defender.retornar.com.br Open in urlscan Pro
18.66.15.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://retornar.promo/ganhador-troller
Effective URL:
https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-tro...
Submission: On February 10 via manual (February 10th 2023, 7:29:30 pm UTC) from BR — Scanned from DE

Summary HTTP 111 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 23 domains to perform 111 HTTP transactions. The main IP is 18.66.15.13, located in United States and belongs to AMAZON-02, US. The main domain is defender.retornar.com.br.
TLS certificate: Issued by Amazon on September 29th 2022. Valid for: a year.

This is the only time defender.retornar.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	18.66.15.13 18.66.15.13	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c1b::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	13.225.78.102 13.225.78.102	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.203.209.81 52.203.209.81	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:400c:c04::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c08::5e	15169 (GOOGLE) (GOOGLE)
1	151.101.193.63 151.101.193.63	54113 (FASTLY) (FASTLY)
2	52.4.195.217 52.4.195.217	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:400c:c1b::8b	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
5	52.4.228.223 52.4.228.223	14618 (AMAZON-AES) (AMAZON-AES)
21	23.36.163.138 23.36.163.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	74.125.140.156 74.125.140.156	15169 (GOOGLE) (GOOGLE)
1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
2	13.225.78.128 13.225.78.128	16509 (AMAZON-02) (AMAZON-02)
1	169.150.247.34 169.150.247.34	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400c:c04::5e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
5	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
111	32

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

retornar.promo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.15.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-13.vie50.r.cloudfront.net

defender.retornar.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.225.78.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-102.fra2.r.cloudfront.net

cdn.retornar.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.209.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-209-81.compute-1.amazonaws.com

178041.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::61 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.63 (United States)

ASN54113 (FASTLY, US)

streamable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.195.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-195-217.compute-1.amazonaws.com

api.retornar.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400c:c1b::8b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.4.228.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-228-223.compute-1.amazonaws.com

178041.t.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 23.36.163.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-59-220-194.bunnyinfra.net

statics.streamable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net

cdn-cf-east.streamable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.34 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-247-34.datapacket.com

v.embed-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embed.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c04::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 780	117 KB
19	retornar.com.br defender.retornar.com.br cdn.retornar.com.br api.retornar.com.br	484 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	40 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4545 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6186	947 B
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	3 KB
6	hyros.com 178041.tracking.hyros.com 178041.t.hyros.com	71 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 814	2 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 912 trc.taboola.com — Cisco Umbrella Rank: 668 trc-events.taboola.com — Cisco Umbrella Rank: 1675	21 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	301 B
4	streamable.com streamable.com — Cisco Umbrella Rank: 29608 statics.streamable.com — Cisco Umbrella Rank: 57304 cdn-cf-east.streamable.com — Cisco Umbrella Rank: 37626	344 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1401 ka-f.fontawesome.com — Cisco Umbrella Rank: 2492	23 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	254 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 732	21 KB
2	gstatic.com fonts.gstatic.com	56 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	137 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	embed.ly cdn.embed.ly — Cisco Umbrella Rank: 16513	4 KB
1	embed-cdn.com v.embed-cdn.com — Cisco Umbrella Rank: 60713	78 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 167	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 900	46 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 752	7 KB
1	retornar.promo 1 redirects retornar.promo	299 B
111	23

	Domain	Requested by
21	analytics.tiktok.com	defender.retornar.com.br analytics.tiktok.com
14	cdn.retornar.com.br	defender.retornar.com.br
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com defender.retornar.com.br streamable.com
6	www.google.de	defender.retornar.com.br
5	ct.pinterest.com	s.pinimg.com defender.retornar.com.br
5	178041.t.hyros.com	defender.retornar.com.br 178041.tracking.hyros.com
4	www.google.com	1 redirects defender.retornar.com.br
4	region1.analytics.google.com	www.googletagmanager.com
4	www.facebook.com	defender.retornar.com.br
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	defender.retornar.com.br www.googletagmanager.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	defender.retornar.com.br	defender.retornar.com.br
2	trc-events.taboola.com	cdn.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	cdn-cf-east.streamable.com	streamable.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	api.retornar.com.br	cdn.retornar.com.br
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	defender.retornar.com.br connect.facebook.net
2	fonts.googleapis.com	defender.retornar.com.br
1	cdn.embed.ly	streamable.com
1	v.embed-cdn.com	streamable.com
1	statics.streamable.com	streamable.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.taboola.com	defender.retornar.com.br
1	streamable.com	cdn.retornar.com.br
1	178041.tracking.hyros.com	defender.retornar.com.br
1	www.googleoptimize.com	defender.retornar.com.br
1	kit.fontawesome.com	defender.retornar.com.br
1	maxcdn.bootstrapcdn.com	defender.retornar.com.br
1	retornar.promo	1 redirects
111	33

This site contains links to these domains. Also see Links.

Domain
www.retornar.com.br

Subject Issuer	Validity	Valid
retornar.com.br Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tracking.hyros.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
streamable.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
t.hyros.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
statics.streamable.com R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.streamable.com Amazon	`2023-01-09` - `2024-02-07`	a year	crt.sh
v.embed-cdn.com R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.embed.ly Sectigo RSA Domain Validation Secure Server CA	`2022-12-06` - `2023-12-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Frame ID: CA835F9F799FA8F5138A8CD43C2F9A0A
Requests: 100 HTTP requests in this frame

Frame: https://streamable.com/e/kt50j4
Frame ID: 0DA01438A7F90ABCC87222C5CC2359E4
Requests: 8 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 261A11A246189A94E4976A4AC8BA9F88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ganhador do Troller T4 XLT 3.2 - George Tada - Promoção Retornar e Você de Troller - RETORNAR

Page URL History Show full URLs

https://retornar.promo/ganhador-troller HTTP 302
https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

99 %
HTTPS

50 %
IPv6

23
Domains

33
Subdomains

32
IPs

6
Countries

1712 kB
Transfer

3824 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.retornar.com.br/
Title: Retornar

Search URL Search Domain Scan URL

URL: https://www.retornar.com.br/termos-e-condicoes-de-uso
Title: Termos e condições de uso

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://retornar.promo/ganhador-troller HTTP 302
https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=E5vmY4TIMc6J-wac9bTYCA&sscte=1&crd=&eitems=ChEIgPOXnwYQ14m3jo6m8PW3ARIdACUMy7d6WruhKEcHYLYCvQP5lKG7TUJAW4qymPU&pscrd=Ek5DaEFJZ1BPWG53WVE4OXJ4dWJXZ3c4MV9FaVlBTElBekRKSmZMQXRwbkNTcnBEa2hlUGVtVUFfOUM0dkN1bE9vckdxTUNhTENDTnBzcEEaWENoQUlnUE9YbndZUW1LdXI5WXpXMW9wREVpNEFLTy13LUVQVVNDWVJfOExhRUx1SmZ3QjN6OUNlZE41UTNEaFJGNGV5RWx6dGRvTHFYaVMweFp2TGl6SUU HTTP 302
https://www.google.com/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ1BPWG53WVE4OXJ4dWJXZ3c4MV9FaVlBTElBekRKSmZMQXRwbkNTcnBEa2hlUGVtVUFfOUM0dkN1bE9vckdxTUNhTENDTnBzcEEaWENoQUlnUE9YbndZUW1LdXI5WXpXMW9wREVpNEFLTy13LUVQVVNDWVJfOExhRUx1SmZ3QjN6OUNlZE41UTNEaFJGNGV5RWx6dGRvTHFYaVMweFp2TGl6SUU&is_vtc=1&ocp_id=E5vmY4TIMc6J-wac9bTYCA&cid=CAQSKQDUE5ym-64et9rx8t_zbTGcI-J6ej7rSFG-2HD6aP9JHaza7RvqLa_Q&eitems=ChEIgPOXnwYQ14m3jo6m8PW3ARIdACUMy7fPfsJVH98h8IuE4dCmt99B305t5lYxSWE&random=1479891590 HTTP 302
https://www.google.de/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ1BPWG53WVE4OXJ4dWJXZ3c4MV9FaVlBTElBekRKSmZMQXRwbkNTcnBEa2hlUGVtVUFfOUM0dkN1bE9vckdxTUNhTENDTnBzcEEaWENoQUlnUE9YbndZUW1LdXI5WXpXMW9wREVpNEFLTy13LUVQVVNDWVJfOExhRUx1SmZ3QjN6OUNlZE41UTNEaFJGNGV5RWx6dGRvTHFYaVMweFp2TGl6SUU&is_vtc=1&ocp_id=E5vmY4TIMc6J-wac9bTYCA&cid=CAQSKQDUE5ym-64et9rx8t_zbTGcI-J6ej7rSFG-2HD6aP9JHaza7RvqLa_Q&eitems=ChEIgPOXnwYQ14m3jo6m8PW3ARIdACUMy7fPfsJVH98h8IuE4dCmt99B305t5lYxSWE&random=1479891590&ipr=y&prhg=0

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ganhador-troller.html Show response
defender.retornar.com.br/
Redirect Chain

https://retornar.promo/ganhador-troller
https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller

13 KB
14 KB

308ms
57ms

Document
text/html

18.66.15.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6244e3b7c1cf8f41cfd0a805a4aaac81d34035a7d066f923e14c021882278f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 524
content-length: 13617
content-type: text/html
date: Fri, 10 Feb 2023 19:20:40 GMT
etag: "3e7c0a0518c2869eb2aba385d0024e04"
last-modified: Fri, 10 Feb 2023 12:11:11 GMT
server: AmazonS3
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id: 7akq0q00c5pCCSM5NW8gL82YO1HRX3oGg33hwJYiRHrOA1FkGOkO3Q==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront

Redirect headers

cache-control: private, max-age=90
content-length: 278
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 19:29:22 GMT
location: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
server: nginx
strict-transport-security: max-age=1209600

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
830 B 63ms
21ms Stylesheet
text/css 2a00:1450:400c:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8d3db080e839550ebd76d2f19ade1905db64bb8e25495b4d4d776d8b5a92331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 19:29:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 766 B
799 B 61ms
20ms Stylesheet
text/css 2a00:1450:400c:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Black&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e127c97d25e9ae8c1c89af0eb098bf6e64f32b2dae2a2fca4a507be48a3abf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 19:19:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 33ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 1900277
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: be050c61329891fb4ef880afd785a1b0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 797740d87c9a8fd4-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
cdn.retornar.com.br/retornar-bundle/css/externals/ 157 KB
23 KB 46ms
9ms Stylesheet
text/css 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/css/externals/bootstrap.min.css
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 08:02:02 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 14:22:42 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"354427046824973d20e1fc26926bc87e"
age: 41242
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: MPS8GlpJiGX_mUfBYUuMJDv3JJjTgLR_xEjLTDyqDNzzZ4lS7JsVaQ==

GET
H2 200 slick.css
cdn.retornar.com.br/retornar-bundle/css/externals/slick/ 2 KB
944 B 46ms
9ms Stylesheet
text/css 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/css/externals/slick/slick.css
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:23:22 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:23:52 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"b06073c5a23326dcc332b78d42c7290c"
age: 47162
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: VHCgwrokzxVDSjQcLY11Z64HW_blCxeBki9lXOiarBvB977iPjyIpw==

GET
H2 200 retornar-slick-theme2.css
cdn.retornar.com.br/retornar-bundle/css/externals/slick/ 3 KB
1 KB 47ms
10ms Stylesheet
text/css 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/css/externals/slick/retornar-slick-theme2.css
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9212c7a185cbb8645c3a84b2c5b0a62046c9508377725c83e51ac01fb66668f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: c1jDfVq54y65XU3ImrgQemAcSq8qaMyl
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
date: Fri, 10 Feb 2023 09:59:22 GMT
last-modified: Mon, 06 Feb 2023 19:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 34202
etag: W/"8dd568293a3a14727a49fc755e115639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: hdK9_5Rm95oCTgoV1RYP4MqjA_omZgAs86rAvV_7Wq5elGKWOiASsQ==

GET
H2 200 retornar-style.min.css
cdn.retornar.com.br/retornar-bundle/css/ 20 KB
5 KB 47ms
11ms Stylesheet
text/css 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/css/retornar-style.min.css
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a83bc5704c1e46edbf43280394e64a2eb3c8de15b9b2e5fcbed20904fcff88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 01:46:40 GMT
x-amz-version-id: Q1DAxICrQVrztaM9zmB2zALCIY8Aydmo
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 17:39:07 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"4778c917dd3896353af71f39aa54a547"
age: 63764
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: CP_xZsQzpTDQ7Un6sky7nvYC52MRvxRMhrwIVZ64BoPvja9za_fj6Q==

GET
H2 200 3267bfd680.js Show response
kit.fontawesome.com/ 11 KB
4 KB 96ms
33ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/3267bfd680.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3af7499cc4d9a9e9c2a502deb15f2afaef3f1bf99250cc5b0f2235c6e66747d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://defender.retornar.com.br/
Origin: https://defender.retornar.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 797740d8cac835e8-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0KNSrU7WPfJAlBDSrui

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 118 KB
46 KB 203ms
71ms Script
application/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-M5NW6XQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69288075700fd9d1081dfe4dcb0fd8c2557d5ba32ae2d0eb59cc911f3f4eba68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 logo-retornar-branco.png
cdn.retornar.com.br/retornar-bundle/img/ 8 KB
8 KB 12ms
12ms Image
image/png 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.retornar.com.br/retornar-bundle/img/logo-retornar-branco.png
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83dae993127a533a389ff40bd8024c56a320d84cfae3ccc1c8744e86d63cedc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: SA_LveztjGaSJjDa8IPUe0PU9l8kXMfg
date: Fri, 10 Feb 2023 19:20:40 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 17:12:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 524
etag: "27bf059b7414b8154f08de089519f8d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7870
x-amz-cf-id: RPwa0krTCi_KSLQ1aYb_GsZ7zHWrhWs67R08PWMlfApVodTT7LRRlg==

GET
H2 200 ganhador.png
defender.retornar.com.br/ 295 KB
295 KB 58ms
58ms Image
image/png 18.66.15.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defender.retornar.com.br/ganhador.png
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 818949cb0cb6be88db7f08bb2408c397ca09c4dd14fef516b7499631b2bf25fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:24:59 GMT
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
last-modified: Fri, 10 Feb 2023 12:09:30 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 265
etag: "a3690a4b68a428929e155599f5b21b29"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 301609
x-amz-cf-id: sIC5q5iNGfI4ev5Y0ebecEnDPZqxQt58e3vLoqSkWTRCkBOb7nsORw==

GET
H2 200 setas-baixo-rosa.png
cdn.retornar.com.br/retornar-bundle/img/ 2 KB
2 KB 12ms
12ms Image
image/png 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.retornar.com.br/retornar-bundle/img/setas-baixo-rosa.png
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e06519265d670100e6c6a3a853608c2ad63cf5e77036ae4d0a70d4648b14b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: xVJlmF7NdGxQjL_hjfkGb_wCHCFrkHJW
date: Fri, 10 Feb 2023 19:20:40 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 16:45:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 524
etag: "9a60e767621fd175867cd35aa9f484cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2156
x-amz-cf-id: 6w0Eia-K9oieTGzQgTpPoK_SZhsRowzoPMbRaXGYVCTabqmQDXPV7w==

GET
H2 200 next-icon.svg
cdn.retornar.com.br/retornar-bundle/img/ 371 B
759 B 9ms
8ms Image
image/svg+xml 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.retornar.com.br/retornar-bundle/img/next-icon.svg
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5948fc6074a6614faa032b8a73ce2bf0aa3b9117b895ee61593ff610795e1ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: lzQtnt_aVbT3N92WDwCDggxXalFg.Mgu
date: Fri, 10 Feb 2023 11:38:05 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Tue, 26 Jul 2022 17:48:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 28279
etag: "f82be3955b1834fd48822f98666a525d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 371
x-amz-cf-id: jmAnSeFkT2xAWOInRJzUrgFnGCXzxIc95TC3IbnLy5ZctAlaqSEOOg==

GET
H2 200 jquery-2.2.0.min.js Show response
cdn.retornar.com.br/retornar-bundle/js/externals/ 84 KB
30 KB 10ms
9ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/externals/jquery-2.2.0.min.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:40:07 GMT
x-amz-version-id: eemj40YMlp5q_eHetfGe0jqinMWWuH31
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 03:39:17 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"7805fd3edca37e7384cde43f6842f7fe"
age: 49757
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4Gqyegakdb0B2V8bEVWkuUo6205dSmo0d0RomIuT0vyimbs6dO63_w==

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.retornar.com.br/retornar-bundle/js/externals/ 79 KB
22 KB 10ms
9ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/externals/bootstrap.bundle.min.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a90b7a2a4a226871dedcdecf69fc5163c3246a175dbd58c819cbe2ce9352a764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:27:32 GMT
x-amz-version-id: obv7IsRKMxnaCEMUbzprpKdAsoSJBENk
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 03:39:08 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"466c216e1c6a72bd97f85d00d63efa1c"
age: 46912
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -x_7NL-piYGepCIoCAEZPfaiCOg7360beyJrK0mlK7KrDkwMWgnzlQ==

GET
H2 200 slick.min.js Show response
cdn.retornar.com.br/retornar-bundle/js/externals/ 42 KB
11 KB 9ms
8ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/externals/slick.min.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 03:20:10 GMT
x-amz-version-id: J1jmakjOOYptglFDRV3hJGWk2zKVAgBH
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 03:39:18 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"777da4aaf5b960636dec0fd4e50ba489"
age: 58154
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Og94kn-tLu0Nx0H6d2ZlHZDVRr5pJMI-9d5FbQrLSHAUlWZsoA2g9w==

GET
H2 200 defender-page-info.js Show response
cdn.retornar.com.br/retornar-bundle/js/data/ 13 KB
3 KB 9ms
8ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/data/defender-page-info.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe559a3b388571cdecb018ede712d0f6aee7e3aa1f10a87da7bf2914dcf7ec4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: YajI8cDpH7dZ0kxaAjrPK64ildfatviY
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
date: Fri, 10 Feb 2023 18:09:49 GMT
last-modified: Wed, 08 Feb 2023 12:29:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 5067
etag: W/"57934fe03e1aea6a01c088bba8ff8068"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uTaSktfFgn6D7sad_iRqxHcXdIkys9Tgr6SeUMnQ9Mg7gpgi5gSDGA==

GET
H2 200 base.js Show response
cdn.retornar.com.br/retornar-bundle/js/data/ 6 KB
2 KB 13ms
13ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/data/base.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e296862087127bde69cd0530ced5008229e24ee03a4aface7afa2cf84acb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:22:24 GMT
x-amz-version-id: tEd7EWIbqDWu2nPJsHdzGlXbkfBgsYlt
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 19:42:04 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"155d5e7906a28bbfcf093ae5f737ec23"
age: 420
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: FWNC5Uo6WwS0KjLPQIYFjsrdMMKhFLss7R3whQ2Op2OAHYbdQ9UM9g==

GET
H2 200 page-builder.js Show response
cdn.retornar.com.br/retornar-bundle/js/ 9 KB
2 KB 21ms
21ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/page-builder.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0eb2ba61ea90977a0e989606afb0a1d51e234d42b84ffa77a0626de3d1e55465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:22:24 GMT
x-amz-version-id: 3lb5lsKHg7vHHEuRtOTAPs9QNtiAN_Pt
content-encoding: gzip
last-modified: Wed, 25 Jan 2023 17:55:19 GMT
server: AmazonS3
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"c641f54347a7f45cce47db397487446b"
age: 420
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uE59oNTa6EAFYsofTO5Khgy_-9lM2VOW2NuRwDtIWAm7EsMwrbAy2A==

GET
H2 200 default.js Show response
cdn.retornar.com.br/retornar-bundle/js/ 27 KB
5 KB 9ms
9ms Script
application/javascript 13.225.78.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retornar.com.br/retornar-bundle/js/default.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 520855c6c007590a03ff8470bdf40d5771e9f9c5660631bd5dbe896d8e619f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: YlJBIipUgV7PKE8YIsgKaVBVoUprd50D
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
date: Fri, 10 Feb 2023 18:20:48 GMT
last-modified: Fri, 03 Feb 2023 17:33:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 43006
etag: W/"e69ee3e1b75be20af49c3822cc2a5291"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: F9rh_KX-_J-Hc7re6WrHYoEujC2pMgW4mKD2WqaIRfU-OqnR_lsnHA==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 49ms
16ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=3267bfd680
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3267bfd680.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
via: 1.1 b0c439f28ddbcb58cac8a530a312cd86.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-P1
age: 337
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPKV2qPj%2BQgugjdqV5cn3QkJ4JQoGf2UPRuNcgwxQNKi55k0CrNvEkU8Azg7GwX5%2Bku2YRKr4UmBv00s8T2RVAOmPi9IKtz64z8EXyJZB%2Fa%2FX2S7Ne1wiS1Sy%2BviqSd6OzyQumdUjuS4RbAYPEWee16G1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 797740d939b19b2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ytVGuTy4fcRHbIbT2zPnqY5uUQKEuXw4dTTSx1BwlgwW_KzIc2wqTQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 55ms
22ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=3267bfd680
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3267bfd680.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
via: 1.1 56abe0fedc00b031003c08f0306dae62.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
age: 337
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqQ5eIacfJi0HqvlWjtFa4dl7xyG0PEFrxuX%2B%2BC2W39SXuMlcpFTSVfAosKCB%2Fdbp9XSi62Q6PJnv4oFyKQdTbUJemFoaAx7d%2BZ3oGeOj%2Ben3ituZE2akRBHhrPko0DLePlNio8SI6F9q7VKLOn2Rtx%2F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 797740d939b49b2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -JgxM4CGQW4A30M0mEEnNth0OX8M2QWw2duSGThvZa1OGaiBY9Xo8w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 57ms
24ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=3267bfd680
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/3267bfd680.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
via: 1.1 a19127e21dc5a939819061334abff380.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
age: 337
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auVavb9dGFVfHnhKHJmnlwskj1Yn4PF8Vz8bllr%2FfSt0dg%2Bgc%2BXKENsAOsWvZYXUmh6m5Ya3C6QBTzDUgitdvkO0CbXfp%2BglAoov1OPqbkJdn4%2Fzy5Jw85JnjpPfpbNcWmXjVbFNbBJ3pEqjPiAWFyaYrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 797740d939b59b2d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 5pxRhwethnkxWEu6Huwgk3W8v0b7u8lE-OJJHwGi71jgAroro0hvgg==

GET
H2 200 universal-script Show response
178041.tracking.hyros.com/v1/lst/ 35 KB
35 KB 383ms
129ms Script
text/javascript 52.203.209.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.tracking.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!tracking
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.209.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-209-81.compute-1.amazonaws.com
Software: /
Resource Hash: 65866682cd88939fc251e85c1283dde6331a94a87d87836dc74fcb23bf385a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 35498
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 435 KB
100 KB 82ms
40ms Script
application/javascript 2a00:1450:400c:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::61 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b854f7940a605c95f8b03871ae4ba01431d4424fa18901208c208d55767b55b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101784
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 19:08:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 38ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 19:29:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WX/ipllwQhx5vt540wCuEiyl/QOrcpdgtgLRfAXSQOktOUBGpgZR366Lf8M1Aon2XgvStkjwB9NwzBKCtR5kjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bg-ganhador-troller.jpg
defender.retornar.com.br/ 57 KB
58 KB 61ms
60ms Image
image/jpeg 18.66.15.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://defender.retornar.com.br/bg-ganhador-troller.jpg
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2500a85e1ad3abfc314957c3419df525e0b8689596d059ae982abb5b67677014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:25:00 GMT
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 22:01:51 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 264
etag: "99e0e52b1d80996ceefb3f1fd4e990c2"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 58768
x-amz-cf-id: xh0puySuvWea5boQsXUaOZh3E0LiOIgDnX5B5VR6nSkK7Qf8kRzQDg==

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 77ms
38ms Font
font/woff2 2a00:1450:400c:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://defender.retornar.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 01:40:18 GMT
x-content-type-options: nosniff
age: 236945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 01:40:18 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 48ms
18ms Font
font/woff2 2a00:1450:400c:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://defender.retornar.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 21:33:44 GMT
x-content-type-options: nosniff
age: 251739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 21:33:44 GMT

GET
H2 200 kt50j4 Show response
streamable.com/e/ Frame 0DA0 82 KB
23 KB 143ms
118ms Document
text/html 151.101.193.63
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://streamable.com/e/kt50j4

Requested by

Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/js/externals/jquery-2.2.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.63 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

08598b7112caf5c3dbbce164e9bdb770fcea8d17a264f456c7be7a8cc4d2489c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://defender.retornar.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1429
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 23308
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 19:29:23 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=300
vary: X-UA-Device, Accept-Encoding, X-Username, X-Domain
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-cache-status: MISS
x-domain: defender.retornar.com.br
x-served-by: cache-iad-kcgs7200053-IAD, cache-hhn-etou8220046-HHN
x-timer: S1676057364.615873,VS0,VE108
x-ua-device: desktop

OPTIONS
H2 204 FluxoCliente
api.retornar.com.br/v1/Historico/ Frame 0
0 362ms
111ms Preflight 52.4.195.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retornar.com.br/v1/Historico/FluxoCliente
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.195.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-195-217.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://defender.retornar.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 10 Feb 2023 19:29:23 GMT
server: nginx/1.20.0

POST
H2 200 FluxoCliente Show response
api.retornar.com.br/v1/Historico/ 428 B
564 B 115ms
115ms XHR
application/json 52.4.195.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retornar.com.br/v1/Historico/FluxoCliente
Requested by: Host: cdn.retornar.com.br
URL: https://cdn.retornar.com.br/retornar-bundle/js/externals/jquery-2.2.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.195.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-195-217.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c200c82705bb55afc76754ccf68fc4bf3437930705d4b446447e214d3c2fdcff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 10 Feb 2023 19:29:24 GMT
server: nginx/1.20.0
api-supported-versions: 1
content-type: application/json; charset=utf-8

GET
H2 200 301043142104559 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 146ms
145ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301043142104559?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0678909458cddc493082c95f8194b140a70cdebec0049bb463c7acd26c381d11

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 10 Feb 2023 19:29:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +3g8LCR+9mjS1Z526A6e6Kf4jZdDPfa+h66d63R0BdD5iD8D1znRX6lI6DxFAHLd3OuqyIZNHbC3F6UeHDtLrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
18ms Script
text/javascript 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 17:49:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6017
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Feb 2023 19:49:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/368197779/ 2 KB
2 KB 64ms
25ms Script
text/javascript 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/368197779/?random=1676057363721&cv=11&fst=1676057363721&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&auid=2053579346.1676057364&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f12ee7ea8ef7c34ffcabc486e0acfa5747e10ce6feab20cf38c1d3347ad6fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 66ms
11ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
x-cdn: fastly
etag: "20dcf873ff1608d745dceb84d6857da6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 1146

GET
H2 200 universal-script Show response
178041.t.hyros.com/v1/lst/ 35 KB
35 KB 499ms
253ms Script
text/javascript 52.4.228.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.t.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!clicked
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.228.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-228-223.compute-1.amazonaws.com
Software: /
Resource Hash: 4f6b1feb94eafe8f03ff55659b8537e7abbc245723c1e040950639f83205a6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:24 GMT
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 35497
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 195ms
117ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9AN0BBC77U37LFVP64G&lib=ttq
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 917459a3aa5537aa793cd76450371e597bc53ec43816c1ff14dce8ea6bc2a08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 40cefa03
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=99
content-length: 1140
pragma: no-cache
server: nginx
x-tt-logid: 20230210192923C60B5DA7BA31DE43C022
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52c86d150ff72c38593a9f93856da20c9accee16ef842ef004a66540dc87bdfc63cf1e725b47b2a917ae4065cb206d85a11b736a157a36ec833ca27a539ac0f915
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1251017/ 58 KB
18 KB 270ms
206ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af213070c52bee2fae373230aaf03ca6e8fb6fde61142d289f57ce1413181d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: 4fi6ubJ168yMadL8Tz8UTN2N.bhEytHq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 10 Feb 2023 19:29:23 GMT
x-amz-request-id: 9GGWYK4YJ0H92CM7
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18387
x-amz-id-2: ficvtk6NWZuqWVTuL2C/11MzUNxZuH/caE3jzj4Xfv37XC51QJTzIoVTjlh5pPFMd4D0hcSLRlQ=
x-served-by: cache-hhn-etou8220094-HHN
last-modified: Sun, 05 Feb 2023 11:39:23 GMT
server: AmazonS3
x-timer: S1676057364.816034,VS0,VE184
etag: "d1f03e5385d260a0df8c6639675d5a5c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 201ms
125ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8IK5A8394AVM200AV6G&lib=ttq
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 66c11bc329ce7e8e89eb0a33f674d421c31d2bec5c0c7a18229d7230f2415e2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 40cefa11
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=4, origin; dur=99
content-length: 1145
pragma: no-cache
server: nginx
x-tt-logid: 202302101929239E97D6DF805D2D593CBE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52b20c056b04fee943b9c690f742be1b2ad6657ad44b05b34beb8d31301fc744b641fa014fd187972142e4899d73cd5de428852d26d2bc9fabed8151523817a7d7
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
78 KB 26ms
25ms Script
application/javascript 2a00:1450:400c:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::61 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

587aa64b5b5fe9e3a0e27af0a74362fc51a4e48812542e548ec48a08e4172bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 34ms
33ms Script
application/javascript 2a00:1450:400c:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PPZ507RHL2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::61 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57eadc3f583c849eaf0a59b808a5f3d14f01f829e7bcadab78075a896f601e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Feb 2023 19:29:23 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/368197779/ 2 KB
2 KB 80ms
27ms Script
text/javascript 74.125.140.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/368197779/?random=1676057363729&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&bttype=purchase&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2SXZL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f156.1e100.net

Software

cafe /

Resource Hash

56b02536841ea2e61adc057e5f8218e736427bc101363ffcae4d51ab163cf79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1420
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OpenSansLocal.css
statics.streamable.com/fonts/ Frame 0DA0 1 KB
1 KB 99ms
12ms Stylesheet
text/css 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.streamable.com/fonts/OpenSansLocal.css
Requested by: Host: streamable.com
URL: https://streamable.com/e/kt50j4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-59-220-194.bunnyinfra.net
Software: BunnyCDN-DE1-713 /
Resource Hash: feb474414d4762c8c1ab35647ecc8da901fdd8e971eb6384a58c5a6fe2355efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: br
cdn-edgestorageid: 1075
x-amz-request-id: FDXA3GRCZZY5WH15
cdn-cachedat: 01/04/2023 07:40:45
cdn-pullzone: 33385
x-amz-id-2: nRF9WqkyWHDjEnHQZYpMRn60++WSC+fFz4zjIGbFhc141hCeRRDtPZB5Y29wzt7aQ4JxVX8fRTI=
last-modified: Thu, 07 Mar 2019 18:51:03 GMT
server: BunnyCDN-DE1-713
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"b338111f7c355ce1a0c88829fa0a7366"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 255cf631-b054-4e67-82b4-c62b6a93a2a5
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: a780c51e022b80a0b1772b5b0054318b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kt50j4.jpg
cdn-cf-east.streamable.com/image/ Frame 0DA0 314 KB
314 KB 46ms
11ms Image
image/jpg 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cf-east.streamable.com/image/kt50j4.jpg?Expires=1676315100&Signature=ZjFdmiwGBHbYGvBzHyRfRWKqq~m~sINAhFj4xyVJgtzrTeMLUMJRdDome1L0516D2KcDxYOsfrppJjrRx9BCcRCa21wOo0k~K2iul0msrh13ZWFe3c4tld-oXJmYUuqxiz5FkO-wook9INrK4jHNzQiIY19JRkjTiFU48xflQ2D1RQoq5gycnSJGieTJxxh0CkbN2198FMap4aijWE6JJ4befQ0bx8yi-7lZ8-AKWRobPYJQQhaAnCAWqOfAdknwSS3m-q50R4EmQP561C2~8b8cfjb-V2-RHaqtHUhLJJqnQTpu5A0Vkf0Kq~yU1SQRjms~OwTsBn0WtPkBqtq8QA__&Key-Pair-Id=APKAIEYUVEN4EVB2OKEQ
Requested by: Host: streamable.com
URL: https://streamable.com/e/kt50j4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70d6bf943f173fee1a140000d2a8f0810ee9c39043d5eb2544626af68c0eaa65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 23:14:21 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 18:23:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 245703
etag: "35920f8b429ed6b1f5b8faab95a947fc"
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: max-age=315360000
content-disposition: attachment;
accept-ranges: bytes
content-length: 321109
x-amz-cf-id: b_RRHMWj3a8jQX9BZmN_LvbonlphXqI1g99tuiU5qhkUUaoBTL7uPQ==

GET
H2 200 4j5423q5lrk5qbu6g2lejvmwymhtj4.png
cdn-cf-east.streamable.com/watermark/ Frame 0DA0 5 KB
5 KB 15ms
15ms Image
image/png 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cf-east.streamable.com/watermark/4j5423q5lrk5qbu6g2lejvmwymhtj4.png?Expires=1676315100&Signature=gCUpmz0LcI-6PzVA1paCOkMJ8LnECzxSzmwvdtXJKsWQMmXDG6sdem2qQ5ho10rnCctbkn1v2U1uBbK4vhNC-i5yZen9PArX-1UMYOzgzvJ5EBvFfR1q2jEMz0ZD7cpr5eyJ66qSKWv4lMH07cC3dmATSJFCW~wwhRM5haGSiflGQBqAAtJ3VOPhN0O2h-9r8wYNtU02LkRv5ao4OyESpwfT0SA5XONsD8ua9EYCD-9aTvqVi59uz8TB0Aqva4AaNbe3FN4uVk67TBJFAp3rsX5YBk0bWouVZHxjdkUrcKhPJdnOXpToTe8IN-xRzSoBxuacIMg2AaZV5NYQjpZfkA__&Key-Pair-Id=APKAIEYUVEN4EVB2OKEQ
Requested by: Host: streamable.com
URL: https://streamable.com/e/kt50j4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68debada09ee578c27557f3f4360930a9efdb3e08c4d02686690ba5851c03845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:23:21 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified: Wed, 02 Mar 2022 12:40:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 7563
etag: "86ef8056f3db65b6941b4145d1b6b35e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5070
x-amz-cf-id: I3QwhWChWjrqg3_Vqx9wYh2XSUxYUoANYa4UKvWUEblc8cu8mbQnRA==

GET
H2 200 player.js Show response
v.embed-cdn.com/v16/ Frame 0DA0 225 KB
78 KB 215ms
7ms Script
application/javascript 169.150.247.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://v.embed-cdn.com/v16/player.js
Requested by: Host: streamable.com
URL: https://streamable.com/e/kt50j4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.34 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-247-34.datapacket.com
Software: BunnyCDN-DE1-1077 /
Resource Hash: 42358034ab02462b6a97d66ff3cbf51673c8af6d7a3426f68b7e222299fc28e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:24 GMT
content-encoding: br
cdn-edgestorageid: 752
x-amz-request-id: YTEJ8PE30PKDV2BW
cdn-cachedat: 11/29/2022 10:48:06
cdn-pullzone: 33379
x-amz-id-2: PiV8JEqPyA77sgU87lv+4LtHlWmiOHNpqILeYvyE1r1LqOV/Vf0Zk6lRb4VmQyVK7c+Hhd+FxYw=
last-modified: Fri, 12 Nov 2021 19:58:03 GMT
server: BunnyCDN-DE1-1077
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"92cdcfc567cf6cb01c864ced6d59de85"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 255cf631-b054-4e67-82b4-c62b6a93a2a5
cache-control: public, max-age=2592000
cdn-requestid: b007c797b94e10c3a372930a9351de80
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 player-0.1.0.min.js Show response
cdn.embed.ly/ Frame 0DA0 14 KB
4 KB 112ms
26ms Script
application/javascript 104.16.89.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embed.ly/player-0.1.0.min.js
Requested by: Host: streamable.com
URL: https://streamable.com/e/kt50j4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:24 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2017 18:33:09 GMT
server: cloudflare
x-amz-request-id: 344NDGP4TJ3RKZ3S
age: 134
etag: W/"19b624e7fe7a86b4c7851ed61e250626"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 797740dd583f3a43-FRA
x-amz-id-2: RjWzS+QSeikEk5fOj8gzf/kiFc3hOBr59wTT7Uxs/l9HgPrc9p3fqq3i9RmOAHUbWt8e2d/FyE0=
expires: Fri, 10 Feb 2023 23:29:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 55ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67880276-28&cid=839591021.1676057364&jid=1053695605&gjid=1461978869&_gid=496237237.1676057364&_u=YGBAgEABAAAAAEAAI~&z=2104304936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Feb 2023 19:29:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
153 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=324053113&t=pageview&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAGAAI~&jid=995944708&gjid=1919004697&cid=839591021.1676057364&tid=UA-67880276-29&_gid=496237237.1676057364&_r=1&_slc=1&gtm=45He3280n81W2SXZL3&z=765065338

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=pageview&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1053695605&gjid=1461978869&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=878232423

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 09:12:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37032
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 210ms
191ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301043142104559&ev=ViewContent&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&rl=&if=false&ts=1676057363834&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.2.1676057363830.1168437642&it=1676057363605&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:29:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
13ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301043142104559&ev=PageView&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&rl=&if=false&ts=1676057363836&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&cs_est=true&fbp=fb.2.1676057363830.1168437642&it=1676057363605&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:29:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 32ms
14ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301043142104559&ev=PageView&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&rl=&if=false&ts=1676057363838&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&cs_est=true&fbp=fb.2.1676057363830.1168437642&it=1676057363605&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:29:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 72ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJ98H6EZX&gtm=45je3280&_p=324053113&_gaz=1&cid=839591021.1676057364&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676057363&sct=1&seg=0&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 18ms
18ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WFJ98H6EZX&cid=839591021.1676057364&gtm=45je3280&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 76ms
38ms Image
image/gif 2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WFJ98H6EZX&cid=839591021.1676057364&gtm=45je3280&aip=1&z=1863337342

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/368197779/ 42 B
455 B 197ms
76ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/368197779/?random=1676057363721&cv=11&fst=1676055600000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&fmt=3&is_vtc=1&random=1217138498&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/368197779/ 42 B
455 B 35ms
25ms Image
image/gif 2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/368197779/?random=1676057363721&cv=11&fst=1676055600000&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&fmt=3&is_vtc=1&random=1217138498&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 22ms
22ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67880276-29&cid=839591021.1676057364&jid=995944708&gjid=1919004697&_gid=496237237.1676057364&_u=YGDAAEABAAAAAGAAI~&z=460274340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Feb 2023 19:29:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 170ms
86ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67880276-28&cid=839591021.1676057364&jid=1053695605&_u=YGBAgEABAAAAAEAAI~&z=1144644828

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 111ms
110ms Image
image/gif 2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67880276-28&cid=839591021.1676057364&jid=1053695605&_u=YGBAgEABAAAAAEAAI~&z=1144644828

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.57992c41.js Show response
s.pinimg.com/ct/lib/ 56 KB
19 KB 12ms
11ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:23 GMT
content-encoding: gzip
x-cdn: fastly
etag: "a2989b2a8a5c2cde42b6a5ab4aadbe8c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 19688

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PPZ507RHL2&gtm=45je3280&_p=324053113&_gaz=1&cid=839591021.1676057364&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676057363&sct=1&seg=0&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPZ507RHL2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 20ms
20ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PPZ507RHL2&cid=839591021.1676057364&gtm=45je3280&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPZ507RHL2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 110ms
110ms Image
image/gif 2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PPZ507RHL2&cid=839591021.1676057364&gtm=45je3280&aip=1&z=2050391

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 144ms
86ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67880276-29&cid=839591021.1676057364&jid=995944708&_u=YGDAAEABAAAAAGAAI~&z=451802088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 106ms
104ms Image
image/gif 2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67880276-29&cid=839591021.1676057364&jid=995944708&_u=YGDAAEABAAAAAGAAI~&z=451802088

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/368197779/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBy...
https://www.google.com/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadser...

42 B
64 B

33ms
32ms

Image
image/gif

2a00:1450:400c:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ1BPWG53WVE4OXJ4dWJXZ3c4MV9FaVlBTElBekRKSmZMQXRwbkNTcnBEa2hlUGVtVUFfOUM0dkN1bE9vckdxTUNhTENDTnBzcEEaWENoQUlnUE9YbndZUW1LdXI5WXpXMW9wREVpNEFLTy13LUVQVVNDWVJfOExhRUx1SmZ3QjN6OUNlZE41UTNEaFJGNGV5RWx6dGRvTHFYaVMweFp2TGl6SUU&is_vtc=1&ocp_id=E5vmY4TIMc6J-wac9bTYCA&cid=CAQSKQDUE5ym-64et9rx8t_zbTGcI-J6ej7rSFG-2HD6aP9JHaza7RvqLa_Q&eitems=ChEIgPOXnwYQ14m3jo6m8PW3ARIdACUMy7fPfsJVH98h8IuE4dCmt99B305t5lYxSWE&random=1479891590&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:400c:c04::5e Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/368197779/?random=880672277&cv=11&fst=1676057363729&bg=ffffff&guid=ON&async=1&gtm=45He3280&u_w=1600&u_h=1200&label=RM6KCPn6lZMCEJOBya8B&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tiba=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&value=0&currency_code=BRL&auid=2053579346.1676057364&ec_mode=m&uamb=0&uaw=0&em=tv.1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ1BPWG53WVE4OXJ4dWJXZ3c4MV9FaVlBTElBekRKSmZMQXRwbkNTcnBEa2hlUGVtVUFfOUM0dkN1bE9vckdxTUNhTENDTnBzcEEaWENoQUlnUE9YbndZUW1LdXI5WXpXMW9wREVpNEFLTy13LUVQVVNDWVJfOExhRUx1SmZ3QjN6OUNlZE41UTNEaFJGNGV5RWx6dGRvTHFYaVMweFp2TGl6SUU&is_vtc=1&ocp_id=E5vmY4TIMc6J-wac9bTYCA&cid=CAQSKQDUE5ym-64et9rx8t_zbTGcI-J6ej7rSFG-2HD6aP9JHaza7RvqLa_Q&eitems=ChEIgPOXnwYQ14m3jo6m8PW3ARIdACUMy7fPfsJVH98h8IuE4dCmt99B305t5lYxSWE&random=1479891590&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0DA0 49 KB
20 KB 28ms
27ms Script
text/javascript 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamable.com
URL: https://streamable.com/e/kt50j4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://streamable.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 17:49:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6017
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Feb 2023 19:49:06 GMT

GET
DATA 200
OK truncated
/ Frame 0DA0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.MWNiNWY1N2YyNQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 278 KB
73 KB 12ms
9ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9AN0BBC77U37LFVP64G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 40cefdcc
date: Fri, 10 Feb 2023 19:29:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023020721085263B0D7597D2D4A5DD9E4
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f5f3a5e461bba69717514d4d084f61642d38602e4f190de030a3dbb000b22760b92d6e7b46ae7439780d05085a51b6908674a17e9424ff8c287158a991f27877607eb7056d1113745fa97feaafa5249297f47502c659fb472e6ad985afb7a320
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 73559

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
765 B 69ms
36ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613555258822&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1676057364026&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pin-unauth: dWlkPVlqWTVPRGhtTVRjdE16ZGpaUzAwTmpGbUxXSmxPVEl0WVdaa01HTTVPV001TkdFMA
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 10 Feb 2023 19:29:24 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1211081450127271
content-length: 380
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 538 B
493 B 72ms
40ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613555258822&cb=1676057364028&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pin-unauth: dWlkPU9EY3dOR1l3WkRFdE9UQTBZeTAwTkdOa0xUZ3hZVGd0TVRBME5EWm1NMk0yTkRjNQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Fri, 10 Feb 2023 19:29:24 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1481815505126388
content-length: 380
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 68ms
38ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613555258822&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1676057364030
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 6931750443496941
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1251017/trc/3/ 2 KB
2 KB 36ms
27ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1251017/trc/3/json?tim=1676057364042&data=%7B%22id%22%3A347%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1676057364031%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftroller.retornar.com.br%3Futm_source%3Durl_share%26utm_campaign%3Ddesbravador-lp%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-administradorretornarcombr%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1676057364040%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bc4a19151f86de23414bc3af83217a13e353c24572d8908a41aa0a66bd97e6cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Fri, 10 Feb 2023 19:29:24 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220094-HHN
server: nginx
x-timer: S1676057364.054788,VS0,VE20
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 15ms
14ms Script
application/javascript 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 40ceff38
date: Fri, 10 Feb 2023 19:29:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023020721083335CB3867FCDB10B4D9C0
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010f650daa3087f41137b91298a8a8a6b757f1b46c92ffd0f91a99b0308953547a0731d441c3adaad2f65699d3e15b6bb080b4de2e0ed50d070b3b6997fb63fa64cd6fec91bec550772cd823c3cf17fd2ea19371426e442c7da5670f73fa75ed20
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 30861

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 179ms
179ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ad83289.40cf00a7
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 145,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=8, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924A69AFC3C792B534C429E
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.8
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52c104eb63065b099c863edccb5f8f2c124ef8108833da148d58c777ca742435cd9b2a2ba3358ab7d3fce7ce1ecad71a238039cdde39aa37e387f5ebdb878358dfa8b03e31db176f0d5553ee167648ddda
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
692 B 180ms
179ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2259046f.40cf00a8
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 138,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=148, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924C129F6A6E9FDFC750455
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.16
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52b61ccd6b650244ebc1aa1c8b04ea67ce269d1290f70517c85dfc8f2481843a8e72962192fcdfd3cc959337ea3d7da74e15c5c0fbfaa3c1e45cd6475f9175bc97cdd06a0bae40b8f575172d07f4936db3
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
694 B 180ms
179ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 555ea8a1.40cf00a9
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 134,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=20, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924E98D4ACDCD280C3B4633
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.104.19
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f5201986b576c71196004b6219392049795b468c1c583f1883b384606a873dd8792162166b0304c0d32c5b236a27305d750d980c8a3c6e9c0fd4b465f63858367ef1bf58c814a08b0f585fbfc508c406a15
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
692 B 189ms
188ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 266dac44.40cf0176
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 115,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=124, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924D9566DE5D1F306612E7A
x-cache-remote: TCP_MISS from a23-220-104-6.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.6
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f527dc8644eb97eed358fceba6560f4218309a5a2fb71f12ceb0ffff7889509604890780137d87187637f54cb4bc5f98f9add000508e3690ca334c70619630b949a2e13e51a8494a6c23d37549e6d7abbf0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
697 B 303ms
303ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c8c068f2.40cf01d0
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 235,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=148, inner; dur=144
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302101929240C0A73E794D8008F8B4F
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 148,23.220.104.7
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f526f672437e81f2dc9ae45db41a1dce90baf5dc3eb5a199336978b32be264c2d573297f2446a73e46b3e0fcbc804a632a81849c0c6217d249fb657de27bb4d66452cab38e402997bb6bf4ae36129fb0f9c
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
553 B 194ms
194ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01d1
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2023021019292402831D19E4897CBDFA4D
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52cd73c611c2da50cd831619b0ed56c405c8116895c0ba54eb1fecdb8fddea94a7194d483c872b030ad7091b6e477f32c4d0923dd3e5d1bb43d6b6f65c04ed2b94
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=12, origin; dur=112
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
554 B 191ms
190ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01d2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210192924FBBE6469AF51BF5FD14B
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52cee099475148682da2b7c5448f1d9b6ed95986e3d30c61d8ddf4daf0900e6d56b165939567629be8c09c4f4aa487d23852b909abd36bce08b20deb420c561da7
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=12, origin; dur=106
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 193ms
192ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01d3
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302101929247123318D42D9A03B600B
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52cb57a3627d0568ed2984eb9d4abe3f978aa01d542dac7f2fabedf076aefa75a922b16e65187809385db7f7df8cb31d2327b7d7b91f7c2ed2e113767278912844
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=10, origin; dur=103
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
697 B 303ms
302ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 58b883f3.40cf01d4
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 225,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=132, inner; dur=130
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924467E14E9E2923D53575C
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,23.220.104.11
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f529fbd6cfab2f6c2235dc9027ff10629d263ef398873e0c36728f5071a7c3af545895059a3861397a7acc3c452ba05a293a45e0c10413f88bbd2155a7f9308ab9d0a6924e3d973a69e2f3dca6705a98335
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
552 B 191ms
190ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01d5
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202302101929241BF97931CCDEB604133B
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52a429563355fbd0d22082908ea22e4957871498ded0ff417f08b5325d3f729d2f83af663aa641d0714a21e8eb603e5ab3a996a44b3219e9cabe5bf76eecaa1fd2
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=7, origin; dur=101
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 199ms
196ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 555eab75.40cf01d7
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 120,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=25, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302101929242CE62E98D1EECF2A6B3D
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.220.104.19
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f5201986b576c71196004b6219392049795845602f8f99974f13710bcbe1901208812e4b1628ab4fc94cb38bf481860023125a819899ffb674c1ab42d24283dcea7898871b17bfc0ee05f7df4e439793cd4
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
554 B 190ms
189ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01d9
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210192924AE5E589635041E3E36AF
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52d699ab6458718b31c4480752a644ded41a9c7d27a3eb97cf8b86e47741ceaedb9137d2452f5b9ee384a886c65c0049ef7573d778e13b42ca53003481bed5c535
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=4, origin; dur=106
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 200ms
198ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 53a9f177.40cf01da
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 110,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=24, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230210192924427375386D67B22F9C6A
x-cache-remote: TCP_MISS from a23-220-104-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.104.20
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f5294d7e0e187d1cfaa5a79f9d4fae7f0660378d23a2965ecf72b754df1e4c4a8e2416a4d5d4eebeef8d1097e82897d82e8a777cd6257cda569a9c4247efee6383a6f0abbf59c0404bc848f4c3a548fe60b
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
555 B 319ms
318ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01dc
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210192924C60B5DA7BA31DE43C042
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 223,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52c86d150ff72c38593a9f93856da20c9accee16ef842ef004a66540dc87bdfc6380709d446e9c27dbafb295406fa00236fc1372e0f37e0d98f33d963ac372bcd3
server-timing: inner; dur=133, cdn-cache; desc=MISS, edge; dur=4, origin; dur=223
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
693 B 272ms
270ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c8c042bd.40cf01dd
date: Fri, 10 Feb 2023 19:29:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 179,23.36.161.138
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=91, inner; dur=87
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302101929243A48C739C3D373407730
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.220.104.7
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f526f672437e81f2dc9ae45db41a1dce90b7337482ccceb4a7b7ed3603645c18fdc7a70faf1441895ff3d76b24528ff5621cc8e33b778fee5f40e3165c43cd8406bb6215e984b1edb01b7aa2bbadfcada36
expires: Fri, 10 Feb 2023 19:29:24 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
554 B 433ms
429ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf01de
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2023021019292447759A850D14CFBCED8F
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 331,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52cd73c611c2da50cd831619b0ed56c4051d6c6d6c33d6674d8801dd437f10552c4afc3fe34e0d82c934d24b0c56834a08521ed7ae225f88e28b3c3bb9a5a76edb
server-timing: inner; dur=234, cdn-cache; desc=MISS, edge; dur=9, origin; dur=330
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

GET
H2 200 gusid Show response
178041.t.hyros.com/v1/lst/ 0
437 B 116ms
115ms XHR
text/plain 52.4.228.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller
Requested by: Host: 178041.tracking.hyros.com
URL: https://178041.tracking.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.228.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-228-223.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
Product-ID: 178041
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:29:24 GMT
session-id: HB-ET_56ed1ea28bfbff996fa4bdf64a9e5637269af5f9610ed8946e41c177f3c029b8
etag: HB-ET_56ed1ea28bfbff996fa4bdf64a9e5637269af5f9610ed8946e41c177f3c029b8
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
327 B 59ms
58ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613555258822&cb=1676057364271&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPVlqWTVPRGhtTVRjdE16ZGpaUzAwTmpGbUxXSmxPVEl0WVdaa01HTTVPV001TkdFMA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: defender.retornar.com.br
URL: https://defender.retornar.com.br/ganhador-troller.html?el=sms-ganhador-troller&utm_source=sms&utm_medium=sms&utm_campaign=sms-troller-20230209&utm_content=sms-ganhador-troller
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 3446303085233116
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 gusid
178041.t.hyros.com/v1/lst/ Frame 0
0 349ms
129ms Preflight 52.4.228.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.228.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-228-223.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://defender.retornar.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 10 Feb 2023 19:29:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 204 unip Show response
trc.taboola.com/1251017/log/3/ 0
112 B 30ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1251017/log/3/unip?en=view_content&tim=1676057364045&vi=1676057364031&ri=676cae7220a8ad671409944e540d6ee3&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&tos=242&ssd=1&scd=0&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220094-HHN
server: nginx
x-timer: S1676057364.295438,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://defender.retornar.com.br
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
554 B 238ms
235ms Ping
text/plain 23.36.163.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:24 GMT
x-akamai-request-id: 40cf03a4
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230210192924F3A1F2B05F097553C818
x-cache: TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 179,23.36.161.138
x-tt-trace-host: 01d95a68b09e44b8dcd55042dc6a3d9954d6b68968504357f1a12875e27e545f52cbc083f18bb0ab4eb541852c530f9567efa9d2bcd2fd2512f62f8d03446813540c720653f2477412722e3c4c377ea61fb62a4f13108d21d4dff6dbd2f160eddf
server-timing: inner; dur=86, cdn-cache; desc=MISS, edge; dur=11, origin; dur=179
content-length: 0
expires: Fri, 10 Feb 2023 19:29:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301043142104559&ev=Microdata&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&rl=&if=false&ts=1676057364351&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR%22%2C%22meta%3Adescription%22%3A%22Conhe%C3%A7a%20o%20ganhador%20do%20Troller%20T4%20XLT%203.2%20da%20Retornar.%20O%20n%C3%BAmero%20contemplado%20foi%20o%2016771%2C%20do%20participante%20George%20Tada.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.retornar.com.br%2Fretornar-bundle%2Fimg%2Fprodutos%2Ftroller-laranja%2Ftroller-slide-2.jpg%22%2C%22og%3Atitle%22%3A%22Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR%22%2C%22og%3Adescription%22%3A%22Conhe%C3%A7a%20o%20ganhador%20do%20Troller%20T4%20XLT%203.2%20da%20Retornar.%20O%20n%C3%BAmero%20contemplado%20foi%20o%2016771%2C%20do%20participante%20George%20Tada.%22%2C%22og%3Aimage%3Awidth%22%3A%221300%22%2C%22og%3Aimage%3Aheight%22%3A%22900%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftroller.retornar.com.br%3Futm_source%3Durl_share%26utm_campaign%3Ddesbravador-lp%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.2.1676057363830.1168437642&it=1676057363605&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 10 Feb 2023 19:29:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 261A 565 B
400 B 56ms
38ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://defender.retornar.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 19:29:24 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5348329282851541

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
18ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=10&el=percent&_u=aGDAgEABAAAAAGAAI~&jid=&gjid=&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=390949250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
19ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25&el=percent&_u=aGDAgEABAAAAAGAAI~&jid=&gjid=&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=230002317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
19ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50&el=percent&_u=aGDAgEABAAAAAGAAI~&jid=&gjid=&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=1830043836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
20ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75&el=percent&_u=aGDAgEABAAAAAGAAI~&jid=&gjid=&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=144123851

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
19ms Image
image/gif 2a00:1450:400c:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=324053113&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ul=en-us&de=UTF-8&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100&el=percent&_u=aGDAgEABAAAAAGAAI~&jid=&gjid=&cid=839591021.1676057364&tid=UA-67880276-28&_gid=496237237.1676057364&gtm=45He3280n81W2SXZL3&z=250397121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pc Show response
178041.t.hyros.com/v1/lst/ 117 B
375 B 114ms
114ms XHR
application/json 52.4.228.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.t.hyros.com/v1/lst/pc?sl=sms-ganhador-troller&is_el=true&ref_url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&fbp_id=301043142104559&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.77+Safari%2F537.36
Requested by: Host: 178041.tracking.hyros.com
URL: https://178041.tracking.hyros.com/v1/lst/universal-script?ph=25b17b42ce28d29d5a2fce82866a8885a165a55a9f10b7c267aa99b8ef9d7ce2&tag=!tracking
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.228.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-228-223.compute-1.amazonaws.com
Software: /
Resource Hash: 30fe192af174bc6a84eed3844ebe7b26fd8a7e262888d46aebf66593b1f7727f

Request headers

Session-ID: HB-ET_56ed1ea28bfbff996fa4bdf64a9e5637269af5f9610ed8946e41c177f3c029b8
Product-ID: 178041
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer: https://defender.retornar.com.br/
Access-Control-Allow-Headers: *

Response headers

date: Fri, 10 Feb 2023 19:29:24 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-length: 117

OPTIONS
H2 200 pc
178041.t.hyros.com/v1/lst/ Frame 0
0 105ms
105ms Preflight 52.4.228.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://178041.t.hyros.com/v1/lst/pc?sl=sms-ganhador-troller&is_el=true&ref_url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&fbp_id=301043142104559&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.77+Safari%2F537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.228.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-228-223.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://defender.retornar.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://defender.retornar.com.br
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 10 Feb 2023 19:29:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 204 unip Show response
trc-events.taboola.com/1251017/log/3/ 0
253 B 241ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=1728&scd=0&ssd=1&est=1676057364035&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1676057365765&vi=1676057364031&ri=676cae7220a8ad671409944e540d6ee3&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://defender.retornar.com.br
pragma: no-cache
date: Fri, 10 Feb 2023 19:29:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1251017/log/3/ 0
252 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1251017/log/3/unip?en=pre_d_eng_tb&tos=4729&scd=0&ssd=1&est=1676057364035&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1676057368767&vi=1676057364031&ri=676cae7220a8ad671409944e540d6ee3&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1251017/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://defender.retornar.com.br
pragma: no-cache
date: Fri, 10 Feb 2023 19:29:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WFJ98H6EZX&gtm=45je3280&_p=324053113&cid=839591021.1676057364&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676057363&sct=1&seg=0&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&en=scroll&epn.percent_scrolled=90&_et=39
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WFJ98H6EZX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://defender.retornar.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PPZ507RHL2&gtm=45je3280&_p=324053113&cid=839591021.1676057364&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1676057363&sct=1&seg=0&dl=https%3A%2F%2Fdefender.retornar.com.br%2Fganhador-troller.html%3Fel%3Dsms-ganhador-troller%26utm_source%3Dsms%26utm_medium%3Dsms%26utm_campaign%3Dsms-troller-20230209%26utm_content%3Dsms-ganhador-troller&dt=Ganhador%20do%20Troller%20T4%20XLT%203.2%20-%20George%20Tada%20-%20Promo%C3%A7%C3%A3o%20Retornar%20e%20Voc%C3%AA%20de%20Troller%20-%20RETORNAR&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPZ507RHL2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://defender.retornar.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 19:29:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://defender.retornar.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
178041.t.hyros.com/v1/lst	1969-12-31 23:59:59	Name: Value: HB-ET_56ed1ea28bfbff996fa4bdf64a9e5637269af5f9610ed8946e41c177f3c029b8
.retornar.promo/	1970-01-20 13:53:29	Name: _bit Value: n1ajtm-f7e96138204b98ad35-00n
.retornar.com.br/	1970-01-20 11:43:53	Name: _gcl_au Value: 1.1.2053579346.1676057364
.retornar.com.br/	1970-01-20 09:35:43	Name: _gid Value: GA1.3.496237237.1676057364
.retornar.com.br/	1970-01-20 09:34:17	Name: _dc_gtm_UA-67880276-28 Value: 1
.retornar.com.br/	1970-01-20 09:34:17	Name: _gat_UA-67880276-29 Value: 1
.retornar.com.br/	1970-01-20 11:43:53	Name: _fbp Value: fb.2.1676057363830.1168437642
.retornar.com.br/	1970-01-20 19:10:17	Name: _ga_WFJ98H6EZX Value: GS1.1.1676057363.1.0.1676057363.60.0.0
.tiktok.com/	1970-01-20 18:55:53	Name: _ttp Value: 2LYoQq2zUh5ube74385RMYOyqKC
.retornar.com.br/	1970-01-20 19:10:17	Name: _ga_PPZ507RHL2 Value: GS1.1.1676057363.1.0.1676057363.60.0.0
.doubleclick.net/	1970-01-20 18:55:53	Name: IDE Value: AHWqTUmuG3Zm5cSECR1XFu6vGiFSXmEgLRCYQb1rbXOmOhOKqApKX9SReSkco0nF
.retornar.com.br/	1970-01-20 18:55:53	Name: _tt_enable_cookie Value: 1
.retornar.com.br/	1970-01-20 18:55:53	Name: _ttp Value: j8XevKwVtgxsVEZY9HwtztRdLfi
.defender.retornar.com.br/	1970-01-20 18:19:53	Name: _pin_unauth Value: dWlkPVlqWTVPRGhtTVRjdE16ZGpaUzAwTmpGbUxXSmxPVEl0WVdaa01HTTVPV001TkdFMA
.ct.pinterest.com/	1970-01-20 18:19:53	Name: _pinterest_ct_ua Value: "TWc9PSZYeHZlazhFR2JDUFBKc1RKNys0ZG5XWDhsR2o5ZU41UzBwR1o5ZUNYZ1YrRUZXdFg4cGUrbjN5eU5WNlVobFoxTS81dW4wTFUyd2xJVkN3aktEWW5BQ05HRnIyMDhIeEtudEFmSjNwTXFhVT0mUzR3VXZOTUFLbTRlbm4yY0JuOFQvems3OXNZPQ=="
.retornar.com.br/	1970-01-20 19:10:17	Name: _ga Value: GA1.3.839591021.1676057364

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178041.t.hyros.com
178041.tracking.hyros.com
analytics.tiktok.com
api.retornar.com.br
cdn-cf-east.streamable.com
cdn.embed.ly
cdn.retornar.com.br
cdn.taboola.com
connect.facebook.net
ct.pinterest.com
defender.retornar.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
retornar.promo
s.pinimg.com
statics.streamable.com
stats.g.doubleclick.net
streamable.com
trc-events.taboola.com
trc.taboola.com
v.embed-cdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
104.16.89.50
13.225.78.102
13.225.78.128
141.226.228.48
151.101.193.63
151.101.64.84
151.101.65.44
169.150.247.34
18.66.15.13
185.59.220.194
2001:4860:4802:34::36
23.36.163.138
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e4::ac40:a916
2a00:1450:400c:c04::5e
2a00:1450:400c:c04::61
2a00:1450:400c:c08::5e
2a00:1450:400c:c08::9b
2a00:1450:400c:c1b::5f
2a00:1450:400c:c1b::8b
2a00:1450:400d:807::2004
2a00:1450:400d:807::200e
2a00:1450:4025:401::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:8d::84
52.203.209.81
52.4.195.217
52.4.228.223
67.199.248.13
74.125.140.156
0678909458cddc493082c95f8194b140a70cdebec0049bb463c7acd26c381d11
0801dfb901425a1b7210acdbba754ac8bc11b242a077182de99717eeb869493d
08598b7112caf5c3dbbce164e9bdb770fcea8d17a264f456c7be7a8cc4d2489c
0eb2ba61ea90977a0e989606afb0a1d51e234d42b84ffa77a0626de3d1e55465
2500a85e1ad3abfc314957c3419df525e0b8689596d059ae982abb5b67677014
30fe192af174bc6a84eed3844ebe7b26fd8a7e262888d46aebf66593b1f7727f
31e06519265d670100e6c6a3a853608c2ad63cf5e77036ae4d0a70d4648b14b1
31e296862087127bde69cd0530ced5008229e24ee03a4aface7afa2cf84acb29
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e
42358034ab02462b6a97d66ff3cbf51673c8af6d7a3426f68b7e222299fc28e8
4f6b1feb94eafe8f03ff55659b8537e7abbc245723c1e040950639f83205a6af
520855c6c007590a03ff8470bdf40d5771e9f9c5660631bd5dbe896d8e619f92
56b02536841ea2e61adc057e5f8218e736427bc101363ffcae4d51ab163cf79c
57eadc3f583c849eaf0a59b808a5f3d14f01f829e7bcadab78075a896f601e7e
587aa64b5b5fe9e3a0e27af0a74362fc51a4e48812542e548ec48a08e4172bbf
5948fc6074a6614faa032b8a73ce2bf0aa3b9117b895ee61593ff610795e1ba8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
65866682cd88939fc251e85c1283dde6331a94a87d87836dc74fcb23bf385a51
66c11bc329ce7e8e89eb0a33f674d421c31d2bec5c0c7a18229d7230f2415e2b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68debada09ee578c27557f3f4360930a9efdb3e08c4d02686690ba5851c03845
69288075700fd9d1081dfe4dcb0fd8c2557d5ba32ae2d0eb59cc911f3f4eba68
6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff
6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70d6bf943f173fee1a140000d2a8f0810ee9c39043d5eb2544626af68c0eaa65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
818949cb0cb6be88db7f08bb2408c397ca09c4dd14fef516b7499631b2bf25fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83dae993127a533a389ff40bd8024c56a320d84cfae3ccc1c8744e86d63cedc6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2
917459a3aa5537aa793cd76450371e597bc53ec43816c1ff14dce8ea6bc2a08e
9f12ee7ea8ef7c34ffcabc486e0acfa5747e10ce6feab20cf38c1d3347ad6fef
a90b7a2a4a226871dedcdecf69fc5163c3246a175dbd58c819cbe2ce9352a764
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af213070c52bee2fae373230aaf03ca6e8fb6fde61142d289f57ce1413181d94
b6244e3b7c1cf8f41cfd0a805a4aaac81d34035a7d066f923e14c021882278f2
b854f7940a605c95f8b03871ae4ba01431d4424fa18901208c208d55767b55b7
bc4a19151f86de23414bc3af83217a13e353c24572d8908a41aa0a66bd97e6cb
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c200c82705bb55afc76754ccf68fc4bf3437930705d4b446447e214d3c2fdcff
c5a83bc5704c1e46edbf43280394e64a2eb3c8de15b9b2e5fcbed20904fcff88
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d8d3db080e839550ebd76d2f19ade1905db64bb8e25495b4d4d776d8b5a92331
e127c97d25e9ae8c1c89af0eb098bf6e64f32b2dae2a2fca4a507be48a3abf23
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3af7499cc4d9a9e9c2a502deb15f2afaef3f1bf99250cc5b0f2235c6e66747d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9212c7a185cbb8645c3a84b2c5b0a62046c9508377725c83e51ac01fb66668f
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33
fe559a3b388571cdecb018ede712d0f6aee7e3aa1f10a87da7bf2914dcf7ec4f
feb474414d4762c8c1ab35647ecc8da901fdd8e971eb6384a58c5a6fe2355efa

defender.retornar.com.br Open in urlscan Pro 18.66.15.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

99 %HTTPS

50 %IPv6

23 Domains

33 Subdomains

32 IPs

6 Countries

1712 kBTransfer

3824 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

defender.retornar.com.br Open in urlscan Pro
18.66.15.13 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

99 %
HTTPS

50 %
IPv6

23
Domains

33
Subdomains

32
IPs

6
Countries

1712 kB
Transfer

3824 kB
Size

16
Cookies

111 HTTP transactions
1 data transactions