retakebr.com.br Open in urlscan Pro
2606:4700:3037::ac43:8bc3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://skinsgratiscsgo.com/
Effective URL:
https://retakebr.com.br/
Submission Tags: phishingrod
Submission: On May 27 via api (May 27th 2023, 4:20:33 am UTC) from DE — Scanned from NL

Summary HTTP 156 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 156 HTTP transactions. The main IP is 2606:4700:3037::ac43:8bc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is retakebr.com.br.
TLS certificate: Issued by GTS CA 1P5 on March 30th 2023. Valid for: 3 months.

This is the only time retakebr.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2606:4700:303... 2606:4700:3037::ac43:8bc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.203.28 172.64.203.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.141.94 35.156.141.94	16509 (AMAZON-02) (AMAZON-02)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:bc24:9894:4425:647	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
156	25

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

skinsgratiscsgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:3037::ac43:8bc3 (United States)

ASN13335 (CLOUDFLARENET, US)

retakebr.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.203.28 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.141.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-141-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:bc24:9894:4425:647 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	528 KB
39	retakebr.com.br retakebr.com.br	625 KB
22	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	184 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com	158 KB
7	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3686 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	319 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1352 ka-f.fontawesome.com — Cisco Umbrella Rank: 2368	183 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	177 KB
3	google.nl www.google.nl — Cisco Umbrella Rank: 9529 adservice.google.nl — Cisco Umbrella Rank: 15742	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	2 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 729	336 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1108	213 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	715 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470	586 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 686	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	605 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	86 KB
1	skinsgratiscsgo.com 1 redirects skinsgratiscsgo.com	455 B
156	20

	Domain	Requested by
39	retakebr.com.br	retakebr.com.br
32	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net retakebr.com.br
15	pagead2.googlesyndication.com	retakebr.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	cm.g.doubleclick.net	retakebr.com.br googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	ka-f.fontawesome.com	kit.fontawesome.com retakebr.com.br
4	cdnjs.cloudflare.com	retakebr.com.br cdnjs.cloudflare.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com
2	p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com
2	p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
1	onetag-sys.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.nl	retakebr.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	kit.fontawesome.com	retakebr.com.br
1	www.googletagmanager.com	retakebr.com.br
1	skinsgratiscsgo.com	1 redirects
156	31

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
youtube.com
www.instagram.com
www.facebook.com
chat.whatsapp.com
t.me
www.twitch.tv

Subject Issuer	Validity	Valid
*.retakebr.com.br GTS CA 1P5	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://retakebr.com.br/
Frame ID: AC1B4FC213E71EA685FBADA6845C72A8
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html
Frame ID: 651545F34E328E4F12EEF47580B854FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1685149622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218799&bpp=14&bdt=1161&idt=1190&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6076852870186&frm=20&pv=2&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1334
Frame ID: 52B306D401BA5C1ED789898410890A51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=4070374814&adf=3528253133&pi=t.aa~a.647683605~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218813&bpp=12&bdt=1175&idt=1330&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Lp8K8ggSKL&p=https%3A//retakebr.com.br&dtd=1345
Frame ID: E9CC2E3E8C66424884F868242E2DAEEA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251
Frame ID: EA8DA90F7F84070C7276EB5D6ACE85FD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Frame ID: AE434658FEAE7428CCFDFE18CE6D26C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Frame ID: FE36A0B62A4E4355FE926184B9F91E48
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Frame ID: C307906CCC128345206985F83953A4E8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3764B969086430FE694C5B49EA49112B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9BD95A394DDBF46AEE664ECCC4DBA2D1
Requests: 2 HTTP requests in this frame

Frame: https://p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 9D3FB43C3868CF69779A93AA75CDD375
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F5F61A12112B4C9A7DE787E22B24DFC2
Requests: 7 HTTP requests in this frame

Frame: https://p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: BACF4A036205A1D414D01899C646471A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E32CEA7D3C35A7089A5DE2597567280F
Requests: 9 HTTP requests in this frame

Frame: https://p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: D4A119D70B5EC885E10769E559F202EE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 807EF7ACAA25B76A3751C52190C0F247
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: 4D3829A585C93FB7211B0B638E45C9A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: F89456E1D7129DADAE0339E57737E9E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: EE964FF726E740A5282A38342E4F29A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: 3FC6ACFD67CCB18C7BCFFAD9BDA92765
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js
Frame ID: 611DCF2976A28F279C83A3DE3F8ED338
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBA96CBE28FC942EBAF085780291CE4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A39C04603457839E0BB9DE6A7F34ED0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Retakebr - Portal de Notícias de Counter Strike e Tutoriais CSGO

Page URL History Show full URLs

https://skinsgratiscsgo.com/ HTTP 301
https://retakebr.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

97 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

25
IPs

6
Countries

2269 kB
Transfer

5300 kB
Size

14
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/RetakebrOficial

Search URL Search Domain Scan URL

URL: https://twitter.com/RetakebrOficial

Search URL Search Domain Scan URL

URL: https://youtube.com/@RetakebrOficial

Search URL Search Domain Scan URL

URL: https://www.instagram.com/RetakebrOficial/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/retakebr

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/KrkBiuBWUbF7NGpsijQAHP
Title: CSGO no Whats App

Search URL Search Domain Scan URL

URL: https://t.me/+Y6OHprQ6Kx4yYWZh
Title: Grupo no Telegram

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/retakebroficial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://skinsgratiscsgo.com/ HTTP 301
https://retakebr.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_GaOMIgde1u19FJ5_VEel4KsUCXqO37DFrpTULHqoQLIS8qUF-RRrOJg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_GaOMIgde1u19FJ5_VEel4KsUCXqO37DFrpTULHqoQLIS8qUF-RRrOJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A4a01DbnUxUTJMcEs1&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_GaOMIgde1u19FJ5_VEel4KsUCXqO37DFrpTULHqoQLIS8qUF-RRrOJg

Request Chain 136

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKB-G1FZT0vp4bUpZbxZ3Q8&google_cver=1&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WLw_T0Xz6WgdAoNAIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzcxMjM0NTU3MDk5ODQyMg%3D%3D&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WLw_T0Xz6WgdAoNAIg

Request Chain 137

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKkIrRaGnPZpdumFeOUcFUs&google_cver=1&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnzdO8k8ZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnzdO8k8ZQ&google_hm=eS1pbzVSQWwxRTJwSDBjT0tBOHVVeEQ5dVpCdjdPZkY1WX5B

Request Chain 139

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEjtohy7ROKG2DVjGTz3jJw&google_cver=1&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luMrjC4-XssYpXfLhvBPSX04A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEjtohy7ROKG2DVjGTz3jJw&google_cver=1&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luMrjC4-XssYpXfLhvBPSX04A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcyNjA3ODY5MDE2MDM2NjQx&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luMrjC4-XssYpXfLhvBPSX04A

Request Chain 140

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHLboX_QNDYl1Cso1kiL5Ic&google_cver=1&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6bl9V0oedF8er2NHlV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6bl9V0oedF8er2NHlV

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

156 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
retakebr.com.br/
Redirect Chain

https://skinsgratiscsgo.com/
https://retakebr.com.br/

146 KB
19 KB

522ms
348ms

Document
text/html

2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9390837a4248c6d45f067dd616505958fb71d9472d9998fabe6c46b1eba2e8d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: EXPIRED
cf-ray: 7cdb76e81c58b942-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 27 May 2023 04:20:17 GMT
last-modified: Sat, 27 May 2023 01:07:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3rEzU9e%2FB1%2BmlA4LFCHTIIkz1TgW%2FsGOuiBPfeNP8fCP3211m6W1GsskS1sTl4H0qHWEsyPyptyu%2B7qZbj57mYaoOV9epP%2BB4N%2BU4HNtU0arISEGArLeEIS4xYN3gg%2BheHRFZBeodBqn5eVf6g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7cdb76e6de5eb72e-AMS
date: Sat, 27 May 2023 04:20:17 GMT
expires: Sat, 27 May 2023 05:20:17 GMT
location: https://retakebr.com.br/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzwU9aCsb4I1zmWJrqJX%2FyRN7aCB7NAb7wmFW8JLuYLsdStIW%2FmwyyUG3AZrbdwOapuTbsnjHqiCCy6oBVF78P6cwcHxDjQlJbRWgnNISW%2BbrSft1DQPHWN5nlhPZMDQcKgDwyrfUBEZfP%2BN4OLsekJb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
retakebr.com.br/wp-includes/css/dist/block-library/ 95 KB
13 KB 59ms
43ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/css/dist/block-library/style.min.css?ver=e56b18bb81fb799a6c980decfa793be2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:15 GMT
server: cloudflare
etag: W/"17ced-6424ef0f-83a7584297b68731;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNeoTTGvCKov8Hlvn6yVFotn04MOZvKbs7XOXC62c2o%2Bhf37J4pEuDhUU3LjUoFLHkLJL7VUtW70kEBWihbnz4oKf6WtUgbANvkksrJiX7LCyKn0KEDIT510Vtyo5RdDXtw692mNdc%2B%2BGi%2BeTRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e20b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 classic-themes.min.css
retakebr.com.br/wp-includes/css/ 291 B
583 B 50ms
35ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/css/classic-themes.min.css?ver=e56b18bb81fb799a6c980decfa793be2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:15 GMT
server: cloudflare
etag: W/"123-6424ef0f-1d619428f1f70423;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt6%2BFCtOfRFjDu9aa3LVbzWJK8qP%2BPhqEZwNEs5d%2BhQvP8BOWTh%2BV0bnXoKmoRRCbcUoUM54%2FOGUG%2FWMYAj%2BHIrfbCou%2BkQiuzpGB9hN%2Bn%2FykfPnoOTsTGmN0yeBbEVVZyXrNedRk8nGbfTE2nM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e21b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 aces-style.css
retakebr.com.br/wp-content/plugins/aces/css/ 94 KB
11 KB 109ms
93ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/aces/css/aces-style.css?ver=3.0.2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=123073
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:27:00 GMT
server: cloudflare
etag: W/"1e0c1-6421ee04-e250163c548d084;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul52ioUaFnsmc9%2BhU33lNLZL%2FzmDzKRRmzTqZBTfDMyd45RKkLlo4Iy1xTL%2BYekABinAxyqgorazLuOsb4c6SHV4ziq0naTyu%2F0Kt0SErDCh1aX%2BCPPCJkTV2mg2w0D2xawQ1iCdYLAZv2V4UNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e23b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 aces-media.css
retakebr.com.br/wp-content/plugins/aces/css/ 44 KB
4 KB 57ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/aces/css/aces-media.css?ver=3.0.2

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=57778
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:27:00 GMT
server: cloudflare
etag: W/"e1b2-6421ee04-167d111755cf265a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcQKXBP25dWvrqpmZxDtubpT6W7mWY255IEzaJyL2JZdcfTnGChm%2BkZf60PXYMAja7Q2kgCe79x2D9uQxzFM0o0OWDmpihpXb%2BpqaKbX8c7jERSleVjaOBwDHrwP%2FpyVvT0sMgp%2BvY6Rcns397Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e24b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 owl.carousel.min.css
retakebr.com.br/wp-content/themes/mercury/css/ 3 KB
1 KB 50ms
36ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/owl.carousel.min.css?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"d1c-6421edfa-4863d554627da03d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoJ25Dobk2AMBlyybRfrPnV18nDfGX14GYP%2FqeGr3Q1XPgAn6zlrpnoJDNyiuObU%2FMEzVTfSF5dy8%2B6Xf0Q35iGGzhXaOrBxUo%2FQnkMOz%2BHwfHlOvS4A52tA4xpo9m4%2BQfv5UJzw%2BrubaNyVnIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e25b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 animate.css
retakebr.com.br/wp-content/themes/mercury/css/ 55 KB
5 KB 56ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/animate.css?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=73029
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"11d45-6421edfa-a75e6b3100f97be5;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld%2FjySMAmGuShIPgdsEiO%2BphilhB3j0UNYGs%2Be5wbmj5lDNkE%2BLRAAXsZ21EX9fXQS5VL7NfuZvzPbN66mMFH%2BGngVOlvxaBgKLvC76C%2B6ohvF188v%2FKrD7VwiBaiU5WfHAE6DTj0deUfdpsDTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e26b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 style.css
retakebr.com.br/wp-content/themes/mercury-child/ 30 B
562 B 57ms
44ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=244
alt-svc: h3=":443"; ma=86400
content-length: 30
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 03:10:26 GMT
server: cloudflare
etag: "f4-642b9522-1fdbed6c2e55b5a4;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlJiJV%2FIbnnlXWVcQLwGBcjRbQa8Q14uOxbhc7Kde4VS07Gtuv%2FTAyaB4tc4ET%2B3HJteJKy1EGd0bp5aE1GCCrhqSM8TU7zXZZ06nHeGCZ7VkuODJNyl%2BI8L7Z0CPpv71cW9pGFTxD%2Bjvy1OeT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ea7e27b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 media.css
retakebr.com.br/wp-content/themes/mercury/css/ 32 KB
4 KB 106ms
93ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/css/media.css?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=46386
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"b532-6421edfa-58c6138c8e18b1b0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oK4ZowQ6M80tC24mhbMt1dFeoxDVZS2TkBpmE8Th4IdqWDu4pYw9xN6lSbH85XL%2BxX8gP39eMsOGPWhu2ynp6awxmVKv0WRjnOfw%2BCVfkcxnsxw2RA34HkLWY8rC%2FvSNZOStogZX6K5GS148e4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e28b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H2 200 default.css
retakebr.com.br/wp-content/plugins/tablepress/css/build/ 6 KB
3 KB 55ms
38ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bc19ce27e7fe54728be0d4489cf683005fd6f522bbf6391a681d7d2d8d3f190

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56275
cf-polished: origSize=6091
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 13 May 2023 15:24:13 GMT
server: cloudflare
etag: W/"17cb-645fab9d-3880a06f3013e5b9;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9KG4tfeI2yZyBOtVGYxHwnyEp1nKxSa4fkFj6D3GgqO2Fpj195uCEWmDziQ1g4vlEpWo7DOr3%2FKY1l7KY5n0QBgq7rusvnqAB%2BuxP%2F6qakofV3sgSW0G5axK%2Bwl6em%2BB131sgxDDvukvywrwTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ea7e29b942-AMS
expires: Fri, 02 Jun 2023 12:42:21 GMT

GET
H3 200 jquery.min.js Show response
retakebr.com.br/wp-includes/js/jquery/ 88 KB
32 KB 82ms
62ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22810
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:13 GMT
server: cloudflare
etag: W/"15ed7-6424ef0d-a202606482b836f;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkXe4XUGfrFlgWsuzAQNqPuDqAOOHNE2xbGBmYa%2FkVHERRBLkuZUqlfh%2Bi53kFFFDnQEBFAabPR8aOcRAcwgozCMzJ7gR6REB95BHWNEuWa3kSkfAr%2Furhk8wS8Tx5Ut%2FjJqxhIpkxvAg0yJaSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a2f0a5b-AMS
expires: Fri, 02 Jun 2023 22:00:07 GMT

GET
H3 200 jquery-migrate.min.js Show response
retakebr.com.br/wp-includes/js/jquery/ 13 KB
5 KB 56ms
54ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:08:13 GMT
server: cloudflare
etag: W/"3470-6424ef0d-45da20ab2e1221a1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2By9se8Obkw2KkV4B%2FVfj6958R0JBT3xx6FkXAyyVOXlYtyb2K8kaME9fKMZbuw8yZrjtjfty9Bf3EpFeP3EZMjWjWrPkmtC%2Bd8VM67MUOJR%2BECVpRFYb43ooQonmhkJzk07jeeRcpgXWsSibEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a300a5b-AMS
expires: Sat, 03 Jun 2023 04:20:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
86 KB 716ms
125ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc5dc900ee1d90f5f275c4d97cfc884a02288a1e1789ad2751ed1a4ef91f6e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 May 2023 04:20:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 517ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f4d7afe64e1fbaa00453b6821924e2db2dce2356c7d1fdd83d36b13194655c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47686
x-xss-protection: 0
server: cafe
etag: 12654996089833391021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:18 GMT

GET
H3 200 retakebr-banner-1024x256.webp
retakebr.com.br/wp-content/uploads/2023/04/ 18 KB
19 KB 477ms
475ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/04/retakebr-banner-1024x256.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 18904
last-modified: Tue, 04 Apr 2023 00:46:14 GMT
server: cloudflare
etag: "49d8-642b7356-6f8ec2e5b7474627;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pbmln%2BjTeRAFEVlNekOK58if4aVDodIABWsyGtNKfu3XyKcpsLreEh0fO7KcY8xNTWpNn8C78gnr7kLUTRa7svp2P6qWU90lMuKKQw4T24BJ%2BfI56Ez7LxRZoZhVx6FiuILzPg1wjsz4V1YBtk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ec6a310a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 203ms
46ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1936052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10480
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp%2BuX4QjwzC4VNcHXUlEvQRa%2FgLT1sM%2FyZdWBKG56OTX%2Bo4xWXmHXWPMNvFwMwApcOzl7hSDD5QSW6BaSNLtHqv4I%2B51Rhr8HWjiD9bgy052G2x0a%2FkMDgh5X87aUQhakV2JkQj88uPSEgsj8C%2B9DJfc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cdb76ec6f7c0ead-AMS
expires: Thu, 16 May 2024 04:20:17 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 5 KB
2 KB 435ms
433ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/theia-sticky-sidebar.min.js?ver=1.7.0

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"1539-6421edfa-4e89c14b03ce7373;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGoSMHgxRi1%2B9ltR99O9LQ%2BcqRVDVbu0wugN3mIPzbSgkGHZwhut%2BCaELRWJwMJvW6rGjT56LAnSDzLa0fYu9JWuEFbtFQeHeeOy7FvNSMnNJ7bhy%2BSx4bEr4oiVvHn%2BXnS3KZ5%2B1Q8sCRHSMhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a320a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 enable-sticky-sidebar.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 154 B
726 B 435ms
434ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/enable-sticky-sidebar.js?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24834ede2021cd5e7283d2a952c6718c6fffd165d8ab9df907f4222a113429b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: origSize=163
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"a3-6421edfa-bd8b7cc8ce36b68d;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuI%2FSL%2BHnTlSHSTmI2E4SARiZRtQV0EWJi8kjd4GVUnPy%2BLsGqdOvwN1GKsSVX1ZrMTF9jvf5s0TOx%2BxN1SJxYMyZfkJgbpchvgV7yW2TGdgBifptEe9aN9LDY3wsvTqNWcTVg%2F7aDRp%2B0XJz6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a330a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 owl.carousel.min.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 43 KB
12 KB 436ms
434ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/owl.carousel.min.js?ver=2.3.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"ad3c-6421edfa-868beac867979c08;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qd7UkhtyeUSfEsJUiPRvnMmea5va4%2Btw%2FSWeGIWupmynD9klArFmu%2B7ss5%2FUtrxYlo52tVvXJPRbtFr71%2F%2FgBusGKo7YpEBczH%2Ff63XeqG0ih4WntDkIFFkAggTfihW%2BFr%2FrnLnXL1go8vtTrwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a340a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 scripts.js Show response
retakebr.com.br/wp-content/themes/mercury/js/ 2 KB
1 KB 443ms
441ms Script
application/x-javascript 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/js/scripts.js?ver=3.9.3

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9f78e62b4aac470f7f556dd4a64ba9ecac44c9d7d2a77c2e6110af3a965e73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: origSize=3189
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"c75-6421edfa-e2106fce3cedcaea;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p773AOUWd1JYAtAU9sSLeT%2BjpRw9QqtmJUIiEo5oBuSp9%2F8PUosb2zABGW04an2Oijx1Fu3UqDvHgeOcnlwQcMs8YV5w2vCuz4wN7zp7SVCzN1hsVZsxVXnldyoarDh4cNjGQMXFG1TGHRavdRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76ec6a360a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H2 200 23b8c66013.js Show response
kit.fontawesome.com/ 11 KB
4 KB 538ms
0ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3c90f680934dbc839cb5833ef8d9c564b9b8fede36556aa9ff5763e68638bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 25
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7cdb76ef78d10e4c-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2KnGnEED2rxWsKSAfQB

GET
H2 200 style.css
retakebr.com.br/wp-content/themes/mercury/ 79 KB
12 KB 99ms
89ms Stylesheet
text/css 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retakebr.com.br/wp-content/themes/mercury/style.css

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c9153238ebae510bf92081cf17483ba20599129cede0b01702d8a94e44c32fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/wp-content/themes/mercury-child/style.css?ver=3.9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:17 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56295
cf-polished: origSize=104087
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Mar 2023 19:26:50 GMT
server: cloudflare
etag: W/"19697-6421edfa-354857155dafb3c3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzb%2Fjjy2Hac8MJmibWiRb5MG1GHv5ZEDVPaax5%2BF6rlzfWNfT6%2FGeCy9GCzcxN3IIkSjl2KvK7bRCRgcvAqBkB5XeoXeem5oByEsrOmw7T%2FJfmftmOYVNaiGKMlKlhoEKuYmd5hnEfmjEjqfT6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7cdb76eb8f05b942-AMS
expires: Fri, 02 Jun 2023 12:42:02 GMT

GET
H3 200 counter-strike-ver-recebeu-beta-teste-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 11 KB
12 KB 302ms
273ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/counter-strike-ver-recebeu-beta-teste-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9283da2e751b87954d841234edcf98362dcaf3a9a86b6bd41a24fe9ef0312de7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 11442
last-modified: Fri, 26 May 2023 19:02:34 GMT
server: cloudflare
etag: "2cb2-6471024a-46da4325cbdc0189;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTmCGdzlc8q3DB87KmsEAejs3UjIfNl6sT0C2txNCD8waq8ZiKtaAXBlpXbMNSgP89SwUWPdLCrZWSQNr6szFfOdE60YpyxzLo9G%2BG3p2LESDLXXvManmXR3dzMAx5PuloAqe%2Bx%2BrqP6bpEGt0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b010a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 imperial-vence-paqueta-bpl-14-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 25 KB
26 KB 525ms
497ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/imperial-vence-paqueta-bpl-14-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee9005359098035e3fc63381d4b0724505336da48d8347a4e7ff36e0684a803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 25914
last-modified: Fri, 26 May 2023 12:14:00 GMT
server: cloudflare
etag: "653a-6470a288-4ede557ee8697bd4;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyocN%2FzgmMFQn5qmoo2O35tsbmq4dlTuA8QZYe1205XXvgfDC16EynpFl0Y8nGUFZnRWBCathEb94PzEZQQeLScSJmvHBTWj4osl4UzI4Z7rQJslSujrXvZj%2Bh0sxZW3CpRx5RNcix5S0e9z4Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b020a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 tres-jogadores-em-mil-moeda-diamante-paris-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 45 KB
45 KB 878ms
850ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/tres-jogadores-em-mil-moeda-diamante-paris-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a140616a83dd9f2c8c7e195783f8b26195869c0683f638d910e25c343e655728

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 45740
last-modified: Wed, 24 May 2023 19:58:04 GMT
server: cloudflare
etag: "b2ac-646e6c4c-9ef7c4e610561f05;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9m22CqmTCdPCcKTGRRhXDWAidYpQqMxFcS86VXUbshwfTeCdBMmd4Nh0%2B5BsorKOZRMs1xeQVTjlf9jbqhQVQsB9ky1KhJSWUd7A4vRyHXK%2BgkhJdo8uQp5UjX0DMhslBFaTrV%2Fp%2FacJpI3iZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b030a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 gamer-legion-rank-mundial-csgo-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 30 KB
30 KB 1072ms
1044ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/gamer-legion-rank-mundial-csgo-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc47f83d8db3b854fab128ab2eaaa3d215bc197385af0f44f0d0c6505e1b8eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 30212
last-modified: Tue, 23 May 2023 21:14:15 GMT
server: cloudflare
etag: "7604-646d2ca7-1b7b8cf931ec37c6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7wcDiQuXhHcUxW7JkoCUblBCcH3EA1GoK93FziVFgECu1miVR7Z4v0cw42wGILNBYAPuybRU3bwV%2FI6NVmGPzSdjT8tKRNRXYPv%2BsqsyMGi7qihRaYQVesXW2Ux0Nuu99L7o1C3wfgc7PFSYXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b040a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 ganhando-faca-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 20 KB
20 KB 1358ms
1330ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/ganhando-faca-major-paris-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

383428bb18e321f6f4f3b1454c2de670b998bb71bb17a4b577e92037040514a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 19994
last-modified: Mon, 22 May 2023 22:19:16 GMT
server: cloudflare
etag: "4e1a-646bea64-99eedd2ff4c8b4da;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OziPEFgikxEOUiNZDAX3iqvMdLIke8mzyiOSPAfGllmezynPtnL1MQV2JaN708OWAPG7oWOCS3PntKs03cVjgnZvIXAzTKweNsApR8JzG0fKngKMBzDtKJgNEX5lCXhcdit6p927S88ALP%2F%2B8gc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b050a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 zywoo-nasceu-mesmo-dia-que-counter-strike-foi-lancado-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 30 KB
31 KB 1514ms
1487ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/zywoo-nasceu-mesmo-dia-que-counter-strike-foi-lancado-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8307fd6552610f48be147cb8336f9cd2f4c973bfddcc067be079f7106a5997

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30848
last-modified: Sun, 21 May 2023 22:25:10 GMT
server: cloudflare
etag: "7880-646a9a46-754d166e114b1f94;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwtMNO%2BjoI9RyJo1%2B3b02StG8%2FWSWe5q8cpEJTP56qMndnRnV1p7ZxbTtCv2I%2Fv9zfaYxxDRIalM4vofPllK%2BP9UqpkXVF1%2FNV7PG6pD0P5UiNQ9CCMOBQYJYiHM6NiMWHRZxxjI%2BCZ%2BXRSh8BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ed7b070a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 207ms
122ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1580124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB6GgkPu4%2BtC6G1ty0TwFDTyukHx%2BWwtC9k8VDaXuaa4%2BwiTWPkqhjLnKAK43fOE6QMQXGGFso4b4vkrtHjvigb1443kW1skGC8KQM6A9mT9Fj6jviydai27ZyYz%2BiTJzG%2BqaOHXwoO7FXSWNE%2FVHtXC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cdb76ee5c9d0bbf-AMS
expires: Thu, 16 May 2024 04:20:18 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 217ms
131ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 641504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzlzXha%2Fnv3Ozq7p6g%2FJwJ6ty847L0NUnTcaRqhucJVsBtXGbijye6jaEWgB2CCYDMtj%2BDw2UC05p4Kx7gfNxLykr5wFsYUK3sze3qbjX1i6M55HLHgdHi6xeqXAlvBdRbNikeyAwuEwzGrF4YUrH5vs"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cdb76ee5c9e0bbf-AMS
expires: Thu, 16 May 2024 04:20:18 GMT

GET
H3 200 vitality-gamerlegion-final-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 51 KB
52 KB 1420ms
1361ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/vitality-gamerlegion-final-major-paris-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80f670ee29f941581b8bd15fef3881bf1e189333c8f36a213ac818d67db61a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 52320
last-modified: Sun, 21 May 2023 19:36:07 GMT
server: cloudflare
etag: "cc60-646a72a7-ffc9cdc29270f4b8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URgLP6osofCUoezntlEqjRubkkQTRUiSULLxkYCJPLl2XtXMrJUmlJ4g5OoMf1jGuPuMDsa3FxBABH1gfvErwTsqcgcoNyMfr9LDtvSS9Y7sDDDKpnJ4hBvlwS5kMdbMZI8%2BZwgjaJKhEubmeYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ee5bac0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 showmatch-csgo-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 31 KB
31 KB 1560ms
1501ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/showmatch-csgo-major-paris-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b51ff190b98a0d5347dacd68cba7c5a8281d6e06b53afa0587d7241a9a8ebe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31498
last-modified: Sun, 21 May 2023 12:44:42 GMT
server: cloudflare
etag: "7b0a-646a123a-bcc26d68a7d18608;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjvxEXMGYy9TG%2FwQApgC6NSi42z5hxGuG0UrntQe9f6nj1VBe1PJjc0j5W5AjgX8jqylV%2BsgOb7tto8nq8Nb3d8Ga2ThFS5FfjM0LxLR1qeaK%2BoeukzyS5Kfx1ZjafNsIG5QD8nsmvV4sboeytg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ee5bad0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 vitality-vence-apeks-major-paris-2023-450x450.webp
retakebr.com.br/wp-content/uploads/2023/05/ 37 KB
37 KB 1658ms
1601ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/05/vitality-vence-apeks-major-paris-2023-450x450.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f7bc3f8a8a8bcd9c721166ff8bcaa46ae94cf4b7d3aa8c9ec1c7b91198f009a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37448
last-modified: Sat, 20 May 2023 19:26:54 GMT
server: cloudflare
etag: "9248-64691efe-9987ca31578d5998;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhOmUdS9StkER1GXiie43FcOV4BrfWal4fOVY%2BJluZvdgX0gQdDlkEeW8VatdpZc1Y9xLNa4%2BbfN%2BdXuhPHd%2Fg2ZR6jwn0KiXItuX94Pe7FOyJ4Y4oxKdjBTpfULXZ7MbnQYWEs9LrJQmw58vsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ee5bae0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 como-aumentar-som-passos-cs-go-450x338.webp
retakebr.com.br/wp-content/uploads/2023/04/ 25 KB
25 KB 1503ms
1459ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/04/como-aumentar-som-passos-cs-go-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 25410
last-modified: Sun, 30 Apr 2023 21:01:15 GMT
server: cloudflare
etag: "6342-644ed71b-8cf45a7130ea749;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHpc3puPQK5Uddmi2ukcfeylKItA7FkP%2Bgv4c85jyrttJJfOAL7%2BEDitUpR9fMKzWNufQdXNMw8eGC4aq6dtM7DVh8wXY8%2Ff34SZwI8b8JtygZ1n8CktCXq6Qw%2BULsISUy%2F1v%2FNyJSu4EgrZoQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c6f0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp
retakebr.com.br/wp-content/uploads/2023/01/ 26 KB
26 KB 1581ms
1537ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/como-trocar-microfone-no-csgo-sem-alterar-no-windows-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 26522
last-modified: Thu, 13 Apr 2023 22:13:41 GMT
server: cloudflare
etag: "679a-64387e95-4c803c798c5e4dec;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPMsVYLj82LR9k4V4E2E6fah9181aCn9ubn0yhON2FJtkAfqoY9W9jd2GhUbqvtabpl6AxjgZY84xeJ2ZjkjObmI93sfqvDHT0Rff4jE9WOMQIJ8jzsQz0ObCTt6s5MXMm%2F59pF%2BRRjmtdMrU8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c700a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 aumentar-volume-microfone-time-no-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/ 18 KB
19 KB 1592ms
1547ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/aumentar-volume-microfone-time-no-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 18738
last-modified: Fri, 21 Apr 2023 16:37:37 GMT
server: cloudflare
etag: "4932-6442bbd1-57a6c93dafccb4fb;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcAvPLkOFZNA80z1jYe9%2Bc55QrxPyBiBBavM7J0nmdBWjNViUyOphPRh39nXsxs96kecVfcLORaSi3f%2FGM5LuMxsX8WRl%2BtkQ%2Fo%2Fr%2BPgiFQMURwTj3ksIETYZwmhZXBmH9H6Q6bwGa34dLDy04A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c710a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 desligar-musica-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
8 KB 1623ms
1579ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/desligar-musica-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 7680
last-modified: Mon, 23 Jan 2023 21:36:23 GMT
server: cloudflare
etag: "1e00-63cefdd7-d4f87ae7a3eaeee8;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgMEe9Gv5LkauGxpkZlOmeisBnaXRuYwijzkzFrE7%2FXYJezdTGDmXYhHjl0Py%2Fcl4jv5C94MFDG6V5Zt6p8fxvTqXyM3XTmp7veyQ3WPzl%2B4Y5%2BdgfuAk6XN4L8t1DbtTjVmD3970Q%2BF0M4DRgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c720a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 audio-background-csgo.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
8 KB 1638ms
1596ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/audio-background-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 7788
last-modified: Mon, 16 Jan 2023 23:19:59 GMT
server: cloudflare
etag: "1e6c-63c5db9f-412a71b58ee34e26;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25BHFXKZVUDSTdE8VhxYbGtQGHn2Fj631amyRgvZqk%2B4EgZkJLqriiqf7JLQkIwjlraQWSdtBUC7%2B8j39MxgVyb2iP9B%2FKT8GvHtGiT7WjzFJZABnwvbMQVnvZC74YbwqVFmgbiZufaL2I67IyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c730a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 falar-cs-go-mudar-tecla.webp
retakebr.com.br/wp-content/uploads/2022/09/ 7 KB
7 KB 1664ms
1623ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/09/falar-cs-go-mudar-tecla.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 6932
last-modified: Sun, 15 Jan 2023 18:08:36 GMT
server: cloudflare
etag: "1b14-63c44124-fa9e59a6964abbb6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ll3QGbYmAA61PrxrJx7S9YcRhMpWoY0ydG2RoMz8Yq0dRtcSkff0oeegNU5c7Ty%2FR0xISHUR4wvEFxOHsQdwkShxMmbQwYphLU7XYZCLG8%2BJPlghPkGCoviFk6H4twp24o7GEfvn7BoTkaWNB%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c740a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 soltar-bang-pular-csgo.webp
retakebr.com.br/wp-content/uploads/2023/03/ 31 KB
32 KB 1665ms
1623ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/soltar-bang-pular-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 32140
last-modified: Sat, 18 Mar 2023 20:02:54 GMT
server: cloudflare
etag: "7d8c-641618ee-bfc59dbb1379d1f0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54gurjdXMBhMXne2YUyD9J4gcP6cExiRsiGrvjku6%2FCjPJYdwoc%2BmIaCyDfO8c76EoEbILXlZpkgfFNzFoN6OqCacvw10tFe6BAnhfQelBy2tuNvvRAU2xmdkvNJjMXyNjlVwMTjxWJOaRKW%2B9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c750a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 como-salvar-executar-cfg-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2023/03/ 18 KB
18 KB 1678ms
1635ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/03/como-salvar-executar-cfg-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 18026
last-modified: Thu, 04 May 2023 02:43:33 GMT
server: cloudflare
etag: "466a-64531bd5-3f00d3a41b5ae6ac;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YtJ%2FPWB%2FizdM6d3%2BU%2F0l6nYJkyY2IV0CDfwQMJj8BCQvYXqlSKQfUpdg1OqU%2FeIZO%2FVcvcPRg59uA%2FYmt0WGwAgCARQCIUPb30sekGXvjNFUF63V1DnTULVdgI%2BXsVIfF4OkVtHhro1nM%2F%2F1t0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c760a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 comando-auto-kick-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/ 8 KB
9 KB 1684ms
1639ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/comando-auto-kick-cs-go.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 8594
last-modified: Wed, 18 Jan 2023 04:35:54 GMT
server: cloudflare
etag: "2192-63c7772a-e8cc0aebad869d6b;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdrFvy8NTZpDazPTyzfux%2BYn9jT6s99lJK4QNrXE7yld%2B2MsB4acLFT1kGGHvNG4RYVvhvGy%2BnAxOt3jFmFxmWVm07gm654E%2BKNgOuzRy6Q7AlIC6p4j6Szj0HDMlu7%2FLF4isBx%2B%2FLA00qdVwA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c780a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 alterar-posicao-arma-cs-go.webp
retakebr.com.br/wp-content/uploads/2023/01/ 17 KB
18 KB 1688ms
1644ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2023/01/alterar-posicao-arma-cs-go.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 17884
last-modified: Fri, 13 Jan 2023 21:44:29 GMT
server: cloudflare
etag: "45dc-63c1d0bd-2420b76058c79312;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX8HTy4QjrCJJWlGbbXkIIB1mQOydLrnBjwK79em7bOJXPsdlWiCklMYNqmkpoPw8JQtyOnqfw6o2%2FMOfKuAowCXXkkJEZf8R4gy8zcekfjEOW89xVJhUSheLd3TgikAMEirpLfrIMO8d1lwIlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c790a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 alterar-mira-csgo.webp
retakebr.com.br/wp-content/uploads/2022/11/ 7 KB
8 KB 1768ms
1724ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/11/alterar-mira-csgo.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 7204
last-modified: Tue, 17 Jan 2023 00:11:43 GMT
server: cloudflare
etag: "1c24-63c5e7bf-8d419fa656077d95;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtLLPPwhD4BJ2M26IHj%2FRyz1QK0Bj2XDHsxfqql%2BIt4XJIAJa4lK98p29L2HeVO1kNfL%2BbTL1yyJMtS2baElwBK1EEL1MYJqe9iE%2FykJ29bB9k0yKIoVC8UVHA8Yqg8mOPInusUvAbpUBE87AZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c7a0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 aprenda-ativar-comandos-faca-csgo-450x338.webp
retakebr.com.br/wp-content/uploads/2022/10/ 15 KB
15 KB 1769ms
1724ms Image
image/webp 2606:4700:3037::ac43:8bc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retakebr.com.br/wp-content/uploads/2022/10/aprenda-ativar-comandos-faca-csgo-450x338.webp

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:8bc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 15218
last-modified: Sun, 30 Apr 2023 12:12:47 GMT
server: cloudflare
etag: "3b72-644e5b3f-9534afeed2e33fbe;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GQMOqT3usKVZ6TSqx7taqTvpzXvyRdzUq6IJWQrRGdU4LBzfsuXsF89IY6GB9Gj6s6lLlIkNPl2pE9cFXRlVib3hzKPkvL2weRespnIPzRnU5AI7pNkMMpIW%2BOMniO%2B9A%2BYTQoJLBVnIgpiP8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7cdb76ef4c7b0a5b-AMS
expires: Sat, 03 Jun 2023 04:20:18 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 13 KB
14 KB 224ms
182ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:18 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7951858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRvMe8%2BLjBEZ%2FHOF6ycWlc5CbzAOFKwwYxlGgzRg5YsvoNcn%2BzfvXVkuNVnqoPiun9wb6ANtFDvSial1%2FLrkc%2FXy3xKkm6IURSdXxyPnAXijvPbM8HslKiuTcI3d8yNXtI0gojzespLFg7y75VIP6V6C"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cdb76ef5d730bbf-AMS
expires: Thu, 16 May 2024 04:20:18 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 675ms
0ms Fetch
text/css 172.64.203.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=23b8c66013
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/23b8c66013.js?ver=5.15.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:19 GMT
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 53236
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh%2F81QwXXej4gs%2FIZKYYJlXH13SBqGRtRja9NCbhy7M8DlDl8bYTp2btU3zsfBWDpNvwkk51ng5YCY2tLyxH8cr2dwfupJt4Z5UgN6hjWGSjr04lWShAl3ROPrPrICzW%2FR6Gc2DHjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7cdb76f44d290c39-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 3xqB5NN3UyD9eTTlaEciLt8WzJDduL2xWuUDllydnTmDQOR_3eWnHg==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ 350 KB
118 KB 623ms
308ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da0ca601c72ca1e38aeecc831839ff4e6b06fa91ccd7b6ab24307e9ddb6da5ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120275
x-xss-protection: 0
server: cafe
etag: 8394423017344741976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/ Frame 6515 10 KB
5 KB 478ms
0ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3637999307044405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 79377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 06:17:22 GMT
etag: 15057649708203361565
expires: Fri, 09 Jun 2023 06:17:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 443ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DY10Q8W48M&gtm=45je35o0&_p=927622281&_gaz=1&cid=220751736.1685161219&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685161219&sct=1&seg=0&dl=https%3A%2F%2Fretakebr.com.br%2F&dt=Retakebr%20-%20Portal%20de%20Not%C3%ADcias%20de%20Counter%20Strike%20e%20Tutoriais%20CSGO&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://retakebr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 459ms
55ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DY10Q8W48M&cid=220751736.1685161219&gtm=45je35o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DY10Q8W48M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://retakebr.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 616ms
43ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DY10Q8W48M&cid=220751736.1685161219&gtm=45je35o0&aip=1&z=1540379075

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 205ms
47ms Font
font/woff2 172.64.203.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:19 GMT
via: 1.1 96e04892ec84a7161914f66c3ba3b5f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 53236
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdF3%2Bqwm4wnpyQyhI70lxTRLqpUi3XUuZ14ySO6kKCxneYbqdj9Q0AW8SDkMrTMNnAN5dYt2ZEHDxEigD%2FIQJS6oMHtwpCzbsVM1Y4tfqRXAf7fp5MwiSmUS7Lc7P8NyajthMwUV0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7cdb76f77f5d0c39-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: AOVIf_wjhwRbns6t4mcgtmPOLiWu2HzNitTNTF33E8ZRGlJXCGnXZg==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 295ms
138ms Font
font/woff2 172.64.203.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:19 GMT
via: 1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 53236
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDeVVOgbEkJYdtghx7yMc50opJJBmHFVi0ao5LJ%2BTBUhnrCCd9UljNkL3WKrOZayhrh%2FyxhTAQ7glJjbn0bGVTZetfOTM8jboAzDbMjY%2FYgpD%2FLODvNmhTNsflOAc1znmMLwNvrD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7cdb76f77f5e0c39-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: VlM5Lqx12LTtQo1rSiMd0It9SYV4M7u8trKW58oWyXs2zA8roYMEeA==

GET
H2 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
13 KB 272ms
138ms Font
font/woff2 172.64.203.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: retakebr.com.br
URL: https://retakebr.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.203.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://retakebr.com.br/
Origin: https://retakebr.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:19 GMT
via: 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 53236
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lqBHAvuV%2F16%2FppSRpsFUSt%2FY%2FRO2%2BL85zxrY1DMdB5qk%2FvmTFOcFRXkEwRZVcQs06J%2BE%2FQaTyI7GbFbCP5N6%2Fe0vmNu1LY9%2FdgWWoBVhr8uGd5VzvLxnKF%2BU6WCcdaOtAgabjncWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7cdb76f77f5f0c39-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cghmSnJRgYpuq5BqbHTkTJOZSElHrwIBt075nH66q6lLJnxHuOvCFw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
605 B 504ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=retakebr.com.br&callback=_gfp_s_&client=ca-pub-3637999307044405

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3637999307044405&plah=retakebr.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661e8381049f0d799423f26d05d89ace36fd706c1cd69057cb36cb8169f458a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 480ms
70ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 485ms
77ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52B3 513 KB
88 KB 669ms
501ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&adk=1812271804&adf=3025194257&lmt=1685149622&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fretakebr.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218799&bpp=14&bdt=1161&idt=1190&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6076852870186&frm=20&pv=2&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1334

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

937d661c232ad55a055dacd3e0168dd5f7ada70015e0291e969266345d9a2946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 90369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:20 GMT
expires: Sat, 27 May 2023 04:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9CC 94 KB
34 KB 585ms
424ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=4070374814&adf=3528253133&pi=t.aa~a.647683605~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218813&bpp=12&bdt=1175&idt=1330&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Lp8K8ggSKL&p=https%3A//retakebr.com.br&dtd=1345

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae09beef8439669a02d0670406b0d2f98d7da606ccd1a99010c7561decd5ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34154
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:20 GMT
expires: Sat, 27 May 2023 04:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E9CC 6 KB
1 KB 306ms
88ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=4070374814&adf=3528253133&pi=t.aa~a.647683605~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218813&bpp=12&bdt=1175&idt=1330&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Lp8K8ggSKL&p=https%3A//retakebr.com.br&dtd=1345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 May 2023 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 May 2023 03:16:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 May 2023 04:20:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E9CC 2 KB
945 B 356ms
187ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E9CC 0
0 130ms
129ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTpreBIVxZI_vH834gAfV2LrgDNGqvaFw-7mHto4Roty_oNQBEAEgtITxVmCRhKCFjBigAaCuo_gDyAEJqQJv032CXv2xPqgDAcgDywSqBPMBT9CmyMJUMWW7gNheNcxhO4XC98cUOKlryEjdHDCwsxNEq2ukbddkHh7q8JOnoZFmIh2N4__vA5HEf8t2sI60wTegINg0C8YBgp0shmo3HOJnSqfEB9tWI5kia0SJJarSMcRqoeylzCJAPqnPp_6a7l26hQFXnleZKWf5VET4ByHBy6kwK2zIfQSDSiKG2Mkb3YkF9E4ML4xctrgO0mwm65kerzGgjSLXSqPHaBUpxpFKBZRcG2Iw9P0Rq9gjprltJWYlf2lPgDNussD8bN22NoqUg2iSf_hSDgCoDbKprvdhXVpZn5EVOpkYz_I2CypfcR20wAT9jfDsoASSBQQIBBgBkgUECAUYBKAGLoAHyNHcB6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJnib9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=uUXEFE-OF0Y&uach_m=[UACH]&cid=CAQSGwBygQiDUHoQ_d2QEuIYMZJRa9IQgll5VFIq6hgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=4070374814&adf=3528253133&pi=t.aa~a.647683605~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1200x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161218813&bpp=12&bdt=1175&idt=1330&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Lp8K8ggSKL&p=https%3A//retakebr.com.br&dtd=1345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 May 2023 04:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 May 2023 04:20:20 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4899579512681812521/ Frame E9CC 17 KB
18 KB 314ms
202ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4899579512681812521/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e21575c30edabe7ae67190ef3bee54e641fb1133ab508a091e77f8360b90fec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 10:52:35 GMT
x-content-type-options: nosniff
age: 408466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17608
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 15:46:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 May 2024 10:52:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2954329010225500972/ Frame E9CC 3 KB
3 KB 313ms
203ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2954329010225500972/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4c1c19143a505db8389be038e8576d71b662c261de8bb7f2e53fdd897a2ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2870
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 15:16:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 May 2024 04:20:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame E9CC 22 KB
9 KB 108ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E9CC 3 KB
1 KB 266ms
188ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame E9CC 19 KB
8 KB 260ms
183ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9CC 171 KB
54 KB 1320ms
189ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:22 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame E9CC 32 KB
14 KB 587ms
45ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/ 152 KB
51 KB 342ms
341ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305230101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86dd3d0a87dbd52a109a8acd0515e4e7e97b325d47fe0646a949fbb9304ca206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52648
x-xss-protection: 0
server: cafe
etag: 15372753981321233245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 136ms
78ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 147ms
89ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=retakebr.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA8D 112 KB
38 KB 874ms
721ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b146457ad48a5413f9922e1333f706d61a4df299c8b85d80fb95e57ada051b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 38670
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/ Frame AE43 10 KB
4 KB 582ms
521ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 63484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 10:42:18 GMT
etag: 15057649708203361565
expires: Fri, 09 Jun 2023 10:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/ Frame FE36 10 KB
4 KB 587ms
533ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 63484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 10:42:18 GMT
etag: 15057649708203361565
expires: Fri, 09 Jun 2023 10:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/ Frame C307 10 KB
4 KB 587ms
533ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 63484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 10:42:18 GMT
etag: 15057649708203361565
expires: Fri, 09 Jun 2023 10:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/ Frame 3764 10 KB
4 KB 563ms
510ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 63484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 10:42:18 GMT
etag: 15057649708203361565
expires: Fri, 09 Jun 2023 10:42:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E9CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 211b071e6797e4ef1cf207e376bb02141d6358c49d056b26d7e1be45d405fdee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3764 0
0 317ms
202ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrXFpBIVxZNrlIJXjywXhwKOYDoKZrZJO3-bYrZEBysW54IkXEAEgtITxVmCRhKCFjBigAbmq5tQDyAECqQKp7BX6JoayPqgDAcgDyQSqBPgBT9DtYDZf4zs04KdaWOFh8UR8xWywjuOZ6iKb3cJAXeEJIKFAnavNrVFy3Ogx6aRvJljg-eWrmkkQ6Qs9ERaB53I7MXT31n7Js02bFerMsndOCkIdJX7WPoWQQ8UiZ2sHtkC3h1OXBiaNcleBfYLi6oKcXUIaLwyYtRkh5XGDOmKU1JVBKNDHnULIn_YbJIcR_Le3gf9HbRgVNWUquYJlBfCQ8BATmCp25pvo-9FUeBnep05_OF-e3aajn3YRnFp5Eml8sAfrFcKv0MUYnlkCQCvFqyAoTTEBdI5BIhbqndAslBA4Nwd91AUE2QLxOhW9eL2CKqrQGovABPfot5UekgUECAQYAZIFBAgFGASgBgKAB6_VmSuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCs_wjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTM2Mzc5OTkzMDcwNDQ0MDUYAA&sigh=-azSmo9eVCc&uach_m=[UACH]&cid=CAQSGwBygQiDAnJFoN4ly41_rBMedgCRgZ74cAdJ0RgB

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 May 2023 04:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame 3764 22 KB
9 KB 248ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 15148277043045106378
tpc.googlesyndication.com/simgad/ Frame 3764 12 KB
12 KB 254ms
98ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15148277043045106378?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlnfT8GFniaNGeuyPsAKWuERdgfng

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9135bc0281749d9a076f68198179f017e33b26cbdba591f97f711c8fe93313c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 05:43:18 GMT
x-content-type-options: nosniff
age: 427025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12672
x-xss-protection: 0
last-modified: Fri, 30 Mar 2012 17:28:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 May 2024 05:43:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 3764 3 KB
1 KB 252ms
97ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 3764 19 KB
8 KB 247ms
93ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3764 171 KB
53 KB 276ms
122ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame 3764 32 KB
13 KB 254ms
100ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4191ea25678783efb243db64a21ccabb4f11d7b278bcc3cb8ab71eea98243d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 15:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13062
x-xss-protection: 0
server: cafe
etag: 7527544058023842442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 15:29:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame AE43 4 KB
767 B 195ms
118ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 May 2023 02:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE43 205 B
519 B 189ms
112ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 00:57:13 GMT
x-content-type-options: nosniff
age: 12190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 May 2024 00:57:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE43 604 B
695 B 188ms
113ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:52:19 GMT
x-content-type-options: nosniff
age: 23284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 May 2024 21:52:19 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/ Frame AE43 20 KB
8 KB 226ms
151ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 16:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 16:20:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FE36 2 KB
926 B 168ms
151ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame FE36 22 KB
9 KB 157ms
152ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FE36 3 KB
1 KB 157ms
154ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame FE36 19 KB
8 KB 156ms
153ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE36 171 KB
53 KB 214ms
211ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame FE36 32 KB
13 KB 131ms
129ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame C307 2 KB
926 B 144ms
143ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame C307 22 KB
9 KB 246ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame C307 3 KB
1 KB 202ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame C307 19 KB
8 KB 201ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C307 171 KB
53 KB 242ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame C307 32 KB
13 KB 230ms
50ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EA8D 14 KB
1 KB 230ms
90ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 May 2023 03:11:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame EA8D 2 KB
892 B 202ms
84ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame EA8D 22 KB
9 KB 203ms
83ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame EA8D 3 KB
1 KB 286ms
197ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame EA8D 19 KB
8 KB 237ms
118ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EA8D 0
0 446ms
13ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdWIHPnnyEqWBKCfFx5qE93f11VcRVsE9xn4UF2Yzf-8OEEms6vLOsu_e1FG6RlV9L99wdezOD4LuDwKk4n-lJbjw-_Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA8D 171 KB
53 KB 205ms
96ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame EA8D 32 KB
13 KB 211ms
122ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EA8D 0
0 250ms
160ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx3rBBoVxZJTJEpiD-gaV5JWQAdmK8-hw1r-It8ERt5Xqp5UOEAEgtITxVmCRhKCFjBigAe_V9bEpyAEJqAMByAPLBKoE8wFP0Gg6QR-dlFOD11Dox7kDOmvsgSCmyVlhBRX9vynIf0TKiXiwcAQiWWiHRzA0fvC-qKbv8GKeSU0jF4fLZnZcKDtbLBEufaFJg-r6BIKOl3ShC6ZIypu-gXS0ycZLBYAbitf7hgib2SGZY0I31jMT7kHPrz5bTexrPP9R8Tv3IedRWm5yuTx339MpxPVLEx0bC0LIETelym79EhpChxzYm1tFaPcG8CumZ-5muiHlZT56a3yiAbvEu1velQKeHf6pKhYgAC79iIewY5IXdEz5SCxDtv3ESqB2buBt7ZUnVSH1LJqm0dWTAQKw2jV3tRqj5ETABP7Gt9CkBJIFBAgEGAGSBQQIBRgEoAYugAfvjcaRBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEK27BNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzYzNzk5OTMwNzA0NDQwNRgA&sigh=0gSMEz4qAaU&uach_m=[UACH]&cid=CAQSOwBygQiDIR-Vg_SUEZCHfqgeA225JfxhGW6ZNbVI8Q1i6OPUD5TkAbWuTCPy2ZRQDZELn_0mJheotvMIGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 May 2023 04:20:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11205677252522489071/ Frame EA8D 38 KB
38 KB 230ms
142ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11205677252522489071/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f88e392eca95d811c73bf8826a040653b65c6cc12a329840c9a6711a08f1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:22:23 GMT
x-content-type-options: nosniff
age: 561480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38412
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 11:16:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 16:22:23 GMT

GET
DATA 200
OK truncated
/ Frame EA8D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EA8D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E9CC 15 KB
15 KB 554ms
179ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 564930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:24:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E9CC 15 KB
16 KB 504ms
135ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 558968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E9CC 15 KB
15 KB 508ms
139ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 94446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 May 2024 02:06:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BD9 143 B
166 B 163ms
89ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:10:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 9D3F 247 B
867 B 535ms
192ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

de8d8437f18c58721a072923552ccea7826b192c956e11a794508da80aec99c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-n5__jUnmFgoPERgDaeXtqQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3764 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0f53ef96b0771fd3117059a3b933628a48966e45d063e644743bd7c9c184f4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame F5F6 14 KB
1 KB 206ms
143ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 May 2023 03:22:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F5F6 2 KB
892 B 204ms
140ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/ Frame F5F6 22 KB
9 KB 204ms
141ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:16:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F5F6 3 KB
1 KB 205ms
141ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 20:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:36:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/ Frame F5F6 19 KB
8 KB 204ms
141ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 14:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:09:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5F6 171 KB
53 KB 206ms
142ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 04:20:23 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame F5F6 32 KB
13 KB 206ms
143ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H2 200 redir.html Show response
p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BACF 247 B
870 B 339ms
70ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

09bcffe58663d75cd6256f20513abd433861bf6579137e690bdce8ebb2c8fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-WAUgFr2INvxO6xQSz0kCeA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E32C 1 KB
643 B 200ms
111ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 64007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Sat, 27 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EA8D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47139db8f86aa650581b70a6d305cedccd1bcf9f89112b759dd25eaf0f556a75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 redir.html Show response
p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D4A1 247 B
869 B 293ms
52ms Document
text/html 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

a02c721ec6fce71553733fdafd7d141a160a0fcf4cc6043da9a3dbeee12daf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-ThNKRAJqeY8qdU-nSFrWdw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9BD9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

220ms
209ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
expires: Sat, 27 May 2023 04:20:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 807E 143 B
166 B 211ms
141ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:10:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EA8D 33 KB
33 KB 114ms
63ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 292266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:09:17 GMT

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D38 37 KB
14 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 17:44:50 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E32C 35 B
464 B 289ms
29ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPT9bJt1qZuCauFuYj3Bb04&google_cver=1&google_push=ATf1kGPXDlBGpUD9wfLvLiWLTO2uZJEmw28xpGFsLGaHYWPqXEJEF3kvj0_DJJpWgiLz0zItqzyLcCfnrMqqxQvAxrg4SXI4Lnlq

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E32C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A4a01DbnUxUTJMcEs1&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_...

170 B
232 B

70ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A4a01DbnUxUTJMcEs1&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_GaOMIgde1u19FJ5_VEel4KsUCXqO37DFrpTULHqoQLIS8qUF-RRrOJg

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 May 2023 04:20:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3A4a01DbnUxUTJMcEs1&google_gid=CAESEJ4hzpp50QHiVU7czoNM85E&google_cver=1&google_push=ATf1kGOmNKNGEMxBLBfbCRIBR3cOCxxYt98_oXTMlCElA-_GaOMIgde1u19FJ5_VEel4KsUCXqO37DFrpTULHqoQLIS8qUF-RRrOJg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E32C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKB-G1FZT0vp4bUpZbxZ3Q8&google_cver=1&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WL...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzcxMjM0NTU3MDk5ODQyMg%3D%3D&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WLw_T0...

170 B
232 B

74ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzcxMjM0NTU3MDk5ODQyMg%3D%3D&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WLw_T0Xz6WgdAoNAIg

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNzcxMjM0NTU3MDk5ODQyMg%3D%3D&google_push=ATf1kGNzK448HHMn29vKhOGNxqEOVSk_qsUSSLJaDS6FFey2y0GaTw4Lb6RcYs6_uh8x3_hmM5ZP3jeOC4U1WLw_T0Xz6WgdAoNAIg
Date: Sat, 27 May 2023 04:20:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E32C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKkIrRaGnPZpdumFeOUcFUs&google_cver=1&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnzdO8k8ZQ&google_hm=eS1pbzVSQWwxRTJwSDBj...

170 B
232 B

71ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnzdO8k8ZQ&google_hm=eS1pbzVSQWwxRTJwSDBjT0tBOHVVeEQ5dVpCdjdPZkY1WX5B

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 27 May 2023 04:20:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP2SAuiwbEg4ECiO9bL_PBwROJx7myy2qnSe-Y3-ZSfRSgvt-tkZfH3R6SSNzuMKjKek8Z6F95NBAdn3X5_cVAGmnzdO8k8ZQ&google_hm=eS1pbzVSQWwxRTJwSDBjT0tBOHVVeEQ5dVpCdjdPZkY1WX5B
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame E32C 42 B
213 B 291ms
32ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGauS0nSCfewzOgYf02nPz4&google_push=ATf1kGOTzHa0jbXJaOPV28091tjknVjxSjJfxjJVTvfhaNq0_FwlMH2nhSsVrmphU8QdbxGSenFpe1bocL2IEuR-_2aVIi3c9QiZFw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3637999307044405&output=html&h=280&adk=3898301053&adf=4031081881&pi=t.aa~a.3733467095~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1685149622&rafmt=1&to=qs&pwprc=9407726405&format=1170x280&url=https%3A%2F%2Fretakebr.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685161221311&bpp=3&bdt=3673&idt=3&shv=r20230523&mjsv=m202305230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3eeb24d6aa623fe6-22a8562aeedd00a1%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ&gpic=UID%3D00000c39e003c962%3AT%3D1685161220%3ART%3D1685161220%3AS%3DALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6076852870186&frm=20&pv=1&ga_vid=220751736.1685161219&ga_sid=1685161220&ga_hid=927622281&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44788441%2C44789779&oid=2&pvsid=1348408954018906&tmod=1006298390&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=c5FxHgADG9&p=https%3A//retakebr.com.br&dtd=251
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:24 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E32C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEjtohy7ROKG2DVjGTz3jJw&google_cver=1&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEjtohy7ROKG2DVjGTz3jJw&google_cver=1&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcyNjA3ODY5MDE2MDM2NjQx&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luM...

170 B
232 B

71ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcyNjA3ODY5MDE2MDM2NjQx&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luMrjC4-XssYpXfLhvBPSX04A

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTcyNjA3ODY5MDE2MDM2NjQx&google_push=ATf1kGOeHab9UMdSob-YktnCfgRIpxob62b_lMI7Xnzr1Bg_vD5JagKQPQ9vIx6lSqTZ3Se3yk2E6luMrjC4-XssYpXfLhvBPSX04A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E32C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHLboX_QNDYl1Cso1kiL5Ic&google_cver=1&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6b...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6bl9V0oedF8er2NHlV

170 B
329 B

71ms
71ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6bl9V0oedF8er2NHlV

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGPu-jTYgsiG0q_5eVTzmQfRgdeVO9Vr_UkVjjXMu1pYyxZz7WbDnJnX35s_odTXa4Xv6Qcj-l9Lwy6bl9V0oedF8er2NHlV
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E32C 0
139 B 321ms
70ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHSXgMsibJyvwt64uvwmUKL2Wkz31ZTjw6V7Umat7gTJwlht_YLiCFVWxZxZH49IaboU5o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 iframe.html Show response
p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 9D3F 5 KB
2 KB 113ms
63ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

79418b332e02cb10747ffa043f054a02ee30be9a5769c6f6249cc9737ac675de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-n4JIYjYY6grt9ExRK97N8g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BACF 5 KB
2 KB 96ms
63ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

3f591441a5883a0d363d02ee1431083d3127020ac99a7968623e8be4ac4c187f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-7NKsi-Uiij1s-rXd8s5QRg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 807E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
69ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:24 GMT
expires: Sat, 27 May 2023 04:20:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame F894 37 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 17:44:50 GMT

GET
H2 200 iframe.html Show response
p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D4A1 5 KB
2 KB 49ms
41ms Document
text/html 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

sffe /

Resource Hash

233fc6f953d17234a62e69028ebc4ed719a2ef1e25472442c78f8dcb77211a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1984
content-security-policy-report-only: script-src 'nonce-ehqua1IFhde0ELifyKgHjg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame EE96 37 KB
14 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230523/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 17:44:50 GMT

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FC6 37 KB
14 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 17:44:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
78ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230523&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eae98c9efd5b61655e2c5c6f32e1963a8448bbb77c53b07901ecd306ab8c9288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11161
x-xss-protection: 0

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 611D 37 KB
14 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: retakebr.com.br
URL: https://retakebr.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 17:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 17:44:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 May 2023 04:20:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3764 42 B
64 B 120ms
119ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstq0K6cYIMXb2lOfsT32jP3UwfPksEgwM0477P3JuO4PG5f4teKsRs-IfE4msJugJepIS4_Ct2xa-Q6d1w01YIPj2ej9wa03iwyin_XvtWeqm4ElyY2vJ4nj67rlzn0iHyBVOJz5g&sai=AMfl-YQzi_3ld5wJxauynKo-5QkMSxusySlSRrrRUIM1oMbAa7Y_-NmLNrWz4KHS0wBEztWGnYW13Bzsktnf&sig=Cg0ArKJSzD-8CXuu8IpXEAE&cid=CAQSGwBygQiDAnJFoN4ly41_rBMedgCRgZ74cAdJ0RgB&id=lidar2&mcvt=1044&p=0,0,83,646&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685161222175&rpt=1166&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBA9 13 KB
5 KB 67ms
66ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 27717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 20:38:27 GMT
expires: Sat, 25 May 2024 20:38:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A39C 783 B
536 B 71ms
70ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ebe353c8a30bee8f9f40f1d30d210d1b069a89bd2967d3575e676e3285cd09c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1_qtjs77Arj_XCjL369ppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retakebr.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1_qtjs77Arj_XCjL369ppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 May 2023 04:20:24 GMT
expires: Sat, 27 May 2023 04:20:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _V7JEwjyKa7lL6_ZBczMp1aEsJ9qFSV12I84yuCmKHE.js Show response
pagead2.googlesyndication.com/bg/ Frame FBA9 37 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_V7JEwjyKa7lL6_ZBczMp1aEsJ9qFSV12I84yuCmKHE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5ec91308f229aee52fafd905cccca75684b09f6a152575d88f38cae0a62871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 16:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14775
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 16:41:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A39C 0
0 101ms
101ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230523&jk=1348408954018906&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9CC 42 B
64 B 100ms
100ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNsn0XGH7Nyc7U_bMgsrgCQHFPHOlcDuNvCg8nD5ArVsxyWVfqvH7g7pNazl1bfgRZUR1zEgQ8VFAHVM0OWdv6koqWCRYSgXjsZl7npDH57zDDHyIXXVuegQMjVPMx6bvaNJHu2Q&sai=AMfl-YSbFksvuPJXiK1OdiIQ9sQmG1ooKyq-dGqE-bOCAgEW9aOQjw1dmlRQd0EU90GcXSqHAVLogpZ-XTcX&sig=Cg0ArKJSzLxzo6FQiCdbEAE&cid=CAQSGwBygQiDUHoQ_d2QEuIYMZJRa9IQgll5VFIq6hgB&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4070374814&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685161220171&rpt=3700&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 May 2023 04:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FBA9 0
10 B 70ms
68ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?904khw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 04:20:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 103ms
101ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230523&jk=1348408954018906&bg=!aWqlaj7NAAZu7ficTu07ADkAdvg8Whp_ui1sZxaIzMowXX9f3k7OfbIucoBEJrhuzbph8d2e3Nwu19Q7bKed_jplSyqnq0iC_GwCAAAAm1IAAAAJaAEHCgBN2yJWHGBmZyaTNY-aayHUuPTuCQ93ifr-lqmFQElOrK3HaJw9hG2IlKx5xvEy42HMMl4fcz9lB482aRJcZDGH2t0VHXPYeMCjkyINf7GZAqQiYgW38C4TJ811G2qmbWtCR0icyX2vSfYAiz2kyl29Z3fmnwHEjlj-Sy-vluy222U_yXDXkgDAqNv7vSWG9svhockiu_8EeVRT1bXo1kDxgna7sHxImpkgea7avYXZHzhVr1bdIQqZARORMjH4BJj5Di1Ile5KHDituXuVuwbmk1W5CKxfSQcQGUlTPLw4-ljVjZy3o-xVMfhnsXbTD6vJD8FsidQvWsQhPxpGfuReMUyW4qPfMAgS8MShITKlzXFKYtyZ7CHL9W0qYO7xm4BwZer-DCi07ovjl6n4Mf4D_kXl00BgZvygG7MrTdiaLdi8gWgEICobnQUUmNA1e_tLV7z01LASFNnU0UFENZqBkzC7sis4R8H49K8zx_C2MpWZ6RL4AzjRPu3Btdtra-eiL-csOCyryBmHUDZtYaU_x9pCet1OV8b0khwN1_EVBFHNSbQJegEOMmQcfd2pkb1Vl40zyvqXQCiihpvVkQjiydzXYOd5FcNytZtrp9rdqWo2JdhJvY-F21zt6NTRLGDDW8DmM_PiBjcH-lFJFn_HYZBwu-KFvRbfNbtDoUOwbSb58Sk1XkXzl_uu4XPR5zi2YKa5DJyj4CrDj-NglfWMP_NFgNsPqFXwLPG6M5pLb6lecGQY88m_e8FE5xjps3dYLPSTv1_PY3R96rMtFGgWefQj6Ce5pKzxe9E8VkDRwnwu24lto2U9zpthNDCiDm2g40apJge6f6uq9OPvFo2e83TygQmSEj1Ej9Qp-7C9FOzTVaAdLvAzvN4BlF219M025L0I0YJRvLVUtjRN_IELJtLdhFxPjcUbpM7hvkLNm5EaG-BtAmB_bV_miQ67NK4X2e7X_xiHrYJ2Z-Uuuk4FODJeSqjYfOBiYegMuF54R3yTwwIY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://retakebr.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.retakebr.com.br/	1970-01-20 21:42:01	Name: _ga_DY10Q8W48M Value: GS1.1.1685161219.1.0.1685161219.60.0.0
.retakebr.com.br/	1970-01-20 21:42:01	Name: _ga Value: GA1.1.220751736.1685161219
.retakebr.com.br/	1970-01-20 21:27:37	Name: __gads Value: ID=3eeb24d6aa623fe6-22a8562aeedd00a1:T=1685161220:RT=1685161220:S=ALNI_Mb6-6Gquk6cXfT9klf_k1dH5BQ_eQ
.retakebr.com.br/	1970-01-20 21:27:37	Name: __gpi Value: UID=00000c39e003c962:T=1685161220:RT=1685161220:S=ALNI_MZeUyIvebBXTgniAhdtUIhL6qTYnA
.doubleclick.net/	1970-01-20 21:27:37	Name: IDE Value: AHWqTUkxdeKDmupOUbCEolqHpwLrWk2zaZrbMby6Y4pUHMTq485Hb995rCU0bcpUb2M
.doubleclick.net/	1970-01-20 12:06:04	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 14:15:37	Name: UserID1 Value: 7237712345570998422
.quantserve.com/	1970-01-20 14:15:37	Name: d Value: EDoBCQGLKYEA
.quantserve.com/	1970-01-20 21:36:15	Name: mc Value: 64718508-34d23-48a34-3ff10
.w55c.net/	1970-01-20 21:37:42	Name: wfivefivec Value: op8kMCnu1Q2LpK5
.yahoo.com/	1970-01-20 20:51:58	Name: A3 Value: d=AQABBAiFcWQCEBeAVk1-gbkn8AyhahbExP4FEgEBAQHWcmR7ZAAAAAAA_eMAAA&S=AQAAAt8tHffB5wqdm-4qKSYZN_o
.adform.net/	1970-01-20 12:50:39	Name: C Value: 1
.w55c.net/	1970-01-20 12:49:13	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 13:32:25	Name: uid Value: 572607869016036641

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
odr.mookie1.com
onetag-sys.com
p4-ae4vzu5vcvjiu-zbfyiqf3xswjki2d-if-v6exp3-v4.metric.gstatic.com
p4-h3nci7glxndom-zzpxnqyvnw4pmea5-if-v6exp3-v4.metric.gstatic.com
p4-hdu6anrbk5yo4-m35wmvvwyzazo3yi-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
retakebr.com.br
skinsgratiscsgo.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.181.227
142.250.186.130
172.217.16.195
172.64.203.28
2001:4860:4802:34::36
216.58.212.163
2606:4700:3037::ac43:8bc3
2606:4700::6811:180e
2606:4700::6812:1634
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9d
2a05:d018:d29:3601:bc24:9894:4425:647
2a06:98c1:3121::3
34.160.236.64
35.156.141.94
37.157.6.243
51.75.86.98
85.114.159.118
00d95d227b9bd0dd83e85e3d500df081df39b06ede70693bf1d6947b00f510a4
05d34e3820421019e1d3b4ad2ba7d03f0a0a74f94664f4393cc07730c8f7abbb
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
07545caaf9707de642e908cbfe3197e4ccfe99b88162aa3913c7e85f59191de2
09bcffe58663d75cd6256f20513abd433861bf6579137e690bdce8ebb2c8fa74
0a4c1c19143a505db8389be038e8576d71b662c261de8bb7f2e53fdd897a2ead
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d9f78e62b4aac470f7f556dd4a64ba9ecac44c9d7d2a77c2e6110af3a965e73
1e3c90f680934dbc839cb5833ef8d9c564b9b8fede36556aa9ff5763e68638bc
211b071e6797e4ef1cf207e376bb02141d6358c49d056b26d7e1be45d405fdee
233fc6f953d17234a62e69028ebc4ed719a2ef1e25472442c78f8dcb77211a7a
24834ede2021cd5e7283d2a952c6718c6fffd165d8ab9df907f4222a113429b2
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2bf77546bc9628aa693ac5ea212bf8b326821fe39959d50bda9f9d045f5e5c6c
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df9f992edf7d3f27925721d4a1a36948fff0ae353161cd6dc2bf1c36c9b091f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
383428bb18e321f6f4f3b1454c2de670b998bb71bb17a4b577e92037040514a6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cc47f83d8db3b854fab128ab2eaaa3d215bc197385af0f44f0d0c6505e1b8eb
3f591441a5883a0d363d02ee1431083d3127020ac99a7968623e8be4ac4c187f
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
43876c523ee036ff6d78a4b8dd69f8be38b6d1d73347d55f0bb2d6453b1b7489
4478b0cc063a5f2d2a75a157441109535f517fbaadf2040b80899eb3b3e9c697
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47139db8f86aa650581b70a6d305cedccd1bcf9f89112b759dd25eaf0f556a75
483726921f3750500b585e5aa13db1ec1a46147ad86d06fbc6b2350eb72b3703
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4c7fe9f4b7e2cbaeadf56a93f537dfe760444ddbc081a7d12aa5c97c98cafce9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f0fefab783abd19bc1b6c4f9dedd620764d243d141165603c77bb5152c231c0
4f4d7afe64e1fbaa00453b6821924e2db2dce2356c7d1fdd83d36b13194655c6
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fcc2befcec256bcdd3d1eeabca1b401002665ddb249e467cbd7fbcc0eaa4bfe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6de242265cf0c8ac812427bcfafd48416f1deebf9164d4185be216b6d3081cea
71f45fa39b9e00c82913d3a7a044af7536baba93519cc84ccfd346c4895cb2f1
756de73dc6eb6c5c7f71a906ddc4e66109aed9d56312c92c18a880ce0fe7e86a
79418b332e02cb10747ffa043f054a02ee30be9a5769c6f6249cc9737ac675de
7ebe353c8a30bee8f9f40f1d30d210d1b069a89bd2967d3575e676e3285cd09c
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
86dd3d0a87dbd52a109a8acd0515e4e7e97b325d47fe0646a949fbb9304ca206
8b146457ad48a5413f9922e1333f706d61a4df299c8b85d80fb95e57ada051b6
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8ee9005359098035e3fc63381d4b0724505336da48d8347a4e7ff36e0684a803
8f7bc3f8a8a8bcd9c721166ff8bcaa46ae94cf4b7d3aa8c9ec1c7b91198f009a
90d7576832821a0cf5e65e08e3a6929066acbb9acbdec4738dec82ee3d6982eb
9283da2e751b87954d841234edcf98362dcaf3a9a86b6bd41a24fe9ef0312de7
937d661c232ad55a055dacd3e0168dd5f7ada70015e0291e969266345d9a2946
9390837a4248c6d45f067dd616505958fb71d9472d9998fabe6c46b1eba2e8d9
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc19ce27e7fe54728be0d4489cf683005fd6f522bbf6391a681d7d2d8d3f190
9c9153238ebae510bf92081cf17483ba20599129cede0b01702d8a94e44c32fb
a02c721ec6fce71553733fdafd7d141a160a0fcf4cc6043da9a3dbeee12daf03
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a140616a83dd9f2c8c7e195783f8b26195869c0683f638d910e25c343e655728
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b944d9cb4994adb53037b8db6236c81f01cf625887764529fd46a36d8b72d6e9
ba8307fd6552610f48be147cb8336f9cd2f4c973bfddcc067be079f7106a5997
bb626d44b2d3d3176c26616eaca12cbc52e9cfe88b708d90a08b9e66f5f8630a
c2b51ff190b98a0d5347dacd68cba7c5a8281d6e06b53afa0587d7241a9a8ebe
c3f88e392eca95d811c73bf8826a040653b65c6cc12a329840c9a6711a08f1ef
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c9135bc0281749d9a076f68198179f017e33b26cbdba591f97f711c8fe93313c
cae09beef8439669a02d0670406b0d2f98d7da606ccd1a99010c7561decd5ab6
cc5dc900ee1d90f5f275c4d97cfc884a02288a1e1789ad2751ed1a4ef91f6e90
d661e8381049f0d799423f26d05d89ace36fd706c1cd69057cb36cb8169f458a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da0ca601c72ca1e38aeecc831839ff4e6b06fa91ccd7b6ab24307e9ddb6da5ec
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcea90dfd1c1d7d57e77b5317974a45b1856500e8d786e4b847298fd59ca1024
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
de6b6cb1a984b0e3418ec8185b8ad7df7c97ea54897f2061da48e9e972f5562d
de8d8437f18c58721a072923552ccea7826b192c956e11a794508da80aec99c8
e0f53ef96b0771fd3117059a3b933628a48966e45d063e644743bd7c9c184f4e
e21575c30edabe7ae67190ef3bee54e641fb1133ab508a091e77f8360b90fec5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80f670ee29f941581b8bd15fef3881bf1e189333c8f36a213ac818d67db61a1
eae98c9efd5b61655e2c5c6f32e1963a8448bbb77c53b07901ecd306ab8c9288
eb4191ea25678783efb243db64a21ccabb4f11d7b278bcc3cb8ab71eea98243d
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eba13b7c4c968c8dadceece567382a3e6c9acaf68d961d0f90ab5f31347534e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd5ec91308f229aee52fafd905cccca75684b09f6a152575d88f38cae0a62871

retakebr.com.br Open in urlscan Pro 2606:4700:3037::ac43:8bc3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

97 %HTTPS

67 %IPv6

20 Domains

31 Subdomains

25 IPs

6 Countries

2269 kBTransfer

5300 kBSize

14 Cookies

8 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

retakebr.com.br Open in urlscan Pro
2606:4700:3037::ac43:8bc3 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

97 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

25
IPs

6
Countries

2269 kB
Transfer

5300 kB
Size

14
Cookies

156 HTTP transactions
5 data transactions