urlscan.io logo urlscan.io
SecurityTrails logo

fusca.retornar.com.br Open in urlscan Pro
54.230.228.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fusca.retornar.com.br/
Effective URL: https://fusca.retornar.com.br/
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 137 HTTP transactions. The main IP is 54.230.228.83, located in United States and belongs to AMAZON-02, US. The main domain is fusca.retornar.com.br.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 30th 2023. Valid for: a year.
This is the only time fusca.retornar.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.230.228.83 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
52 18.66.192.118 16509 (AMAZON-02)
4 3.5.13.162 14618 (AMAZON-AES)
4 104.18.70.113 13335 (CLOUDFLAR...)
8 52.200.209.38 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 52.21.39.18 14618 (AMAZON-AES)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 146.75.120.157 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 151.101.65.44 54113 (FASTLY)
7 2.21.20.4 20940 (AKAMAI-ASN1)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.3 13414 (TWITTER)
1 3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.35 15169 (GOOGLE)
1 35.237.183.236 15169 (GOOGLE)
1 151.101.129.44 54113 (FASTLY)
3 151.101.0.84 54113 (FASTLY)
1 23.53.11.239 20940 (AKAMAI-ASN1)
1 157.240.0.6 32934 (FACEBOOK)
10 2a03:2880:f17... 32934 (FACEBOOK)
3 104.16.51.111 13335 (CLOUDFLAR...)
1 151.101.128.84 54113 (FASTLY)
4 141.226.228.48 200478 (TABOOLA-AS)
137 30
1    54.230.228.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-83.muc50.r.cloudfront.net
fusca.retornar.com.br
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
52    18.66.192.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-118.muc50.r.cloudfront.net
cdn.retornar.com.br
4    3.5.13.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com
s3.amazonaws.com
4    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
8    52.200.209.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-209-38.compute-1.amazonaws.com
178041.tracking.hyros.com
178041.t.hyros.com
4    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    52.21.39.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-39-18.compute-1.amazonaws.com
api.retornar.com.br
2    2a02:26f0:3500:88d::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
7    2.21.20.4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-4.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net
www.google.de
1    35.237.183.236 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 236.183.237.35.bc.googleusercontent.com
api.reclameaqui.com.br
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
3    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    23.53.11.239 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-11-239.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
10    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
retornar.zendesk.com
1    151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
61 retornar.com.br
fusca.retornar.com.br
cdn.retornar.com.br
api.retornar.com.br
5 MB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
8 KB
8 hyros.com
178041.tracking.hyros.com
178041.t.hyros.com
96 KB
7 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
146 KB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 844
psb.taboola.com — Cisco Umbrella Rank: 6802
trc.taboola.com — Cisco Umbrella Rank: 711
trc-events.taboola.com — Cisco Umbrella Rank: 2315
24 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 913
5 KB
4 gstatic.com
fonts.gstatic.com
141 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
426 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2404
ekr.zdassets.com — Cisco Umbrella Rank: 2905
153 KB
4 amazonaws.com
s3.amazonaws.com
16 KB
3 zendesk.com
retornar.zendesk.com
1 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
14 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
75 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8088
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
303 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
420 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1130
22 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
3 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 6624
822 B
1 reclameaqui.com.br
api.reclameaqui.com.br — Cisco Umbrella Rank: 136886
343 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 986
725 B
1 t.co
t.co — Cisco Umbrella Rank: 726
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 905
15 KB
137 24
Domain Requested by
52 cdn.retornar.com.br fusca.retornar.com.br
cdn.retornar.com.br
10 www.facebook.com fusca.retornar.com.br
8 api.retornar.com.br cdn.retornar.com.br
analytics.tiktok.com
7 analytics.tiktok.com fusca.retornar.com.br
analytics.tiktok.com
178041.tracking.hyros.com
7 178041.t.hyros.com fusca.retornar.com.br
analytics.tiktok.com
4 trc-events.taboola.com analytics.tiktok.com
4 ct.pinterest.com s.pinimg.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagmanager.com fusca.retornar.com.br
www.googletagmanager.com
4 s3.amazonaws.com fusca.retornar.com.br
s3.amazonaws.com
3 retornar.zendesk.com static.zdassets.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
fusca.retornar.com.br
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 static.zdassets.com fusca.retornar.com.br
static.zdassets.com
2 www.google.de fusca.retornar.com.br
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com 1 redirects www.googletagmanager.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 fonts.googleapis.com fusca.retornar.com.br
s3.amazonaws.com
1 analytics.pangle-ads.com analytics.tiktok.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 ekr.zdassets.com static.zdassets.com
1 api.reclameaqui.com.br s3.amazonaws.com
1 region1.google-analytics.com fusca.retornar.com.br
1 analytics.twitter.com fusca.retornar.com.br
1 t.co fusca.retornar.com.br
1 cdn.taboola.com fusca.retornar.com.br
1 static.ads-twitter.com www.googletagmanager.com
1 178041.tracking.hyros.com fusca.retornar.com.br
1 fusca.retornar.com.br
137 31
Subject Issuer Validity Valid
retornar.com.br
Amazon RSA 2048 M01		 2023-08-30 -
2024-09-27		 a year crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
zdassets.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
tracking.hyros.com
Amazon RSA 2048 M03		 2024-03-02 -
2025-03-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-29 -
2024-06-27		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
t.hyros.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-20		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.de
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
api.reclameaqui.com.br
ZeroSSL RSA Domain Secure Site CA		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2023-08-10 -
2024-09-09		 a year crt.sh
retornar.zendesk.com
Cloudflare Inc ECC CA-3		 2024-01-09 -
2024-12-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://fusca.retornar.com.br/
Frame ID: 843804C24FDDE871E528B20F46D5E14F
Requests: 124 HTTP requests in this frame

Frame: https://cdn.retornar.com.br/retornar-bundle/n/fb/fb.html?pixelId=651162479235387&eventName=PageView&eventSourceUrl=https://fusca.retornar.com.br/&eventId=FBR3125288051718823638978
Frame ID: BD7830F742A2586484F51FFD52765BE8
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Frame ID: E1B40CFB8F8B8C711C8E25A927380BC9
Requests: 4 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F3DE1094F9F3FCC088F16E88B93626D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sorteio de um VW Fusca Itamar Turbo a partir de R$50 reais. Acesse o site e saiba como concorrer.

Page URL History Show full URLs

  1. http://fusca.retornar.com.br/ HTTP 307
    https://fusca.retornar.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

137
Requests

99 %
HTTPS

31 %
IPv6

24
Domains

31
Subdomains

30
IPs

6
Countries

6647 kB
Transfer

9505 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fusca.retornar.com.br/ HTTP 307
    https://fusca.retornar.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-B66YHTHE35&gtm=45je46h0v9100960621z8843710862za200zb843710862&_p=1718823638977&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1618012722.1718823639&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718823639&sct=1&seg=0&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&dt=Sorteio%20de%20um%20VW%20Fusca%20Itamar%20Turbo%20a%20partir%20de%20R%2450%20reais.%20Acesse%20o%20site%20e%20saiba%20como%20concorrer.&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=634&_z=fetch HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1618012722.1718823639&dbk=12334512230141139105&dma=1&dma_cps=sypham&en=page_view&gtm=45je46h0v9100960621z8843710862za200zb843710862&npa=1&tid=G-B66YHTHE35&dl=https%3A%2F%2Ffusca.retornar.com.br%3F

137 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fusca.retornar.com.br/
Redirect Chain
  • http://fusca.retornar.com.br/
  • https://fusca.retornar.com.br/
87 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-83.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a8100eed155404363a07adfbae4f00b2602e96e7cc072ceac79db6306267ca

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
61971
content-length
89214
content-type
text/html
date
Wed, 19 Jun 2024 01:47:48 GMT
etag
"c150a4a439fb122fce5fa006718e1ab2"
last-modified
Tue, 18 Jun 2024 19:36:24 GMT
server
AmazonS3
via
1.1 fdac4411ecb7b0a694eea0076a271eb2.cloudfront.net (CloudFront)
x-amz-cf-id
uM-XN8E2bIq3-mmIz2BPmQo8e0NQypweheMZ1l3Rux2Lse2N46Cmhw==
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Location
https://fusca.retornar.com.br/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e88bb1cfda02c4a768b9674e58f462aa0954e4290ca3fc703a2b0d8de4385a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 19:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 18:36:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 19:00:38 GMT
bundle.min.css
cdn.retornar.com.br/retornar-bundle/n/css/ 		173 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/css/bundle.min.css?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8cc185214399c9b7fa337b91d3f2650edbb0dc71a234cf5e637bb573acf567c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AzcyLJObQyTW2FXL.L6GrL.awlFHo8CU
content-encoding
gzip
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 19:00:38 GMT
last-modified
Wed, 03 Jan 2024 13:45:50 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3268
x-amz-server-side-encryption
AES256
etag
W/"27636585e7dfe9810a9f6b722d7052ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
iawGaGhfNyuJyc9GVa2D9B87_RFxkZLr1IESoTsjxwOTpveVDBkwOg==
base-lps-v3.min.css
cdn.retornar.com.br/retornar-bundle/n/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/css/base-lps-v3.min.css?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9590f98c6fe288202f7343cacde8aa6286cbcba928e164d04a74620ccd2f0ee8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
PjwwIh0VlFhpMHDPa5.E7GgNvQ6bzYwN
content-encoding
gzip
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 19:00:38 GMT
last-modified
Mon, 17 Jun 2024 17:10:44 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3268
x-amz-server-side-encryption
AES256
etag
W/"3683dd2547ff96334f92a0bcbc1fcd8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
unK5kJe8gJEGbTAWIAm-3Pf_nTmXGlWrxhsiBVxNt89YoN2dlSg84Q==
blank-pixel.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		110 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/blank-pixel.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
KuCretNToZrDIvj2PzQa4H9KZWV1.YIL
date
Wed, 19 Jun 2024 19:00:38 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2024 17:01:44 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42677
x-amz-server-side-encryption
AES256
etag
"e51232cf9fc8dd7b4756cbe34f3be9cc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
110
x-amz-cf-id
9IWMzRSnjkPWgyAgt_HaoM60IrxA_bDt3kvIYZj-A7BOhifz_nMTbQ==
boomerang-poster.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/boomerang-poster.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
251df3355e2bdb7ea5a6cd2c02484064520022c69ed17689c447d099a5dbd67e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NO66RMrH.mJMhzkfUOpeel9W9_NyPXf4
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jun 2024 12:01:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"085c1e178956e1846e5ceb864a37d751"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
26927
x-amz-cf-id
Pr9i5bxWRfJo0qiIZ3cprF_Uaeft0cI48a4TDV3_t8LiCrlZLcr7Eg==
banner-titulo-lps.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/banner-titulo-lps.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
430af193d04b3cc7436bedeb8c2c6325f06bc5dac795dbdf31bfecc1aa1642b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
juFEjP5SXTbN0DdZHbk0qiysLjXxn9fC
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:03 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"9cb78e74540324b5cb155002b91bfbc2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
45059
x-amz-cf-id
eqj850HD6tjzjbOJThrbABGFtgAQtssy8Vg2aY6vdjKxMpiNGsZ6Dg==
american-express.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/american-express.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2098e88aa1d736cecf16854501baa250fcdc2e1d40e62ea6e327b1ce3a00c57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0DT8xmgxPlLQujmbagRF8u0H0mV9s2A9
date
Wed, 19 Jun 2024 11:42:42 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
26278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3241
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"97878bba6d2682a71801af749c5c20c1"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
ZLOsT192rALI_8kwR6gQj8FSmk7mGqu8YeDsM2fLf9Og3oXBaWldbQ==
diners-club.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/diners-club.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a9d4fb1b5df4cbeb11f5fc09209d1d1fdcfd3e6026ba41f686b1590d9b6ef86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NQ_qXw6MomTk5WdMaP4KTjmIFGt5Nqzt
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
18634
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1696
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"d65a3dfca59bd50811fa76219be45372"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
44j3MSa6x3y26lR7NWp3gRqb1W7iFYLYFnwxnHmDv79j0OJiZLEs2w==
elo.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/elo.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bd27a5d7a54aea6b958557b21e84cb34db1a4cf2655fbd51394e32230f0bbad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dg38SuUygtvTPjL9R9LdFKusE53N3wAW
date
Wed, 19 Jun 2024 12:18:03 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
24157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2747
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"56f3d2b116a9e38f6e08cfbf0c932c10"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
iAVaGbVZN5Flu-NOi1axZSPM3PTv6VKG2QN_3DkdSf6kV0ne45-cHA==
hipercard.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/hipercard.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32306ecf6373a98d417d33b7029b0acd79cc6be0961f1ecd92826c1f18cb580e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Dukk16S9RQ2ije.eXAlT9CCsEDy3vCB5
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
47433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2970
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"2cd2b3eb544ba19a025e29be40ff5c21"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
TYrOQJtReA5fjgjYlEhPX88GxlynMlgzQAfjy4FLfWMuYuZiVbg2vg==
master-card.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/master-card.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bca252936fdd6f34df600a9b1fda47dc5e60945a6c315f0bc48c04943cc35567

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DTT0aVWXMYb_W2.8O_KYcugQBo71JRpT
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
30788
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1310
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"08f38546cde176753539501f43385930"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
JvAHOehVkPF2Nb0BRGw58o426UOYd59k6SFt3I94ebYX1ox1nk01Bw==
visa.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/visa.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
beca2da726b344f7381072113c1eb2e97941a379c4d195b85481bcf4f9a20204

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dpNsfNXZrufxB1Ar.rVdCzHl0bNtp8QK
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
48259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2138
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"b80a65859d30c7cad43f98a0f527aa03"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
3a89sGHjeFQB2ibfA9pSr_u2w36IVO3uK8uNIe4ORPTzoWC80S0Nhg==
boleto.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/boleto.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53455320768cc6332f9e28a92577840ddef65d93be15dd70691efe68a7e2361a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
KlFJZwS8CimekyOKBsvqpi19fSIvKIRY
date
Wed, 19 Jun 2024 12:18:03 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
24157
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1270
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"460079b5a7009b3b8ad77dd2d57ff8cf"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
JLtyKkcT9fIL2G3-7Y2Vo6PzXd3oiBduMYae9bhVrEo4coIqkonKfw==
pix.png
cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/forma-pagamento/pix.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6eab9b643be1aaaaf6d64ddc2d90b3d40cd7d739898a50ab75394b971f5fc871

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dZ_v2v5RK2ulzLdqwxx6P1Ld.31epXAM
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
26278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2335
last-modified
Tue, 23 May 2023 12:42:58 GMT
server
AmazonS3
etag
"225e28d7eec6256776b258362187bd60"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
mYD9h-ryfcK1Nn-WQWpFnxDdi7YEpW3lLex0XzcxMMm5EQkjRHUd_A==
bundle.js
s3.amazonaws.com/raichu-beta/ra-verified/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
3.5.13.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c7250badf67ad81b6fc4806091cd5bb16f158bebd473cc209a7f8f1b4efb34e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 19:00:40 GMT
Last-Modified
Fri, 12 Apr 2024 18:38:13 GMT
Server
AmazonS3
x-amz-request-id
QNKH3R7ZT0FD0GG4
ETag
"69d3da0b89ffa0a671145739eda9397b"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4284
x-amz-id-2
nsX/i6cFiu75TvWY3Uv/hfJgkiRmw6HrjtpqJWNVJOyb0cQ2ElPRdFgtcfCEzjP7PhNVLviLuwOVcj7loM9f20cn0P0NI296ZZ2D9YSrjGg=
jquery-3.6.1.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/jquery-3.6.1.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:15 GMT
x-amz-version-id
wNY1m.95KudC.2Nfbe40r0Q43Hgip_xB
content-encoding
gzip
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"8f1950538c6051b90dae76087bc65424"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
age
84564
x-amz-cf-id
VmVL-uTjCt1kc-sCNk6-Rhrm_wQcJV8gRIK7O_MSJf0shL6KLrEo4Q==
jquery.easing.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/jquery.easing.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:16 GMT
x-amz-version-id
ePJ.Z7A361pPc78ey6YwEpiz6n1bUTuo
content-encoding
gzip
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"e2d41e5c8fed838d9014fea53d45ce75"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
age
84563
x-amz-cf-id
vyUIreFF3_1TZurEkZFJoq14XNR2oz5EXT6AaqC_H5OwXbh43bmONA==
bootstrap.bundle.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/bootstrap.bundle.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04a94ecfbb60c6eeddd6ca4557ebd00a4925d64b7c2dbbe9f47bd60f244f1657

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:16 GMT
x-amz-version-id
FUtVoCKZRbSujs15gEn0GBT3hybKLbQb
content-encoding
gzip
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"b3aad835d6110059415f955f1f8e0cc2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
age
84563
x-amz-cf-id
EUAq9D0iXYp62CmdlbVSAWxrFu8E-a9qZugfBbWEanNZDepO3hg_uw==
jquery.countdown.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/jquery.countdown.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:16 GMT
x-amz-version-id
Cc7xNIDcSD5aET1VsR19rmH0bRpm9aET
content-encoding
gzip
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"76a923d3d69255c45cd24bf9b100244f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
age
84562
x-amz-cf-id
vl6KVD5ZJrfTPdEU7tuNc7oYXH0KIQLO824Ae1tYmVFc_no8n9TMGA==
slick.min.js
cdn.retornar.com.br/retornar-bundle/n/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/slick/slick.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rrMedyqVZTtvhGsWx6kyQI5JztSAR2nF
content-encoding
gzip
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 12:40:06 GMT
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
22834
x-amz-server-side-encryption
AES256
etag
W/"d5a61c749e44e47159af8a6579dda121"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
x-amz-cf-id
WmB8NYDVo6D92izpy189HMfZuQzOJinCBjg1jqVAkJ65rA-L1LllLA==
instituto-news.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/instituto-news.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2a3f40444d8a8af7b9dca5a89035fd13b8783eb63a8dd4f93ff5da723088087

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:18 GMT
x-amz-version-id
rnT.KMhFgOyh.J8ucQiL2.mYgWfIQp_A
content-encoding
gzip
last-modified
Tue, 28 May 2024 18:26:32 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"6ab0e7414be2f57377f7495df70205ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
84561
x-amz-cf-id
wUPct__F1XmwZdpmA6U8wu-WZ12UDZaQbMXYcYKYPLKgsTC-fx40EA==
base-lps-v3.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/base-lps-v3.min.js?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc003c8617bbd88cdfde4516b93c9877acea136cf94e186bf427cb6b96a857f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:18 GMT
x-amz-version-id
uJo5M8rv9k4MCSP8w42Kp3zEkIsGeFUj
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 19:26:27 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"fd58c3ffe30cd1d5f6158c500278231e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
84561
x-amz-cf-id
01ww790z2gry40wAOKnRfgYwe9oNYqlC0bbPa-flDDRi0Zn81QRTKw==
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=ba34e599-3ee2-4d7e-bb95-a6e045b3399d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WENPZ0DZ5H16VF0R
age
40
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
8YCrUnMNiomVaHD/WrlIUYQJklvemKLFz5eTWpoWx04TLGaxSIwn4f0XqogmkEq5pIgQJXg7MZqkK+uAGszrZz+mMkNR2Ruw
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uf5jNlaqLRlsMmFEpSWH9quLyBxWkxjCqJrYsd839dE9GCxuRHyNFDKvMvjNSUSLjBldqsHYGp8AwnxOHp%2Fi6lV%2B9w7Pt2YegnOixpEZFqAd2o5BnSyQhz93dDMNA1LrShtOnB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8965c35ffaf6913d-FRA
access-control-allow-headers
*
base.min.css
cdn.retornar.com.br/retornar-bundle/n/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/css/base.min.css?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e4e83267c28b3f86997ff3ca3103563034480ed144b4e1ae34cea747b4f72de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WKQAwp_1Sp.MVege1LAwXjgNd9TXKTjw
content-encoding
gzip
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 19:00:39 GMT
last-modified
Wed, 28 Feb 2024 12:22:22 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3269
x-amz-server-side-encryption
AES256
etag
W/"c238f9fbf80dcfca9ac48eff05239ab7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
bjHOSaUtZPLRm13KhNVlXieA7Nal46vm3dJ6-DtfbztpH3kFt_o2CA==
base.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/base.min.js?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fdbb87e614f4ed62707f86be0e5049f72c3219b5fc1f04662b46aee3eeb54ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:19 GMT
x-amz-version-id
plASopI9tVFv23BH9HvJWLJSVR3BZnWo
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 19:26:25 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"1260d8f5d5954628c98d8714a50b9b2d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
84560
x-amz-cf-id
L98j8xw8UDNA2MNEWupVjd-w1zLow7L37_CvQ8lYcWOHJYziKLlAhQ==
base-videos.min.css
cdn.retornar.com.br/retornar-bundle/n/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/css/base-videos.min.css?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7de830f64441d1184d80c3683978dcc17e99b8fedddf1d6faf2d92295e088db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FTQm4OwZDNZdrRyrPS4K8dusN9IrlP0r
content-encoding
gzip
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 18:06:11 GMT
last-modified
Wed, 29 May 2024 16:37:26 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3268
x-amz-server-side-encryption
AES256
etag
W/"956ce6946149549c9475d3d02ad751c7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
yJ1TRsdfx78akjdXdm5vVvJWfWImRSwijtMj2GUButbGGeO-9NhmRw==
base-videos-v2.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/base-videos-v2.min.js?11093334fad88459df5f6f7b06cf417d
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
baafc10c2374d075e8ee471e352046afe6252c4ccbc1e282ff7c5c990577edcc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:20 GMT
x-amz-version-id
fU7m9p2LMeFCqKVVwo_SQJdIoElEBfEk
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 19:26:29 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"df3dca16e7e04d360a10fb671fdaf1b0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
84560
x-amz-cf-id
X5rnuqjpVPY5I1FD5Zx54QfH-fFkIELV25gwlZPxnagUS0AN86I2Rg==
vanilla-masker.min.js
cdn.retornar.com.br/retornar-bundle/n/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/js/vanilla-masker.min.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c934b865ce536309066804ccbed7e58b23f1d001431268b6e7e18557fa5c379

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:31:20 GMT
x-amz-version-id
1jQy6dzZnKrfc3VVYrtItiNh5SEbGOUW
content-encoding
gzip
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/"85f1ff9da5fd424a330058998a8c6161"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
0
age
84560
x-amz-cf-id
9tIc7ouA4Jb30XFBI0tkojGFPkX_fQLhbuzrSmyardaHYOW44jPHJw==
universal-script
178041.tracking.hyros.com/v1/lst/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://178041.tracking.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!tracking
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
fe3e6c972a43b82d2dc8dae699baab631745ecba8d5ae1af272b84e2547ff3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/javascript;charset=ISO-8859-1
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
48208
gtm.js
www.googletagmanager.com/ 		670 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a41d512d7230d94b7d8985980eaa123b8495be759e51a2d2f4556330b5e4f458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130881
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jun 2024 19:00:39 GMT
fb.html
cdn.retornar.com.br/retornar-bundle/n/fb/ Frame BD78 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/fb/fb.html?pixelId=651162479235387&eventName=PageView&eventSourceUrl=https://fusca.retornar.com.br/&eventId=FBR3125288051718823638978
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
790b37cc6b14cd708d0ded4c7f558d58e7bd12c9e58c1ec8fbc95f83e8e94649

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fusca.retornar.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
22834
content-encoding
gzip
content-type
text/html
date
Wed, 19 Jun 2024 12:40:06 GMT
etag
W/"c87a2d1838cb20f75b518613b4eaf8af"
last-modified
Thu, 09 May 2024 12:54:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-id
3CGa-rDnj0_fwr-itcsSVLs_rZ8CBBLldSQp7ehFB9WyFiKsbLMsbw==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
SjZdBUd8CosttSBvEeCiwcPbDxj0DZQn
x-cache
Hit from cloudfront
bg-video-v2.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/bg-video-v2.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ab17767cf4ad1e7c5c5f3f7db06a0de1c1e9d44846081cac2a2955fb7667f8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6BXkH60EAKXE7CrY.qpRKT52XEc89U96
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:05 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"c9ecb354c8df9e1e5c187205fd1a0f60"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
185660
x-amz-cf-id
doKv-6ElKAp3Xhf5AC7cIjDhW4WjHgTSdO7hYEsIfhIAAOgEZOV4uQ==
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://fusca.retornar.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:44:19 GMT
x-content-type-options
nosniff
age
101780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:44:19 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://fusca.retornar.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:58:32 GMT
x-content-type-options
nosniff
age
100927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:58:32 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://fusca.retornar.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:33 GMT
x-content-type-options
nosniff
age
101526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:33 GMT
blank.mp4
cdn.retornar.com.br/retornar-bundle/n/media/ 		104 KB
105 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/media/blank.mp4
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8ee296e08ba9b91c984e8b121e59d42b76ee91c6f787743fd29b7bc2acf2a3e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://fusca.retornar.com.br/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
b2nkvFS3494Rw67OYLXsVSHOyaQ98tg.
date
Wed, 19 Jun 2024 11:42:44 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
26276
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-106558/106559
Content-Length
106559
last-modified
Tue, 23 May 2023 12:43:00 GMT
server
AmazonS3
etag
"905b4e5ec0849fb5f0cca36d492c086f"
vary
Accept-Encoding
content-type
video/mp4
cache-control
0
accept-ranges
bytes
x-amz-cf-id
oJ3XHjzT3PzCciFykHZh3mBAtZqHfoxmnMou_hXQS1me8FVL_jgsLg==
boomerang.mp4
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		415 KB
416 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/boomerang.mp4
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb75fe2d5623f4a1edc1b11f0997852230ddcf68f4b3560d45016016d86e8ed0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://fusca.retornar.com.br/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YK6LkUIb45GDIG_qC_7FehCJmbJgXJ1p
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jun 2024 12:01:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"c2b040d876930843113e3c57421a3172"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-425226/425227
accept-ranges
bytes
x-amz-cf-id
veyLrFSBn9GiwNZ7eDlTn7EbysG6XwMuSQRQzhSa5GgmdE94PNgo1A==
Content-Length
425227
/
api.retornar.com.br/v3/LandingPages/Events/Parcial/ Frame BD78 		188 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/Events/Parcial/?pixelId=651162479235387&eventName=PageView&eventSourceUrl=https://fusca.retornar.com.br/|FB&eventId=FBR3125288051718823638978&idLoja=5f578a32b94c93252b33f980
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/fb/fb.html?pixelId=651162479235387&eventName=PageView&eventSourceUrl=https://fusca.retornar.com.br/&eventId=FBR3125288051718823638978
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
afc0c621b6bb7bf7c543e6beee4288f58d6a697299859c83ce661526cc60db8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://cdn.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
server
Kestrel
api-supported-versions
3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
/
api.retornar.com.br/v3/LandingPages/Events/Parcial/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/Events/Parcial/?pixelId=651162479235387&eventName=PageView&eventSourceUrl=https://fusca.retornar.com.br/|FB&eventId=FBR3125288051718823638978&idLoja=5f578a32b94c93252b33f980
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Kestrel
js
www.googletagmanager.com/gtag/ 		311 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7783030627b2465fdef735fab467bfa7d4206398dabb744508dfd1a3519cebd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105943
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 19:00:39 GMT
js
www.googletagmanager.com/gtag/ 		311 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B66YHTHE35&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55c2a99ca3720501ce0e025fdb0274f5a61b652cd29bd0e993ef73ea48fd4b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106141
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 19:00:39 GMT
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1878
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
j32VaoB6lBBZhtmiHg1fdYfoN+zd7ypMvD5HDYs8BjWe50qWgircFFp5zazfD7QNo2iJV11qYBxHX1FISgR1bQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-634789081&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d07fc7aa2628c0dfa41a104c17384405161e87fbf24e1644f45f8e4f44d38989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92194
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jun 2024 19:00:39 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220026-FRA
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 19 Jun 2024 19:00:39 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8DEC272C836945F2A1530892340A9AE8 Ref B: DUS30EDGE0410 Ref C: 2024-06-19T19:00:39Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
universal-script
178041.t.hyros.com/v1/lst/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!clicked&ref_url=https://fusca.retornar.com.br/
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
a2c0c8bf220e819ea78758e7236e6f2f153076f0e3d5d1cacc1de5e1e11388f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/javascript;charset=ISO-8859-1
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
48207
tfa.js
cdn.taboola.com/libtrc/unip/1251017/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
327f7aca074dc56f73eb3d534b4d42f4d58ef3474e728ded19380a71840d6a65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
DyX8CpsTavZwtL.qeUZRwWY.lhkuEupV
content-encoding
gzip
via
1.1 varnish
date
Wed, 19 Jun 2024 19:00:39 GMT
x-amz-request-id
CDQKY2JF6D4VTE47
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21856
x-amz-id-2
uJUecBdgbJZv6D0GI79hC/dWY3kW56pbkxKRXuXhzIzV+mISGi38z6GqLSPT7uId79Tw1P+5HhE=
x-served-by
cache-fra-etou8220087-FRA
last-modified
Sun, 16 Jun 2024 11:06:06 GMT
server
AmazonS3
x-timer
S1718823639.275343,VS0,VE103
etag
"748cf558bd42c16358a7afc16f515ecd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8IK5A8394AVM200AV6G&lib=ttq
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
eaaaeaa47e5ad1802c0665fc30ca7b4dda81cd3edbea85038fbf29d1eb2bc5a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
19238d5b
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240619190039C7242EB7555D0D23996F-72E0153431669499-00
x-cache
TCP_MISS from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=3, origin; dur=114
content-length
2048
pragma
no-cache
server
nginx
x-tt-logid
20240619190039C7242EB7555D0D23996F
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
115,23.51.23.68
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7542b5db59e0f6d5c4ec8d3000c133cc3be4f2e9343314b82b946dacb68a6f7264bdd71f6f529429682d220560cab36466a0625f4fd7b90ff5cc26d4024dfaaacab745176996c9a809c7a163c67aadf35
expires
Wed, 19 Jun 2024 19:00:39 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLS28JC77UCCRP9D3FG&lib=ttq
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f932786e474a37cdbe1d31563d7c2172de5895dddd5297203deee75db760c98a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3a80a6e8.19238d5c
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061919003994870FBC69A0FA272923-156FC1E9FB3B5EDC-00
x-cache
TCP_MISS from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
97,23.51.23.68
server-timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=8, inner; dur=4
pragma
no-cache
server
nginx
x-tt-logid
2024061919003994870FBC69A0FA272923
x-cache-remote
TCP_MISS from a23-52-15-48.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.52.15.48
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7354dd48aa7c9892af73820e18eecddc8070d121d950ba687902342abcd43ab46f175c1589200ab934f725a6eed47b476abdb3581808460d685cbdc6da7cc9937d8ebba816e955e6f57e9e6354c58273b06eb6e397a921490ac4332e84e74830a
expires
Wed, 19 Jun 2024 19:00:39 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9e853e23-9c88-4110-9301-fa9258f8f2eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7fb83be2-ce2e-4dee-a4d3-3a9c10a23ba7&tw_document_href=https%3A%2F%2Ffusca.retornar.com.br%2F&tw_iframe_status=0&txn_id=og5rj&type=javascript&version=2.3.30
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
109
date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
ae34f0ce687eb94a
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
5ab88f4d5b2bd1110252f8f84f8b9cf67fa8e3d26fdfb08edaed8fe2857e3e73
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9e853e23-9c88-4110-9301-fa9258f8f2eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=7fb83be2-ce2e-4dee-a4d3-3a9c10a23ba7&tw_document_href=https%3A%2F%2Ffusca.retornar.com.br%2F&tw_iframe_status=0&txn_id=og5rj&type=javascript&version=2.3.30
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
102
date
Wed, 19 Jun 2024 19:00:38 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
81445f8f453147eb
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
f52c1d055b6653c0f5b7cee8cbd2be1dd328f297376a4b6ba7ef27c513636e1f
content-length
43
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-B66YHTHE35&gtm=45je46h0v9100960621z8843710862za200zb843710862&_p=1718823638977&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ci...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1618012722.1718823639&dbk=12334512230141139105&dma=1&dma_cps=sypham&en=page_view&gtm=45je46h0v9100960621z8843710862...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1618012722.1718823639&dbk=12334512230141139105&dma=1&dma_cps=sypham&en=page_view&gtm=45je46h0v9100960621z8843710862za200zb843710862&npa=1&tid=G-B66YHTHE35&dl=https%3A%2F%2Ffusca.retornar.com.br%3F
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fusca.retornar.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x1b85a5cdf9e38da5","source_keys":["1"]},{"key_piece":"0x8903dcd6ba3db30c","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"12334512230141139105","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["634789081","649356312"],"5":["06-19","06-18","06-17"]}}
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1618012722.1718823639&dbk=12334512230141139105&dma=1&dma_cps=sypham&en=page_view&gtm=45je46h0v9100960621z8843710862za200zb843710862&npa=1&tid=G-B66YHTHE35&dl=https%3A%2F%2Ffusca.retornar.com.br%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
511
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B66YHTHE35&cid=1618012722.1718823639&gtm=45je46h0v9100960621z8843710862za200zb843710862&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B66YHTHE35&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fusca.retornar.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B66YHTHE35&cid=1618012722.1718823639&gtm=45je46h0v9100960621z8843710862za200zb843710862&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1373166252
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
733356084703493
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/733356084703493?v=2.9.158&r=stable&domain=fusca.retornar.com.br&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91c2f3fa88fc1392534d047d3c5c4fbaa7480e2584f4388303fa6d0e3433c0d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=64, mss=1297, tbw=63561, tp=-1, tpl=-1, uplat=230, ullat=0
pragma
public
x-fb-debug
KF/dajgy8GFkmi4H9A1nEIpi3ajQ70MTFlihdLO2MkDBFLZ9yn+zLfMPPB/bJgQirLcxlowc1sY5iMcVNe92Uw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJ98H6EZX&gtm=45je46h0v874262382z8843710862za200zb843710862&_p=1718823638977&em=tv.1~em.ceXQZv0OYMcJAJulcx15sxADYniibyLtrahkR4LcJCM&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1618012722.1718823639&ecid=31727574&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1718823639&sct=1&seg=0&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&dt=Sorteio%20de%20um%20VW%20Fusca%20Itamar%20Turbo%20a%20partir%20de%20R%2450%20reais.%20Acesse%20o%20site%20e%20saiba%20como%20concorrer.&en=page_view&_fv=1&_ss=1&tfd=673&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fusca.retornar.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WFJ98H6EZX&cid=1618012722.1718823639&gtm=45je46h0v874262382z8843710862za200zb843710862&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fusca.retornar.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WFJ98H6EZX&cid=1618012722.1718823639&gtm=45je46h0v874262382z8843710862za200zb843710862&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=918184998
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bmNZcDVYc3RURW5Kak9VczpyZXRvcm5hci10ZWNub2xvZ2lh
api.reclameaqui.com.br/embed-raverified/hash/ 		123 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.reclameaqui.com.br/embed-raverified/hash/bmNZcDVYc3RURW5Kak9VczpyZXRvcm5hci10ZWNub2xvZ2lh
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.237.183.236 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.183.237.35.bc.googleusercontent.com
Software
/
Resource Hash
673e215879e60195a0c9058d11234049c30771c7d501cf7c331d3101ee451ea9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

via
kong/3.4.0
x-kong-proxy-latency
1
vary
Origin
content-type
application/json
access-control-allow-origin
https://fusca.retornar.com.br
x-kong-upstream-latency
1
access-control-expose-headers
Content-Disposition,Set-Cookie
access-control-allow-credentials
true
content-length
123
ba34e599-3ee2-4d7e-bb95-a6e045b3399d
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/ba34e599-3ee2-4d7e-bb95-a6e045b3399d
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba34e599-3ee2-4d7e-bb95-a6e045b3399d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80c8241b5b3859492ab9341c5179b627b72ab0bbd0eb6090db9e7cbb60cdcb9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
895bcc04ef0c1d60-SEA, 895bcc04ef0c1d60-SEA
x-runtime
0.004722
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e80c8241b5b3859492ab9341c5179b62"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rd8P0oh2pkfM8tCB9S6URZ4P%2F5vTGQitf8juaP5q9CnAFimm%2BaNTEOLJ%2Brlg4BWj3bTxxMn5bXOuWtpHLM5AeHg6fTvGDfQr5eJJRClDA2YirmQeSg7mjeb%2BDLG3etoz3EU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8965c3628c814d88-FRA
187097484.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187097484.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 19 Jun 2024 19:00:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 13CB03F0EFF2433FAFA59A0787D47D15 Ref B: DUS30EDGE0410 Ref C: 2024-06-19T19:00:39Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187097484&tm=gtm002&Ver=2&mid=208a79f6-d42d-40cd-ba7b-ecd832ba81a0&sid=381556202e6e11efa3efbf58cd45b71c&vid=38153c902e6e11efb715874bf0c4ee1d&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Sorteio%20de%20um%20VW%20Fusca%20Itamar%20Turbo%20a%20partir%20de%20R%2450%20reais.%20Acesse%20o%20site%20e%20saiba%20como%20concorrer.&p=https%3A%2F%2Ffusca.retornar.com.br%2F&r=&lt=690&evt=pageLoad&sv=1&rn=473117
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 19:00:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A74F2E3FDE81498388B835A2E2732469 Ref B: DUS30EDGE0410 Ref C: 2024-06-19T19:00:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.retornar.com.br/v3/LandingPages/FluxoCliente/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/FluxoCliente/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
server
Kestrel
/
api.retornar.com.br/v3/LandingPages/FluxoCliente/ 		707 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/FluxoCliente/
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/js/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
1337a79aac095a219b364c42afbfc46c9b0a6714fda1a0a0603797c7d1a8d986

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fusca.retornar.com.br/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
server
Kestrel
api-supported-versions
3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
loader.gif
cdn.retornar.com.br/retornar-bundle/n/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/loader.gif
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/css/bundle.min.css?11093334fad88459df5f6f7b06cf417d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
487c02228fe37d5d149b2c9f2f6dfbdd6ad0192db74f9931d56746750ae3c473

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.retornar.com.br/retornar-bundle/n/css/bundle.min.css?11093334fad88459df5f6f7b06cf417d
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
8O5WjBjaVEZK3O_9Wd6N5XHOYkrB.gOC
date
Wed, 19 Jun 2024 11:42:45 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
26275
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21905
last-modified
Tue, 23 May 2023 12:42:59 GMT
server
AmazonS3
etag
"adc27ad2396c282f29b8be953e17c1c2"
vary
Accept-Encoding
content-type
image/gif
cache-control
0
accept-ranges
bytes
x-amz-cf-id
Kj_OzsRMBYfal_MbCIQ15c4MG0tzp_g7t4QH9xtfoMSIw09ddAP9mg==
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ae40d916aba2bbcb91a7e531eaf13912658bb2ac19480b34035eeac7a5f0507

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a594c7399f1addb8311ac1f35fc8b91bfc0b6436e222fff8dd6b6a1ef3037fc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/loader.png
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/css/base-videos.min.css?11093334fad88459df5f6f7b06cf417d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c5d67245111db508d21e250d4480916144b9df6c17d9408bc79541bb4f4bbb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.retornar.com.br/retornar-bundle/n/css/base-videos.min.css?11093334fad88459df5f6f7b06cf417d
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SlNrjuA3D14A4nO8HHKSiMIuU6DznyFL
date
Wed, 19 Jun 2024 11:42:46 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Wed, 28 Feb 2024 11:19:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
26274
x-amz-server-side-encryption
AES256
etag
"96aa87c96e3705a67e528e222d2e5583"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25391
x-amz-cf-id
Q2x7OoQLDRZT6ro3sfpmiwO8Nq7zXl4T-WwHALaCS679IXcHHmoNHg==
gallery-fusca-itamar-turbo-visao-geral.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		287 KB
288 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-visao-geral.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
971f47cee24883b9e0d593b1f830d2b96a29a27d3a99deda25f4d25545c96d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zHVTzUqw_XJ.xOb9ddEEk_swZmNHvKPg
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:18 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"2539c8e84e37704083516aa7ed3aee7f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
293887
x-amz-cf-id
KpncqNigYd5wrJvBrQK2-nEBCWACsS9RFnOgrCtKZVAYqIFrgAboOA==
gallery-fusca-itamar-turbo-frente.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-frente.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4290d7074604c9b2cd9c7ab084075ed7e953b015a32fa7ba807cc6c75bbfd77a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AwvPSItBnG4QDxHqcuEjqtVoDBmN0XEc
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:14 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"1a89b6a996ed9391ee7dca2d449db101"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
279609
x-amz-cf-id
lpiT3TSzzahwTK08sNK9mnbjOpcbjEI800284wxg5dTYSoAQ0pyjLA==
gallery-fusca-itamar-turbo-lateral.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		282 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-lateral.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c4f679c767938dea992ee8cbf0b57b71a019eca9e3570fddfb077631bf04509

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Yz8Etg76lZZDEXE5ULVEnEDu.FAZuTcc
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"9ed7a9efbfaf7a36a164f1d54bc60fe4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
288870
x-amz-cf-id
TUQjivdGcK07gv4BmifNSYToa06oDuD0LoHFpMOfsCHimE9IiNBBGA==
gallery-fusca-itamar-turbo-traseira.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		312 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-traseira.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
044bde5d565f173d8a2de3b360baa7e2d18c591abe4e9a0b6ef9261e39f1e73d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hJRw7B7yQEEV4384YuTwu0aie8aH9CM1
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"ced582f438520b92dfa23ebd51635102"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
319913
x-amz-cf-id
iVugnorQ6j0eYTiHjtTzO4UCpdm68T-GtG2rXSACu1FaDJViqdczJA==
gallery-fusca-itamar-turbo-motor.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-motor.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d731f09f63a6256979f5a23cd1189ed287f2c9e6b8b325df34a9250266e5cf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
baBt7pRkoLg3iEN28Tsm.A1u1QMSb_eZ
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"457867335678d1fb89496bb06c57716c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
268449
x-amz-cf-id
tgNGLPFZ2FUO7L-obm_atrsyflArP4mJC-HtzzskRk38_PwXGeey8Q==
gallery-fusca-itamar-turbo-painel.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-itamar-turbo-painel.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22893708935d9fd80f2d86b4e737129a772c4c4f0b4e136f9f059d6eaf92ae94

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9TyDXde9fCjuFsbnWRtNyVmU.H.fLnW5
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Fri, 24 May 2024 12:27:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"cac44865032227aae72850e9c2b3479e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
184453
x-amz-cf-id
wr71QpuX0fG6-kcmTWjYIn1qsTl6yeTmdHLAcv_lOULOWQTHUyirig==
gallery-fusca-inferior-do-motor-29052024.jpg
cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/produtos/fusca/gallery-fusca-inferior-do-motor-29052024.jpg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a792cafac0a15ca21b30449b850328142677de9ec018ff3821486dd371a381a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
e2q.erAG.dnVAJZYXbxOMk2pmgCPI3zP
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Wed, 29 May 2024 16:59:26 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
etag
"2c3b04ca624d05af7b80cef1c1c3d415"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
198067
x-amz-cf-id
W9PPRN79QzZ7sN0oHt0YL8tBVbbwIpv6vE4RxoRNRXSclqqwIApEmA==
img-blank-ebook.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		183 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/img-blank-ebook.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d83be531cd0f50d8f346744e0d212922338b1f8091cb72e0b86e314c5df50ef8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rjZjyK.qLunOECI0GMern_YctAKqnwxW
date
Wed, 19 Jun 2024 09:49:12 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Mon, 26 Feb 2024 17:05:13 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
33088
x-amz-server-side-encryption
AES256
etag
"0e47eb7b1d82a0475a2a01ee5f757a6d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
183
x-amz-cf-id
BVn2j9qLlZxW6wsdHwuwsE3UePG3PL4tjFF4kkfl9i5v4xSyLwbg3Q==
img-blank-highlight.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		198 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/img-blank-highlight.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f758fb3c51bbbdf06b02f3578ccbd59dab7f5d8119ee1f4ceb8fe57c7d97058

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
c_LfwO23CTYFdt5G7BfJyysH2oE7qHcJ
date
Wed, 19 Jun 2024 12:55:10 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Mon, 26 Feb 2024 17:05:12 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
21930
x-amz-server-side-encryption
AES256
etag
"3e8489103b9d849c6d22e260844d5ee5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
198
x-amz-cf-id
GwIrd6gdkKsD6K172YzT8uNrSrRpa0Tnear-K-R9wusltq-KimcKOg==
retornar-doa-kimonos-para-projeto-em-cambe-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-kimonos-para-projeto-em-cambe-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db779bf31af873d932ea909bcaf3125723c9e241d0cad33162a397b0ea930af8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ykyalOiB80PcDXjexU7TftX548iu0j5c
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:43 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"4b5ee3b9ee365552527f5788e01fd8f3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
309371
x-amz-cf-id
i1_auNBlpSzeMLoVMQ55kZPkLhwM1traUp8_wMfMNq4pcR76HUMjVA==
retornar-doa-protese-a-paratleta-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		356 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-protese-a-paratleta-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2182bf37549018732d69c69bc84c9d8d911f165c491ba7c8acbabc688cdc134

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
R88_zuiA2G173l87f_1kPU6hmMFDdKA6
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"1a057528051f33233514d9d66d2f8a5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
364236
x-amz-cf-id
BgJE73IKfspHnGdZbRLakOSEk6GD3OARnXsZOWbVzQE_c5MxjlGAQA==
retornar-doa-alimentos-a-refugiados-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-alimentos-a-refugiados-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24ff80c2555d6df2bf6d378f684c8623045d099b942a4f48ec72f17a1a821929

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JomUNPdYT3S_cbf1fwB4C.kEkyk9Avfh
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"8ff51fe8c99da82ed0f7fce0a321413a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
317104
x-amz-cf-id
O3GJivYuSC2Z1R8Acd9tQ53aAzFFnYveXqRxnCnCXzptKdRPgVkyTA==
retornar-abencoa-1650-criancas-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-abencoa-1650-criancas-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da762e9064e23f6481ca2d497d08675192a6ce9d38d8522fb9c26926b987d6f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ibTvNjQrLdWecw6rPgoLkhSYvfrJC3ba
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:44 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"6744d007d1440353312dbbedbf27f700"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
316350
x-amz-cf-id
tMfEnVmg8qyQca5N_VF55-s1-LeGQu6D65RSFzHI0N4QyMrGcJIv2Q==
retornar-doa-materiais-de-natacao-para-criancas-no-parana-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		330 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-materiais-de-natacao-para-criancas-no-parana-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a81136125b59e360caca8860e6f31ed28cc9f2bf05e32829f15dc037f40bd971

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VgzK0NwPm8__FVWnOFtTDhpBqxeCboUy
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"e0ab905ec8a2e721df9f56abca936fab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
337495
x-amz-cf-id
xzo6ByfF-b3vF5d5YWcvWgw3oEt_tnHi0vS68HaL0FRjfgqGaABFZA==
retornar-doa-15-mil-litros-de-gasolina-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		301 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-15-mil-litros-de-gasolina-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
689a917ed7f4f7606d0b64c800b098429c33999fd55c15e18f591af38d030f32

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gheV4r22mgvVY1PAyXfOEyrNg5xkoOLz
date
Wed, 19 Jun 2024 12:18:05 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:46 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
24155
x-amz-server-side-encryption
AES256
etag
"2f23f3e67679ec49ea28f1072c208826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
308521
x-amz-cf-id
eADUhTjLtHsuxMt3CYFPWKP-Qe5R_V39nzd3p7Eo1ogMhZ7oJRtq3Q==
retornar-abencoa-o-projeto-sertao-com-um-carro-0km-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-abencoa-o-projeto-sertao-com-um-carro-0km-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3853a2d6fead592e6537471deeac8100367905501ee565252578ad17f799c236

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fuBIsCl4_CV0aBdULfyo3q4EtNRgNPMC
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:47 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
42678
x-amz-server-side-encryption
AES256
etag
"2dbf773b1f35ef612b426f52f1dd889e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
238126
x-amz-cf-id
xOVLtySObhRHL9GE6H_EszH3Cz18Tb3q70bNY-KdlfrRlXLKbWPDig==
retornar-doa-uma-cadeira-de-rodas-a-paratleta-mai2024.png
cdn.retornar.com.br/retornar-bundle/n/img/instituto/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/instituto/retornar-doa-uma-cadeira-de-rodas-a-paratleta-mai2024.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a419495553e71c20986c3384a42747b655e60f65dda7834db64d308d7c021142

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Nhx_Xxz1PthdilctAx9FRvE63DfS.p7Q
date
Wed, 19 Jun 2024 12:18:05 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 18:22:40 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
24155
x-amz-server-side-encryption
AES256
etag
"fcb6ac208d160b5d39009c69655913e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
317159
x-amz-cf-id
AwP5I56hcRflkLVZwnyA1sS8CRXvbvsb2MJBcp3u19IKrfAPn7Ff9w==
/
api.retornar.com.br/v3/LandingPages/getCategoriasParaMenuSuperior/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/getCategoriasParaMenuSuperior/?idLoja=5f578a32b94c93252b33f980
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/js/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
72d6f673b4935bed05e20b71f4aa96dfdd026474ff9205aaecaafb0b9d1864c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
server
Kestrel
api-supported-versions
3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
/
api.retornar.com.br/v3/LandingPages/GetAllAcaoByLoja/ 		238 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/GetAllAcaoByLoja/?status=Ativo&campos=DataFinal&ascendente=true
Requested by
Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/n/js/jquery-3.6.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
8132d9465e4270ad548bdd584d5e2065f9087fc51416e6bae446b8f79d3ea8af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
server
Kestrel
api-supported-versions
3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
img-blank-ganhadores.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		184 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/img-blank-ganhadores.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b5fd2483d2fc74e24c80f0834fdf2479bf391300a4873ea89b796ae0cad010d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lmA64xA.pE7ZJFm7oLaIkpLacEjA6HKH
date
Wed, 19 Jun 2024 12:55:09 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Mon, 26 Feb 2024 17:05:11 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
21931
x-amz-server-side-encryption
AES256
etag
"4352bbe9850cfa819a44aa459b184947"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
184
x-amz-cf-id
0SdljFxRXUc9aKp0eOgpMJMb6h6BenptPDFEDDzx79X1N1elXHJe9g==
img-instituto-desktop.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/img-instituto-desktop.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b06bae28a1a2eee553c84facf0c5c79627460a58732ceae79caeb768e2c5532

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U3dx4S3BVhsdz47ZJjkSwit2HBtBG.Gt
date
Wed, 19 Jun 2024 16:57:37 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
7383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
126397
last-modified
Tue, 23 May 2023 12:42:59 GMT
server
AmazonS3
etag
"e578ebb83ace6b88314db6cc21195ed7"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
BBQfp108KV1YPMSai-ttXg5n3zRpiQmghpg4bYiAKvndnBZKbhdbaQ==
img-blank-abencoados.png
cdn.retornar.com.br/retornar-bundle/n/img/ 		184 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.retornar.com.br/retornar-bundle/n/img/img-blank-abencoados.png
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b5fd2483d2fc74e24c80f0834fdf2479bf391300a4873ea89b796ae0cad010d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
z_czoZ9w1YwlYpMKPr4q7IvT9B9IJ0I4
date
Wed, 19 Jun 2024 12:55:11 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
last-modified
Mon, 26 Feb 2024 17:05:13 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
21929
x-amz-server-side-encryption
AES256
etag
"4352bbe9850cfa819a44aa459b184947"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
184
x-amz-cf-id
TQkU4yFIpuhneYPsKfJfZSjMHoFLiA6487hA_IT6qE_YT2j6usOLqg==
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
768999fbcc5fc15724e8b2d5726a5b7942d6ef645f3cb4759aace2a531278e73

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
main.f74ed22b.js
s.pinimg.com/ct/lib/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20114
topics_api
psb.taboola.com/ 		65 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-etou8220135-FRA
date
Wed, 19 Jun 2024 19:00:39 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1718823640.511639,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-cache-hits
0
json
trc.taboola.com/1251017/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1251017/trc/3/json?tim=1718823639458&data=%7B%22id%22%3A289%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1718823639454%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffusca.retornar.com.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-administradorretornarcombr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1718823639457%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Ffusca.retornar.com.br%2F%22%2C%22tos%22%3A0%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c87c767ed7459dae59d84b8f15d09f45ab47a2f3ecfeae226a02c4499fcc133

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
20
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.27625
x-fastly-to-nlb-rtt
7426
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220087-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1718823639.472828,VS0,VE20
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
main.MThlZDQwNWI3MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLS28JC77UCCRP9D3FG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
823ba14beead5b460902901fa0b8c543debebdb52859ffac37986cf26f9c83c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
192395c4
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024061811201196ECD1418E7CE67F4EF3
x-tt-trace-id
00-24061811201196ECD1418E7CE67F4EF3-6CBE106DE58DAAB2-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0105343e33c5018af22f64739415307c004f28484ccc14a69cb26ae12445358877efa25b773c350b1898ab6365a7d3e1d3cd050674d2b415430c0363db50688014a971d7bc4b08232af7e86918539b154eb53ae3cbd2e461a688a75c52e46018a0
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
100167
/
ct.pinterest.com/user/ 		325 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613555258822&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1718823639527&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1100444637647299
content-length
188
pin-unauth
dWlkPU1ETmtNR1ZqTURjdFlqUTFNUzAwTVdNNExUaGhNamt0TUdSak1XRmxNMk0wTmpaaA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
275429db13fe9c80de8a863bf33caf35d9136bc7
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2613555258822&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffusca.retornar.com.br%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1718823639529
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:00:39 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://fusca.retornar.com.br
pinterest-version
275429db13fe9c80de8a863bf33caf35d9136bc7
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
1735644093221699
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
19239b12
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400000ED8D85B2593863F7B9E
x-tt-trace-id
00-2405211400000ED8D85B2593863F7B9E-35627ECC8BDAE6EF-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01ccb90ac94d192b5fd8226e8c369cf711cbfad6a36cc8e381f86823362faef40f607e18da6e4ce45d44370858b669c20272bc0056b26167dd6df11c1445703d34004aa9514ce24005f7f776df0d572f250216272e426f770c6f3e089057cae5ed
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length
39883
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
822 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.11.239 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-11-239.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2e91cb36
date
Wed, 19 Jun 2024 19:00:39 GMT
x-bytefaas-request-id
202406191900393CE46F815E987022634E
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406191900393CE46F815E987022634E-3D152E144E463F9E-00
x-cache
TCP_MISS from a23-50-129-239.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56950534) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406191900393CE46F815E987022634E
access-control-max-age
86400
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-bytefaas-execution-duration
4.47
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d77019ca2ac693fd8f244568d3f29db7c7402e203cf2796d6672286c71dac44933aaa3c911c83a88f5589b883c19c241e72882cc32427c23e086ea040f69fe6579ca3fbe08f567b526a1534e164305ec8e
x-origin-response-time
9,23.50.129.239
access-control-allow-headers
*
expires
Wed, 19 Jun 2024 19:00:39 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
25fd0de8.19239b9a
date
Wed, 19 Jun 2024 19:00:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24061919003971B64CE4ECAADE270A94-0B1D73EE5281C7F6-00
x-cache
TCP_MISS from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
142,23.51.23.68
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=47, inner; dur=40
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024061919003971B64CE4ECAADE270A94
x-cache-remote
TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
47,23.220.105.85
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7354dd48aa7c9892af73820e18eecddc8e98131ca0d3053e6a2107683450d9d11444403ac440460d2707e6479d7a4e21b7bc1d72cf82f9ff9851399d9985d24ba2b72815674c22347753642adf4ff42e8ab52d37422da274d4f0788620f2e264e
access-control-allow-headers
Authorization,*
expires
Wed, 19 Jun 2024 19:00:39 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6da866.19239b9b
date
Wed, 19 Jun 2024 19:00:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406191900390A71447A39695510A0FF-254C548E4D7555B0-00
x-cache
TCP_MISS from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
114,23.51.23.68
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=25, inner; dur=21
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406191900390A71447A39695510A0FF
x-cache-remote
TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
26,23.220.105.87
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7354dd48aa7c9892af73820e18eecddc8d3e8e540377758472de81c5e673ffe5c523ff0c6ab9ec1fb6d95ca7d4064535464b70a9ef1eb6c9382d6c3143cb614838685f3e01d616ba2472451e60dee241b90896852c807d8d0d5e6ed77d6094011
access-control-allow-headers
Authorization,*
expires
Wed, 19 Jun 2024 19:00:39 GMT
gusid
178041.t.hyros.com/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/gusid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
product-id,ref-url
Access-Control-Request-Method
GET
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
product-id,ref-url
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gusid
178041.t.hyros.com/v1/lst/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/gusid
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
Product-ID
178041
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://fusca.retornar.com.br/
Ref-Url
https://fusca.retornar.com.br/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
session-id
HB-ET_ca60ba9fc89614882bf64ea64368b1d1fa5e8fafe58c6b1e8f4f59bda1140853
etag
HB-ET_ca60ba9fc89614882bf64ea64368b1d1fa5e8fafe58c6b1e8f4f59bda1140853
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
651162479235387
connect.facebook.net/signals/config/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/651162479235387?v=2.9.158&r=stable&domain=fusca.retornar.com.br&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
951501d724e79097f298342758c8a5898fc84e5f414cd47e0a7553add45572e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=131, ullat=0
pragma
public
x-fb-debug
f4fIQHmc4sdJIyrKprAQ3MxB9gs4DzMiILtwRzgDoMbiBtsmIQ5eTlzCIjZQniwbjL6WqK3SyRp/G+AIimR9Gg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=733356084703493&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639614&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&tm=1&rqm=GET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=733356084703493&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639614&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&tm=1&rqm=FGET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3ed11c949eec8258","source_keys":["1","2"]},{"key_piece":"0xff623444a082ab99","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 19:00:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382291317198792703", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=13, mss=1297, tbw=10505, tp=-1, tpl=-1, uplat=297, ullat=0
pragma
no-cache
x-fb-debug
exOWIKuj2qE5MsxwFIjSVleb5Yg1O0av+wokzt5qyz+Mx5UrlGu2+/YMzZ5tIKvreuHXSyJIhWHquF+dPhh/xg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382291317198792703"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-main-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/ Frame E1B4 		466 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba34e599-3ee2-4d7e-bb95-a6e045b3399d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
x-amz-version-id
ezAjB0k3wqJKTsxVNeX4PL.m4o.reOlk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
3YZHRVTXYNW1JF51
age
104558
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
8gmQgMMF5M4jXVxARcek0wpezHt3LWf5SZK58qEcificCpJw7L+AWs8hEaSYL2e7J0fXXZAVe8Q=
last-modified
Tue, 18 Jun 2024 12:04:04 GMT
server
cloudflare
etag
W/"3a35ddf83ef1d75c127252e29d81bab1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Js99VJr1yvQRQV4S1zm%2B4aSfIHVi1MA9Na50pMFBCmVXqzaRBc9rcx31iQRwtrsIRVHM4ek%2FUUKew27DPrvpsXHKim4wzEN%2BY3ZZQvgdsUI7xcysaoiPrl9vHeakp2EAXEMVVXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8965c3644a58913d-FRA
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:02 GMT
styles.css
s3.amazonaws.com/raichu-beta/ra-verified/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/raichu-beta/ra-verified/styles.css
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
3.5.13.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
20eb82b658e3136762ea163d6ffa629021a236482ddfffb0b320fb039af8bf51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 19:00:40 GMT
Last-Modified
Fri, 05 Jan 2024 00:42:00 GMT
Server
AmazonS3
x-amz-request-id
QNKPRCXTCP2TCFF0
ETag
"b9d4b907d9234cff8d70a0c6f21f89cb"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4295
x-amz-id-2
VfgCzl1Q2mGuajDfCsJfcGZJhxFFY+DcPCToCYeXmy6CMnuLdzKcjeeMJWOLLTPjTBNLhizqPvTW/V2Ts8lDD8ylbZheXCOsexyOZ4uzlpc=
verified.svg
s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/raichu-beta/ra-verified/assets/images/verified.svg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
3.5.13.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
781326faaf996e0b2dd573e471971829cfde849d28dbdb9287e4b6e2fa0d18d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 19:00:40 GMT
Last-Modified
Fri, 05 Jan 2024 00:41:57 GMT
Server
AmazonS3
x-amz-request-id
QNKQ0VWJ0T46A8ZH
ETag
"17fe31704fbbc6749b23f34bac9cdaf0"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2397
x-amz-id-2
ku/yDVnAt3gPdf6L6i2CWWPlAqB4JOQmATp0TMGrdakOXQgDV8ETqVy8I1bGwxn8LTebbMJujYDobBu40OtmBi1KyJDJ6MfcDwMHrkvtrd4=
ra-logo.svg
s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ra-logo.svg
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.13.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f12f86a606e0e191c06c5d15a06760869d21641a9c52aec47c13ccc2a3f8291a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 19:00:41 GMT
Last-Modified
Fri, 05 Jan 2024 00:41:56 GMT
Server
AmazonS3
x-amz-request-id
TDW24YHQRT6KNFGK
ETag
"f53251f0187c12ae324654e48395a03a"
x-amz-server-side-encryption
AES256
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4135
x-amz-id-2
p6R/GErGxxQRZ7jAywqy0IjWAcVO1LFxH6g3UfEfez2r/Xy8fsdqwj9hXM2X6MjGER+pgVSv4q0tllzA2mFTPguKDO6ynVhoCHL+YBX7mvo=
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=733356084703493&ev=ViewContent&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639773&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=GET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3255, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=733356084703493&ev=ViewContent&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639773&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=FGET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xae5650eb6fca222f","source_keys":["1","2"]},{"key_piece":"0xede8c5024c567aef","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 19:00:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382291318036136020", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=8025, tp=-1, tpl=-1, uplat=53, ullat=0
pragma
no-cache
x-fb-debug
gyFMXVOlO59+BO/+WFHZ+HUWrlZH0E8ofIKI38kKt/dFYEf6QgzBzgTAPH27KXqAiBpferV0efQRddl3HHhfWw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382291318036136020"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=651162479235387&ev=ViewContent&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639774&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=GET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3371, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=651162479235387&ev=ViewContent&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639774&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=FGET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x718802fae20c7bb7","source_keys":["1","2"]},{"key_piece":"0x6e32242526f5a125","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 19:00:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382291318059199684", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3590, tp=-1, tpl=-1, uplat=48, ullat=0
pragma
no-cache
x-fb-debug
H+cOyXThHeyWC8F7w8Xdw1ioPFj5KqFIhMd/w0Ldk2lqFCFuHOnNGtwQiRd1HfzyQ48Qn1YuhmVKGOZcHL5AIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382291318059199684"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=733356084703493&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639775&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=GET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3371, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=733356084703493&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639775&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=FGET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3ed11c949eec8258","source_keys":["1","2"]},{"key_piece":"0xff623444a082ab99","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 19:00:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382291317327562376", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=13, mss=1297, tbw=9265, tp=-1, tpl=-1, uplat=93, ullat=0
pragma
no-cache
x-fb-debug
bx3Sfq+pl0ru3MMjmFP8XURAI7xvklQe8ty6n9jU5+ml4mSYrYtUtbxJv8YHSSagFVqmUCYkSudzv5/T0rF0gw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382291317327562376"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=651162479235387&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639775&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=GET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=3371, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Jun 2024 19:00:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=651162479235387&ev=PageView&dl=https%3A%2F%2Ffusca.retornar.com.br%2F&rl=&if=false&ts=1718823639775&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4126&fbp=fb.2.1718823639613.376415749305512794&ler=empty&cdl=API_unavailable&it=1718823639350&coo=false&eid=FBR3125288051718823638978&rqm=FGET
Requested by
Host: fusca.retornar.com.br
URL: https://fusca.retornar.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3eaa3c9c2b88e045","source_keys":["1","2"]},{"key_piece":"0xea6d89d90b0ba50c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 19 Jun 2024 19:00:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382291317919379909", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=6787, tp=-1, tpl=-1, uplat=49, ullat=0
pragma
no-cache
x-fb-debug
w5PvFBTWARwCkU/oB23X3hCK9jI15pLVF012/lFTyvRNQKEImuycKfKKNTZRdL8/qXnoDx7schuhFLG0ME22tQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382291317919379909"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
838 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: 178041.tracking.hyros.com
URL: https://178041.tracking.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!tracking
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7527e761.1923a788
date
Wed, 19 Jun 2024 19:00:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240619190039055352CED8B33629984F-328B1BD0151A0A4B-00
x-cache
TCP_MISS from a23-51-23-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
123,23.51.23.68
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=36, inner; dur=32
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240619190039055352CED8B33629984F
x-cache-remote
TCP_MISS from a23-52-15-49.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
37,23.52.15.49
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7354dd48aa7c9892af73820e18eecddc809ff983edc0623a9100c0cb9ea04ac8ec5cb41a4bd4a6f1424cfde42290323f7b76e65a5e1243c0bff6774623ef4348c0b2a9a75d588d72f4b0c62601b42fb354f083b957939931f50197ca2d8761e69
access-control-allow-headers
Authorization,*
expires
Wed, 19 Jun 2024 19:00:39 GMT
en-us-json-67c35ac.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame E1B4 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-67c35ac.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:39 GMT
x-amz-version-id
4trfKxavXJB3vXVXSVn5tCELN5piGtTn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
9YW761SVGRK5KYYV
age
104561
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
oAIEUu+JQcDV39xf3LtWk6cCsxJh6u2qrXC7Gibr9PA/OrxzyEVb7+EKXxnujlsPNUZnHhCNYSifJGRqQYDBi8+Ukienj7TF
last-modified
Tue, 18 Jun 2024 12:04:05 GMT
server
cloudflare
etag
W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9p2v4942n7rSQ37WSVWOhsygaecF2peYk1tLpjLtGPubl3HV3H8UPQ83bajcJXcpxeaE70J%2Bw2JeaMl4T3E5yZ2l%2F0WCk%2BFim4omBVQE22YxsD%2BmbAHxlAafx8UKJ2FX9zIomYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8965c3653bc3913d-FRA
access-control-allow-headers
*
expires
Wed, 18 Jun 2025 12:04:04 GMT
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://s3.amazonaws.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Jun 2024 19:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 18:17:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jun 2024 19:00:39 GMT
pv
retornar.zendesk.com/frontendevents/ Frame E1B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://retornar.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jun 2024 19:00:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0t1L73LZNAk%2B7cUxOP6PBlcCGamNg4GuZgGJbJhUFX4yCcbZM7UxQ7yqXhYFolxvzcBQjtoEha%2B2JT6UznCDLlS0oH72b0d7j8X%2FhgAc%2Fp3naag33QwkaIMsUavq3WqTXPU%2FT58"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8965c3682a301c79-FRA
content-length
0
x-request-id
8965c3682a301c79-FRA
config
retornar.zendesk.com/embeddable/ Frame E1B4 		830 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://retornar.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43aef683f41adb0c4fb6743a28e2e3f60bcffb72e3b8ab8273a8f9e05528af81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-55b477c9d-2shb6
x-cached
MISS
x-runtime
0.002211
last-modified
Wed, 19 Jun 2024 12:55:08 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNVbGBob3ugL6%2FRseo0zH5zxSrJ1z7o4KFAP2k9lnpsLifEr9ct7qqH1uLZy0e2xPbTqihHhVr7E24SXNmkJMdB3OH3V%2BHMfturiLkeLWliOVfOGlBVdcAtytf5Zs2Nb7otEFHib"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8965c3668fb21c79-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://fusca.retornar.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options
nosniff
age
101216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:43 GMT
pc
178041.t.hyros.com/v1/lst/ 		117 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Ffusca.retornar.com.br%2F&fbp_id=651162479235387&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
de1d28d886ce35388a2d92578af2875c66fa3a6f8c83a0618dce2aedab0521e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Session-ID
HB-ET_ca60ba9fc89614882bf64ea64368b1d1fa5e8fafe58c6b1e8f4f59bda1140853
Product-ID
178041
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fusca.retornar.com.br/
Access-Control-Allow-Headers
*
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pv
retornar.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://retornar.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8965c3668fba1c79-FRA
date
Wed, 19 Jun 2024 19:00:40 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2bUNVsfULwBPBcuHJds2ADlsd4PUwfXZXvFnbvEKHOwAuscSNDJp2ckataWdfOF7Xyw9zlOP2VYLT1Euo7TUMZb5ZWGdD84hqQi9xmIo62bPBZ7eqPGKPgaOzsc32UGh4p2HEcP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8965c3668fba1c79-FRA
x-zendesk-zorg
yes
pc
178041.t.hyros.com/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Ffusca.retornar.com.br%2F&fbp_id=651162479235387&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method
GET
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Jun 2024 19:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
api.retornar.com.br/v3/LandingPages/Events/Parcial/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/Events/Parcial/?pixelId=651162479235387&eventName=ViewContent&eventSourceUrl=https://fusca.retornar.com.br/&eventId=FBR3125288051718823638978&fbc=null&fbp=null&custom_r=null&idLoja=5f578a32b94c93252b33f980
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:40 GMT
server
Kestrel
/
api.retornar.com.br/v3/LandingPages/Events/Parcial/ 		191 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.retornar.com.br/v3/LandingPages/Events/Parcial/?pixelId=651162479235387&eventName=ViewContent&eventSourceUrl=https://fusca.retornar.com.br/&eventId=FBR3125288051718823638978&fbc=null&fbp=null&custom_r=null&idLoja=5f578a32b94c93252b33f980
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.39.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-39-18.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
3655a821a8332b3ddd640b57f806848c6304deebd52ebb4820b7ad44db8a5222

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fusca.retornar.com.br/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 19 Jun 2024 19:00:40 GMT
content-encoding
gzip
server
Kestrel
api-supported-versions
3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:40 GMT
x-cdn
fastly
age
6786
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame F3DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fusca.retornar.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 19:00:40 GMT
pinterest-version
275429db13fe9c80de8a863bf33caf35d9136bc7
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1420275178425864
favicon.png
cdn.retornar.com.br/retornar-bundle/img/ 		11 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.retornar.com.br/retornar-bundle/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acb9cb262b04d98225cf77a5ac4d1cd5981dbf003971199939624cfb72baa6dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Uf_2VRW2OD9HqSefHES3UfOZw4WdzgWO
date
Wed, 19 Jun 2024 19:00:40 GMT
via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
31144
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10819
last-modified
Tue, 23 May 2023 12:42:24 GMT
server
AmazonS3
etag
"0baa79db291b56a03f2469a18f88d96a"
vary
Accept-Encoding
content-type
image/png
cache-control
0
accept-ranges
bytes
x-amz-cf-id
6xbItkNpwAua7egFEO9EEg8ZNJUfYjPtHjoJXWuU_PdKJ9whd4iz1g==
pcu
178041.t.hyros.com/v1/lst/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/pcu
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Session-ID
HB-ET_ca60ba9fc89614882bf64ea64368b1d1fa5e8fafe58c6b1e8f4f59bda1140853
Product-ID
178041
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fusca.retornar.com.br/
Access-Control-Allow-Headers
*
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
pcu
178041.t.hyros.com/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://178041.t.hyros.com/v1/lst/pcu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.209.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-209-38.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method
PUT
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://fusca.retornar.com.br
access-control-expose-headers
Session-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Jun 2024 19:00:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
unip
trc-events.taboola.com/1251017/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1718823639456&ver=36&isls=true&src=i&invt=1500&msa=5951&rv=1&tim=1718823641008&vi=1718823639454&ri=c8a13086c65cb129c8c685a6707391b4&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Ffusca.retornar.com.br%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://fusca.retornar.com.br
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Wed, 19 Jun 2024 19:00:41 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1251017/log/3/ 		0
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1718823639456&ver=36&isls=true&src=i&invt=1500&msa=5951&rv=1&tim=1718823641008&vi=1718823639454&ri=c8a13086c65cb129c8c685a6707391b4&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Ffusca.retornar.com.br%2F
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://fusca.retornar.com.br
pragma
no-cache
date
Wed, 19 Jun 2024 19:00:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1251017/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1718823639456&ver=36&isls=true&src=i&invt=3000&msa=5951&rv=1&tim=1718823644009&vi=1718823639454&ri=c8a13086c65cb129c8c685a6707391b4&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Ffusca.retornar.com.br%2F
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MThlZDQwNWI3MQ.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fusca.retornar.com.br/
Attribution-Reporting-Eligible
trigger
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://fusca.retornar.com.br
pragma
no-cache
date
Wed, 19 Jun 2024 19:00:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1251017/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1718823639456&ver=36&isls=true&src=i&invt=3000&msa=5951&rv=1&tim=1718823644009&vi=1718823639454&ri=c8a13086c65cb129c8c685a6707391b4&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2Ffusca.retornar.com.br%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://fusca.retornar.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://fusca.retornar.com.br
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Wed, 19 Jun 2024 19:00:44 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Verdicts & Comments Add Verdict or Comment

321 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| head object| script object| dataLayer boolean| devMode boolean| useBlank boolean| testeAB boolean| institutoLps string| pixelIdParam object| urlParams string| eventId string| campanhaFBPARC string| hashFBPARC object| page_info string| pageInfo_ActionId string| pageInfo_CampaignDateDraw string| pageInfo_CampaignDateDrawUS string| pageInfo_CampaignUtm string| pageInfo_CampaignFacebookPixel object| pageInfo_Ebooks object| pageInfo_ProductGallery_Lps object| pageInfo_ProductFeatures_Lps object| pageInfo_MarqueeSchedule object| google_tag_manager object| google_tag_data function| pintrk function| fbq function| _fbq object| _fbq_gtm_ids function| twq object| _tfa string| TiktokAnalyticsObject object| ttq object| regeneratorRuntime object| twttr function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| bootstrap object| instituto_news object| janela string| cssClassError string| cssClassActive string| cssClassDisabled string| cssClassInputFieldActive number| animationTime string| concorrerForm string| concorrerWizardForm string| nome string| nomeInputField string| email string| emailInputField string| telefone string| telefoneInputField string| nomeWizard string| nomeWizardInputField string| emailWizard string| emailWizardInputField string| telefoneWizard string| telefoneWizardInputField string| queroConcorrerBtn string| comprarAgoraBtn string| comprarAgora2Btn string| comprarAgoraFloatBtn string| btnsFloat object| dominiosExcluidos string| tipo string| produtoId string| directKitSelected string| checkoutUrl string| checkoutHomologUrl string| checkoutParams string| cdnUrl string| apiUrl string| apiHomologUrl object| customRParam object| campaignParam object| sourceParam object| mediumParam object| contentParam object| elParam object| termParam object| fbcIdParam object| hAdIdParam object| fbpParam object| ttclidParam object| cupomParam object| cupomDescriptionParam object| cupomTypeParam object| cupomColorParam boolean| cupomValidationParam object| referenciaParam object| refParam boolean| useCupomFilter object| cupomPromos object| productIdParam object| removeTheseEbooksFromRandom boolean| useHomolog function| VerificaUrlParam string| clientId string| coringa1 string| coringa2 string| idLojaParam string| tipoClique string| extraParam function| RetornarHashCode function| RemoveAcentuacoes function| ConverteFormatoData function| FacebookParcial function| FluxoCliente function| FunilCliente function| Navegacao function| PlayPauseVideoCampanha string| galeriaGaleriaThumbs string| galeriaGaleria function| GaleriaGaleria boolean| ebooksLoaded string| ebooksLoader string| ebooksContainer boolean| ebooksBlankLoaded string| ebooksBlankThumbs string| ebooksThumbs function| CarregaEbooksGaleriaBlank function| EbooksGaleria function| CarregaEbooks boolean| productDetailsThumbsLoaded string| productDetailsThumbsLoader string| productDetailsContainer boolean| productDetailsBlankThumbsLoaded string| productDetailsBlankThumbs string| productDetailsThumbs string| productDetailsGaleria function| CarregaCaracteristicasGaleriaBlank function| CaracteristicasGaleria function| CarregaCaracteristicas function| OverlayCampanha function| EbookDetalhesModal function| ViewFullImage function| ViewFullImageCaracteristicas function| MontaCupomMarquee function| CupomMarquee function| CupomValidation function| CupomInexistente function| MensagemSistema function| ChatZendesk function| CustomCountdownSchedule function| CarregaJS function| ValidaInputEmail function| ValidaInputNome function| ValidaInputTelefone function| Clean function| RandomEbookId function| ValidaEmailWizard function| ValidaNomeSobrenomeWizard function| ValidaTelefoneWizard function| SectionHeaderImage function| VerificaVisibilidadeQueroConcorrerBtn function| VerificaVisibilidadeSecoes function| GetModalDataKit function| EmailAutocomplete function| SelecionaSugestao function| ValidarForm function| ValidarWizardForm function| ValidaEmailRegex function| ValidaEmail function| ValidaTelefone function| LoadGtm function| GetCookie function| SetCookie function| ReadCookie function| EraseCookie boolean| extra string| origem boolean| useCupomConsulta object| sourceParamConcat object| zEWebpackACJsonp function| zE function| zEmbed string| chatZendeskBtn string| faqBtn string| floatBtns string| chatActiveCssClass function| OpenChatZendesk function| CloseChatZendesk boolean| ganhadores_useBlank boolean| abencoados_useBlank boolean| ganhadores_exibirBotaoQueroConcorrer string| ganhadores_videoDefault function| Shuffle function| InstitutoModalCountdown string| institutoDefault string| institutoEdicao boolean| institutoModalOpened boolean| sourceParamConcatenated function| InstitutoModal function| Instituto function| UtmSourceConcatPopup function| CheckScrollInstitutoLp function| CheckScrollInstitutoLps string| cssClassShow string| modal string| campanhaModal string| overlayOnboard string| overlay function| inputHandler function| WhatsApp function| CampaignCountdown function| UET function| UET_init function| UET_push object| hoje number| ano number| mes number| dia string| meusPedidosUrl string| imagensUrl string| idLoja string| lojaUrl string| institutoUrl string| winnersVideoUrl boolean| useImagemPaginaLinks object| utmCampaignFromUrl object| utmSourceFromUrl object| utmMediumFromUrl object| utmContentFromUrl object| elFromUrl object| termFromUrl object| fbcIdFromUrl object| hAdIdFromUrl object| fbpFromUrl object| ttclidFromUrl object| cupomFromUrl object| cupomDescriptionFromUrl object| cupomTypeFromUrl object| cupomColorFromUrl boolean| cupomValidationFromUrl object| referenciaFromUrl object| refFromUrl boolean| useCupomFilter_Base object| cupomPromos_Base boolean| useHomolog_Base function| VerificaUrlParam_Base function| logo string| retornarNav string| retornarBar string| retornarInstituto string| retornarFooter string| retornarFooterBar string| winnersVideo function| CarregaCategorias function| MontaUrl function| MontaMenuPromocoes function| MontaListaPromocoes function| PromocaoItem function| CarregaPromocoes function| DropdownHover function| Dropdowns function| NavFooterToggleable function| ValidaPesquisaLoja function| FunilCliente_Base function| MontaCupomMarquee_Base function| CupomMarquee_Base function| CupomValidation_Base function| CupomInexistente_Base function| MensagemSistema_Base boolean| useCupomConsulta_Base string| baseVideosSwipeSample function| ShuffleVideos function| Overlay function| PausarVideos function| PlayPauseVideo boolean| ganhadoresGaleriaLoaded string| ganhadoresLoader string| ganhadoresGaleriaContainer object| ganhadoresGaleriaVideos function| BaseGanhadoresGaleria function| CarregaGanhadoresGaleriaBlank function| CarregaGanhadoresGaleria function| GanhadoresGaleria function| CarregaGanhadores boolean| abencoadosGaleriaLoaded string| abencoadosLoader string| abencoadosGaleriaContainer object| abencoadosGaleriaVideos function| BaseAbencoadosGaleria function| CarregaAbencoadosGaleriaBlank function| CarregaAbencoadosGaleria function| AbencoadosGaleria function| CarregaAbencoados boolean| swipeSampleOpened function| VMasker object| ueto_f928c01d1b object| uetq function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks boolean| mh_uts_available object| t object| hrs boolean| zEACLoaded string| dataSorteioDia string| dataSorteioMes string| dataSorteioAno string| dataSorteio function| mcAsyncInit object| adSetId object| adSetIdFromPrevUrl

22 Cookies

Domain/Path Name / Value
178041.t.hyros.com/v1/lst Name: __mh_tt_s
Value: HB-ET_ca60ba9fc89614882bf64ea64368b1d1fa5e8fafe58c6b1e8f4f59bda1140853
.retornar.com.br/ Name: _gcl_au
Value: 1.1.524082905.1718823639
.retornar.com.br/ Name: _ga_B66YHTHE35
Value: GS1.1.1718823639.1.0.1718823639.60.0.0
.retornar.com.br/ Name: _ga
Value: GA1.1.1618012722.1718823639
.retornar.com.br/ Name: _ga_WFJ98H6EZX
Value: GS1.1.1718823639.1.0.1718823639.60.0.31727574
.retornar.com.br/ Name: _uetsid
Value: 381556202e6e11efa3efbf58cd45b71c
.retornar.com.br/ Name: _uetvid
Value: 38153c902e6e11efb715874bf0c4ee1d
.retornar.com.br/ Name: Retornar_ClientId
Value: CID3125288051718823639400
.retornar.com.br/ Name: Retornar_InstitutoModal
Value: rtn
.tiktok.com/ Name: _ttp
Value: 2i6v3CLW5rHiXVafZZKQ8qxGyxB
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171882363941049652
.twitter.com/ Name: guest_id_ads
Value: v1%3A171882363941049652
.twitter.com/ Name: personalization_id
Value: "v1_N7wNAt3pxgX3DGE1WWzAbQ=="
.twitter.com/ Name: guest_id
Value: v1%3A171882363941049652
.t.co/ Name: muc_ads
Value: 208b7b28-b19d-4647-bc0e-8d11466ac4e9
.region1.google-analytics.com/ Name: ar_debug
Value: 1
.bing.com/ Name: MUID
Value: 17DE441DE247646B118350BEE3876541
.retornar.com.br/ Name: _tt_enable_cookie
Value: 1
.retornar.com.br/ Name: _ttp
Value: P27_W-E_jsfCeszCkBXL9fhtFg1
.retornar.com.br/ Name: _fbp
Value: fb.2.1718823639613.376415749305512794
.fusca.retornar.com.br/ Name: _pin_unauth
Value: dWlkPU1ETmtNR1ZqTURjdFlqUTFNUzAwTVdNNExUaGhNamt0TUdSak1XRmxNMk0wTmpaaA
.pinterest.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178041.t.hyros.com
178041.tracking.hyros.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.reclameaqui.com.br
api.retornar.com.br
bat.bing.com
cdn.retornar.com.br
cdn.taboola.com
connect.facebook.net
ct.pinterest.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fusca.retornar.com.br
psb.taboola.com
region1.analytics.google.com
region1.google-analytics.com
retornar.zendesk.com
s.pinimg.com
s3.amazonaws.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google.de
www.googletagmanager.com
104.16.51.111
104.18.70.113
104.244.42.3
141.226.228.48
146.75.120.157
151.101.0.84
151.101.128.84
151.101.129.44
151.101.65.44
157.240.0.6
18.66.192.118
2.21.20.4
2001:4860:4802:32::36
216.58.206.35
23.53.11.239
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2008
2a00:1450:400c:c06::9a
2a02:26f0:3500:88d::1931
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.5.13.162
35.237.183.236
52.200.209.38
52.21.39.18
54.230.228.83
93.184.221.165
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
044bde5d565f173d8a2de3b360baa7e2d18c591abe4e9a0b6ef9261e39f1e73d
04a94ecfbb60c6eeddd6ca4557ebd00a4925d64b7c2dbbe9f47bd60f244f1657
0ab17767cf4ad1e7c5c5f3f7db06a0de1c1e9d44846081cac2a2955fb7667f8e
0ae40d916aba2bbcb91a7e531eaf13912658bb2ac19480b34035eeac7a5f0507
0b06bae28a1a2eee553c84facf0c5c79627460a58732ceae79caeb768e2c5532
0b5fd2483d2fc74e24c80f0834fdf2479bf391300a4873ea89b796ae0cad010d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1337a79aac095a219b364c42afbfc46c9b0a6714fda1a0a0603797c7d1a8d986
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
20eb82b658e3136762ea163d6ffa629021a236482ddfffb0b320fb039af8bf51
22893708935d9fd80f2d86b4e737129a772c4c4f0b4e136f9f059d6eaf92ae94
24c7030c50c1045cfefddac2d403f4bb2043b34183f6887f5c88a3e12e0236f9
24ff80c2555d6df2bf6d378f684c8623045d099b942a4f48ec72f17a1a821929
251df3355e2bdb7ea5a6cd2c02484064520022c69ed17689c447d099a5dbd67e
2c87c767ed7459dae59d84b8f15d09f45ab47a2f3ecfeae226a02c4499fcc133
32306ecf6373a98d417d33b7029b0acd79cc6be0961f1ecd92826c1f18cb580e
327f7aca074dc56f73eb3d534b4d42f4d58ef3474e728ded19380a71840d6a65
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
3655a821a8332b3ddd640b57f806848c6304deebd52ebb4820b7ad44db8a5222
3853a2d6fead592e6537471deeac8100367905501ee565252578ad17f799c236
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
4290d7074604c9b2cd9c7ab084075ed7e953b015a32fa7ba807cc6c75bbfd77a
430af193d04b3cc7436bedeb8c2c6325f06bc5dac795dbdf31bfecc1aa1642b5
43aef683f41adb0c4fb6743a28e2e3f60bcffb72e3b8ab8273a8f9e05528af81
487c02228fe37d5d149b2c9f2f6dfbdd6ad0192db74f9931d56746750ae3c473
4a9d4fb1b5df4cbeb11f5fc09209d1d1fdcfd3e6026ba41f686b1590d9b6ef86
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
53455320768cc6332f9e28a92577840ddef65d93be15dd70691efe68a7e2361a
55c2a99ca3720501ce0e025fdb0274f5a61b652cd29bd0e993ef73ea48fd4b31
5a594c7399f1addb8311ac1f35fc8b91bfc0b6436e222fff8dd6b6a1ef3037fc
5c934b865ce536309066804ccbed7e58b23f1d001431268b6e7e18557fa5c379
5f758fb3c51bbbdf06b02f3578ccbd59dab7f5d8119ee1f4ceb8fe57c7d97058
5fdbb87e614f4ed62707f86be0e5049f72c3219b5fc1f04662b46aee3eeb54ed
673e215879e60195a0c9058d11234049c30771c7d501cf7c331d3101ee451ea9
689a917ed7f4f7606d0b64c800b098429c33999fd55c15e18f591af38d030f32
6c5d67245111db508d21e250d4480916144b9df6c17d9408bc79541bb4f4bbb5
6d731f09f63a6256979f5a23cd1189ed287f2c9e6b8b325df34a9250266e5cf5
6e4e83267c28b3f86997ff3ca3103563034480ed144b4e1ae34cea747b4f72de
6eab9b643be1aaaaf6d64ddc2d90b3d40cd7d739898a50ab75394b971f5fc871
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
72d6f673b4935bed05e20b71f4aa96dfdd026474ff9205aaecaafb0b9d1864c2
768999fbcc5fc15724e8b2d5726a5b7942d6ef645f3cb4759aace2a531278e73
7783030627b2465fdef735fab467bfa7d4206398dabb744508dfd1a3519cebd4
781326faaf996e0b2dd573e471971829cfde849d28dbdb9287e4b6e2fa0d18d2
790b37cc6b14cd708d0ded4c7f558d58e7bd12c9e58c1ec8fbc95f83e8e94649
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7c4f679c767938dea992ee8cbf0b57b71a019eca9e3570fddfb077631bf04509
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8132d9465e4270ad548bdd584d5e2065f9087fc51416e6bae446b8f79d3ea8af
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
823ba14beead5b460902901fa0b8c543debebdb52859ffac37986cf26f9c83c9
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
91c2f3fa88fc1392534d047d3c5c4fbaa7480e2584f4388303fa6d0e3433c0d6
94a8100eed155404363a07adfbae4f00b2602e96e7cc072ceac79db6306267ca
951501d724e79097f298342758c8a5898fc84e5f414cd47e0a7553add45572e3
9590f98c6fe288202f7343cacde8aa6286cbcba928e164d04a74620ccd2f0ee8
971f47cee24883b9e0d593b1f830d2b96a29a27d3a99deda25f4d25545c96d96
9bd27a5d7a54aea6b958557b21e84cb34db1a4cf2655fbd51394e32230f0bbad
a2098e88aa1d736cecf16854501baa250fcdc2e1d40e62ea6e327b1ce3a00c57
a2c0c8bf220e819ea78758e7236e6f2f153076f0e3d5d1cacc1de5e1e11388f1
a419495553e71c20986c3384a42747b655e60f65dda7834db64d308d7c021142
a41d512d7230d94b7d8985980eaa123b8495be759e51a2d2f4556330b5e4f458
a792cafac0a15ca21b30449b850328142677de9ec018ff3821486dd371a381a5
a81136125b59e360caca8860e6f31ed28cc9f2bf05e32829f15dc037f40bd971
a8cc185214399c9b7fa337b91d3f2650edbb0dc71a234cf5e637bb573acf567c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb9cb262b04d98225cf77a5ac4d1cd5981dbf003971199939624cfb72baa6dc
afc0c621b6bb7bf7c543e6beee4288f58d6a697299859c83ce661526cc60db8c
b7de830f64441d1184d80c3683978dcc17e99b8fedddf1d6faf2d92295e088db
b8ee296e08ba9b91c984e8b121e59d42b76ee91c6f787743fd29b7bc2acf2a3e
baafc10c2374d075e8ee471e352046afe6252c4ccbc1e282ff7c5c990577edcc
bca252936fdd6f34df600a9b1fda47dc5e60945a6c315f0bc48c04943cc35567
beca2da726b344f7381072113c1eb2e97941a379c4d195b85481bcf4f9a20204
c7250badf67ad81b6fc4806091cd5bb16f158bebd473cc209a7f8f1b4efb34e3
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d07fc7aa2628c0dfa41a104c17384405161e87fbf24e1644f45f8e4f44d38989
d83be531cd0f50d8f346744e0d212922338b1f8091cb72e0b86e314c5df50ef8
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
da762e9064e23f6481ca2d497d08675192a6ce9d38d8522fb9c26926b987d6f5
db779bf31af873d932ea909bcaf3125723c9e241d0cad33162a397b0ea930af8
de1d28d886ce35388a2d92578af2875c66fa3a6f8c83a0618dce2aedab0521e8
df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646
e2182bf37549018732d69c69bc84c9d8d911f165c491ba7c8acbabc688cdc134
e2a3f40444d8a8af7b9dca5a89035fd13b8783eb63a8dd4f93ff5da723088087
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e80c8241b5b3859492ab9341c5179b627b72ab0bbd0eb6090db9e7cbb60cdcb9
e88bb1cfda02c4a768b9674e58f462aa0954e4290ca3fc703a2b0d8de4385a02
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
eaaaeaa47e5ad1802c0665fc30ca7b4dda81cd3edbea85038fbf29d1eb2bc5a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12f86a606e0e191c06c5d15a06760869d21641a9c52aec47c13ccc2a3f8291a
f932786e474a37cdbe1d31563d7c2172de5895dddd5297203deee75db760c98a
fb75fe2d5623f4a1edc1b11f0997852230ddcf68f4b3560d45016016d86e8ed0
fc003c8617bbd88cdfde4516b93c9877acea136cf94e186bf427cb6b96a857f1
fe3e6c972a43b82d2dc8dae699baab631745ecba8d5ae1af272b84e2547ff3d6