: Fri, 15 Nov 2024 15:41:08 GMT
server: cloudflare

GET
H2 200 web.js Show response
cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/ 467 KB
129 KB 192ms
34ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/web.js

Requested by

Host: www.rastreamento-correios.sa.com
URL: https://www.rastreamento-correios.sa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9bc1dc31013db66eb27e3705f73fb6cba6a6f6ef2414c422907257255806274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.rastreamento-correios.sa.com
Referer: https://www.rastreamento-correios.sa.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"74c01-uobEKAiS6eXymNOymdatSeQrbjU"
age: 1159253
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 01:21:55 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220144-FRA, cache-mia-kmia1760084-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 131521
x-jsd-version: 0.3.29

GET
H2 200 v3 Show response
js.stripe.com/ 690 KB
166 KB 196ms
33ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/web.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

74fe0204038008fc63b7f5e2cdc404a8d1d4c6398efa9290486931d2941ad0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.rastreamento-correios.sa.com/

Response headers

x-request-id: 84183849-2cf7-4c5f-9834-c68bfd829376
content-encoding: br
etag: "ef9b31b63c137d83689e6da09b39a6f0"
age: 2
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 03 Dec 2024 01:21:55 GMT
last-modified: Tue, 26 Nov 2024 21:39:54 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-mia-kmia1760090-MIA
x-cache-hits: 2
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 169095
server: Fastly

POST
H2 200 startChat Show response
admlony.morecustomers.click/api/v1/typebots/aprova-dqhnbq4/ 7 KB
3 KB 206ms
204ms Fetch
application/json 2606:4700:3034::ac43:b2f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admlony.morecustomers.click/api/v1/typebots/aprova-dqhnbq4/startChat
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b2f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c0b5b9a6d9c9972fff7baf4100d2f4a4d1360d7a4d1c03dc59c096b515c552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.rastreamento-correios.sa.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hitXkI5qgeTnI6k2sBplG%2BQYL1HklAzfVPWAwN%2FhThTynWIo3dw4ISnqekUkl3S3Cb3lEZA7EHU596SWYd4c3c9jANtEdMmnV2F3c3X%2BAHVvopUPfqZV0mDOaZktfp6CkJ2Nx3YOWJxr4gesNkozxj23WcnH%2Fga6%2FFU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ebfbe22fc6f57ee-IAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=55769&min_rtt=55190&rtt_var=7288&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4669&recv_bytes=2602&delivery_rate=69870&cwnd=35&unsent_bytes=0&cid=b2b6b42489bd9569&ts=337&x=0"
date: Tue, 03 Dec 2024 01:21:55 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 204 startChat
admlony.morecustomers.click/api/v1/typebots/aprova-dqhnbq4/ Frame 0
0 332ms
126ms Preflight 2606:4700:3034::ac43:b2f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admlony.morecustomers.click/api/v1/typebots/aprova-dqhnbq4/startChat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b2f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.rastreamento-correios.sa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ebfbe222b9257ee-IAD
content-length: 0
date: Tue, 03 Dec 2024 01:21:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCSwwHBQCaSlLWuGBK77Z1uOvz2kvk6QbMu0k4dSw%2BIfqJDxmAFO2XBQvK8JhAekW8Lldm7wpnr5o6JbWyB3Ca11O229WVFs9DRfEcXiFgqLacGgqdXWmSrPwy1Q7GveYwOCu4l1pxL9fY9IsbZyKynHIzTkbtZ2dC4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=55527&min_rtt=55190&rtt_var=9073&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3966&recv_bytes=2399&delivery_rate=69870&cwnd=34&unsent_bytes=0&cid=b2b6b42489bd9569&ts=135&x=0"
vary: Access-Control-Request-Headers

GET
H3 200 favicon_correios.png
www.rastreamento-correios.sa.com/img/ 1 KB
2 KB 123ms
123ms Other
image/png 172.66.0.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rastreamento-correios.sa.com/img/favicon_correios.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.0.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d4629caed463cabcc77706333cb9ed3ec9318bdec898c0187ce67cf3645994f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.rastreamento-correios.sa.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: "671e3394-56c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaPQqquEEEuH3rZnHr9kjncUduKJDTLkZ6vVP88OHLyF7bx%2F3L5LT3xaq%2FYdNYMYyzmr%2FHlJJSf1pM8Z4wr2saXuz4DDAMKaVVXiyNbkwOcZ2gwFDqWfS%2FYgqAjkE%2BE9SJyPUT9o6rDyffpH7AWhI2nZZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ebfbe22beef21f9-MIA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1388
date: Tue, 03 Dec 2024 01:21:55 GMT
content-type: image/png
last-modified: Sun, 27 Oct 2024 12:35:32 GMT
server: cloudflare

GET
H3 200 disable-devtool@latest Show response
cdn.jsdelivr.net/npm/ 17 KB
6 KB 72ms
35ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/disable-devtool@latest

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/web.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.rastreamento-correios.sa.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4372-cTTqYs22VcKkI7FmI2XJm6ZFwr0"
age: 8586
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 03 Dec 2024 01:21:55 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230055-FRA, cache-mia-kmia1760043-MIA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6161
x-jsd-version: 0.3.8

GET
H2 200 ns.html
www.googletagmanager.com/ Frame E083 0
0 178ms
65ms Document
text/html 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=G-RQQQV6KVCB

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.3.29/dist/web.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rastreamento-correios.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 01:21:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H3 404 46kF.ttf
fonts.gstatic.com/s/assistant/v8/ 0
0 588ms
528ms Font
text/html 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v8/46kF.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.rastreamento-correios.sa.com
Referer: https://www.rastreamento-correios.sa.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
date: Tue, 03 Dec 2024 01:21:56 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

GET
H3 200 hostAvatar
datacenter.morecustomers.click/typebot/public/workspaces/cm477fxw60001ftway4lj840b/typebots/cm47qtmck000lftwaldqhnbq4/ 24 KB
25 KB 247ms
104ms Image
image/png 172.67.178.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://datacenter.morecustomers.click/typebot/public/workspaces/cm477fxw60001ftway4lj840b/typebots/cm47qtmck000lftwaldqhnbq4/hostAvatar?v=1733188712498

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.249 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d97ed7ba12722f26902a3c772478ecb12dcf9e6f5789180124143d935089b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.rastreamento-correios.sa.com/

Response headers

cf-cache-status: DYNAMIC
etag: "ac68ce2cbd94f3a5fe4c4caad68d2f7c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6yTCZsL4IJ0xTwqmwW%2BvER9Xqzdh5bSBRmVwfZ2yRKx%2Fo46Tcuhljr8tCLfZvEwOpf1ad7%2BbzkbgN5kwYRoOzPlEyqGmag0UHoBy%2FUIPdratEsgRDvCnpLFN3RWR7dZ9cU5eRXLnbBOhhp4shNnHCU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30301&min_rtt=30111&rtt_var=6509&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4500&delivery_rate=19328&cwnd=12000&unsent_bytes=0&cid=83e62b5f5a2177f7&ts=118&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 01:21:56 GMT
content-type: image/png
last-modified: Tue, 03 Dec 2024 01:18:32 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 180D8622E8E38BF3
x-ratelimit-remaining: 2125
accept-ranges: bytes
content-length: 24745
x-xss-protection: 1; mode=block
x-ratelimit-limit: 2125
cf-ray: 8ebfbe255d8274c8-MIA
server: cloudflare

GET
H3 404 46kF.ttf
fonts.gstatic.com/s/assistant/v8/ 0
0 981ms
981ms Font
text/html 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v8/46kF.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.rastreamento-correios.sa.com
Referer: https://www.rastreamento-correios.sa.com/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1584
date: Tue, 03 Dec 2024 01:21:57 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 206 jti9i60gi3jsca2ozlg2r694
datacenter.morecustomers.click/typebot/public/workspaces/cm477fxw60001ftway4lj840b/typebots/cm47qtmck000lftwaldqhnbq4/blocks/ 583 KB
584 KB 204ms
204ms Media
audio/mpeg 172.67.178.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://datacenter.morecustomers.click/typebot/public/workspaces/cm477fxw60001ftway4lj840b/typebots/cm47qtmck000lftwaldqhnbq4/blocks/jti9i60gi3jsca2ozlg2r694?v=1733188675670

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.249 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60447244f646ad82f4ee8401109db7311751bb1c1d6e2c40a546f6cdd565de98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rastreamento-correios.sa.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: DYNAMIC
etag: "e5e8af6597b58d40b0ae465b5772825f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cN6NKcBcqlcAqxRSwm3h153rNB3fMknLVZbdsk8muHKnR9JluIMYawEEeOJAQTZwXxQV52vda3bDla7HdULhcNrF3NbnbdXs4yikedLJpqULfcKfbcMfhdyPzgPoLrcauixzAC%2BSJ%2F8USMiEZT%2BJTNk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31156&min_rtt=29482&rtt_var=2550&sent=36&recv=23&lost=0&retrans=0&sent_bytes=30386&recv_bytes=5452&delivery_rate=184929&cwnd=22800&unsent_bytes=0&cid=83e62b5f5a2177f7&ts=2734&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 01:21:58 GMT
content-type: audio/mpeg
last-modified: Tue, 03 Dec 2024 01:17:55 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-597267/597268
x-amz-request-id: 180D862384BBFECC
x-ratelimit-remaining: 2125
accept-ranges: bytes
cf-ray: 8ebfbe350ded74c8-MIA
Content-Length: 597268
x-xss-protection: 1; mode=block
x-ratelimit-limit: 2125
server: cloudflare

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.rastreamento-correios.sa.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lglabgsvjbiv5r9mfo6vs1f2pd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.gstatic.com/s/assistant/v8/46kF.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fonts.gstatic.com/s/assistant/v8/46kF.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admlony.morecustomers.click
cdn.jsdelivr.net
datacenter.morecustomers.click
fonts.gstatic.com
js.stripe.com
www.googletagmanager.com
www.rastreamento-correios.sa.com
142.251.179.94
151.101.129.229
151.101.64.176
172.66.0.102
172.67.178.249
2606:4700:3034::ac43:b2f9
2607:f8b0:4004:c19::61
2a04:4e42::485
0d4629caed463cabcc77706333cb9ed3ec9318bdec898c0187ce67cf3645994f
11c0b5b9a6d9c9972fff7baf4100d2f4a4d1360d7a4d1c03dc59c096b515c552
30e16711e97574b02dd52c8882c55536dd1e565e3888bb04883f6936e30dbc64
60447244f646ad82f4ee8401109db7311751bb1c1d6e2c40a546f6cdd565de98
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
74fe0204038008fc63b7f5e2cdc404a8d1d4c6398efa9290486931d2941ad0fb
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
8a23f92a25922d13437d67f25ba2269b64080b5ec030f5cba982e0261abbfe04
92dc5295fd689f3203621d2df8c3eba487bc1cfa302e262743a7312cfc5f53bf
a8d97ed7ba12722f26902a3c772478ecb12dcf9e6f5789180124143d935089b9
a9bc1dc31013db66eb27e3705f73fb6cba6a6f6ef2414c422907257255806274
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
e0ce0849057900490b5de4a61aa327ed9603a4e235f3d9dafa7e940196cbb405

www.rastreamento-correios.sa.com Open in urlscan Pro 172.66.0.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

38 %IPv6

6 Domains

7 Subdomains

9 IPs

1 Countries

938 kBTransfer

1816 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

www.rastreamento-correios.sa.com Open in urlscan Pro
172.66.0.102 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

9
IPs

1
Countries

938 kB
Transfer

1816 kB
Size

1
Cookies

13 HTTP transactions
4 data transactions